|
Posted by David H. Lipman on March 12, 2008, 4:40 pm
Please log in for more thread options
| Hello David,
|
| On Tue, 11 Mar 2008 21:19:14 GMT, "David H. Lipman"
|
>>
>> < snip >
>>
>|> So I decided to do a first thorough scan with Avira after making the
>|> necessary settings in the program and... it found a virus! In
>|> C:\Windows\System32\prjChameleon.ocx it found a pattern of
>|> SPR/YFlood.A.3.
>|>
>> < snip >
>>
>> Please submit a sample of "prjChameleon.ocx" to Virus Total --
>> http://www.virustotal.com/flash/index_en.html
>> The submission will then be tested against many different AV vendor's
scanners.
>> That will give you an idea what it is and who recognizes it. In addition
Virus
>> Total will provide the sample to all participating vendors.
>>
>> You can also submit a suspect, one at a time, via the following email URL...
>> mailto:scan@virustotal.com?subject=SCAN
>>
| I wanted to follow your advice but there seems to be i little problem:
| how do I submit this quarantined file? A short inquiry into Avira
| Antivir program settings does not hint to a possibility to submit
| quarantined files to other destinations then to Avira-boys themselves.
|
| Any advice?
|
>> When you get the report, please post back the exact results.
|
| Massimo
It is an OCX file and is not executable.
Temporarily disable AntiVir and restore the file. Then move the restored file
from its
restored location to a different location (e.g; c:\ ) then submit the OCX file
to Virus
Total's web page.
Note the orginal, restored, location in case this is a False Positive.
Then, re-enable AntiVir.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
| 
XML Sitemap