olrsubmission.exe

my mother decided to scan her computer and it came across this OLRSubmission.exe as an infection

its its cyberlink powerdvd from nero 6 and i scanned the other 2 computers that have nero 6 on them and avast pick up the same file im thinking its a false positive but i figured id ask here to find out

so does anyone know if its a false positive or not or should i worry abit more

just so everyone knows my mothers computer isnt used that often she mostly goes on face book one of the other computers is only used for solitaire and poker and the one is a gaming computer

You can submit the flagged file here, http://www.virustotal.com/, for starters.
Post back the results.

how do i get to the file when its in the virus vault

You should be given a list of options by right clicking the file in chest.

Chest is in the GUI maintenance section.

yeah i submitted it to avast that way but how will i know if its a false positive or not once its submitted will they tell me or what?

I’m unsure as to how they handle informing the submitter of the file.
This is why I recommended VT, as it would give you a more immediate answer. :wink:
Still, good its submitted to Alwill, nonetheless.

yeah well i couldnt figure out how to submit it to that site cause the file was in the virus vault and i couldnt figure out where the virus vault is besides the gui

Prevx file info - OLRSUBMISSION.EXE
http://www.prevx.com/filenames/571808888855065-X1/OLRSUBMISSION.EXE.html

Check for Malware with Malwarebytes Anti-Malware 1.46
http://filehippo.com/download_malwarebytes_anti_malware/
after install click update so you are scanning with latest database
run quick scan, click the remove selected button to quarantine any infections found
post the scan log here

i use malwarebytes and it didnt pick anything up just avast did

Here you go:

You could also check the offending/suspect file at: [url=https://www.virustotal.com]VirusTotal[/url] - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect* That will stop the File System Shield scanning any file you put in that folder.

If only GData and avast detect it - GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP.
Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.

nmb

Prevx also classifies firefox.exe and taskmgr.exe as malware:
http://www.prevx.com/filenames/X463470545119034194-X1/FIREFOX.EXE.html
http://www.prevx.com/filenames/X133843890529458319-X1/TASKMGR.EXE.html
so it’s much better to rely on VirusTotal

my guess is that the analysis guys at Prevex knows very well what " firefox.exe and taskmgr.exe " is and that this is not the real one…
see under ALIAS

dudes right notice how there a .html after .exe

still doesnt tell me wtf that file is or how it got on 3 computers that do 3 different things and one of them is only poker

dudes right notice how there a .html after .exe
yes....Prevx website....html

well i got an email back from the company cyberlink they said it was a false alarm

Today I checked the quarantine and the false positive was corrected!