hello,
i've got a file that i suspect. it is an exe (for example's sake, let's say somefile.exe).
when i run kaperksy to 'scan this file' it skips it! kapersky's status of the scan tells me that it skipped the file and the reason was 'by rights'
i have no idea what that means, and their website/help is not giving me any further insight.
so, i changed the name of the file to somefile.exe.txt, and rescanned. it seemed to understand that the file had packed componants, and unpacked successfully and scanned the innards of the file just fine. it didn't find any threats.
however, what bothers me is that the second i rename the file back to a somefile.exe... i can no longer scan it! what is going on?
i can scan other exe files just fine.
in fact, when i try to upload that one particular exe file, kapersky's online file scanner acts all goofy as if i hadn't submitted a file at all. i've submitted other files to their online file scanner and processed them just fine, so it's definitely related to just this one.
anyone have any ideas what might be happening?
thanks
For the sake of argument upload the file to Jotti Scan
http://virusscan.jotti.org/
http://virusscan.jotti.org/
"Object is locked skipped" or "Access Denied" notations in a scan -> This is normal as a files are locked by the operating system or running programs during use for protection, so scanners cannot access them. The Object is locked skipped detections are normally not malware nor are they infected. Skipped a file for reason 'by rights' can mean you are not running a scan as administrator and do not have permission so the scan skips that file.
oh wow! when i tried to submit the file to the online virus scanner i got the following error:
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
that mean that i've got a virus currently running on my machine? oh poop.
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
that mean that i've got a virus currently running on my machine? oh poop.
Try disabling your Firewall and resubmit the file to Jotti's malware scan.
Did you physically search for and confirm the size of the file?
Can you provide the specific name and its location on your system?
Can you provide the specific name and its location on your system?
hello,
thanks for replying
here's the summary and answer to the various questions:
firewall shut off
i did check the file size, it's not zero.
when i change the extension to .txt i can upload it fine
the file is located at the following:
S:\_____ck 4 virus\INFECTED.exe.txt 140,288 bytes
i can't upload it from any machine (tried 3 different computers - arguably they could all be infected)
i have successfully uploaded other .exe files to various online virus scanners and the system didn't hesitate at all. worked fine
i have avgfree installed and it has a heart attack each time i try to touch the damn file LOL
and, yes, i did shut off avg and try to upload the bizarre .exe file (i shut off virus protection via the control panel of the app, and then went into task manager and killed all the avg processes manually)
so, now i'm thinking that exe file has some amazing trojan/virus/malware stuff in it, AND that i am infected with something
the file should NOT be locked by anyone and in fact, i can change the file name without problem. except when i called it a .exe file, then things get really weird. i haven't run the file, and for safety's sake, have the file renamed to a .txt extension to keep it from executing by mistake.
i'm wondering if there are any good debuggers or monitors around that would let me see who's locking/touching the file?
thanks!
thanks for replying
here's the summary and answer to the various questions:
firewall shut off
i did check the file size, it's not zero.
when i change the extension to .txt i can upload it fine
the file is located at the following:
S:\_____ck 4 virus\INFECTED.exe.txt 140,288 bytes
i can't upload it from any machine (tried 3 different computers - arguably they could all be infected)
i have successfully uploaded other .exe files to various online virus scanners and the system didn't hesitate at all. worked fine
i have avgfree installed and it has a heart attack each time i try to touch the damn file LOL
and, yes, i did shut off avg and try to upload the bizarre .exe file (i shut off virus protection via the control panel of the app, and then went into task manager and killed all the avg processes manually)
so, now i'm thinking that exe file has some amazing trojan/virus/malware stuff in it, AND that i am infected with something
the file should NOT be locked by anyone and in fact, i can change the file name without problem. except when i called it a .exe file, then things get really weird. i haven't run the file, and for safety's sake, have the file renamed to a .txt extension to keep it from executing by mistake.
i'm wondering if there are any good debuggers or monitors around that would let me see who's locking/touching the file?
thanks!
Hi audre
Download this program:
submit files packer
Highlight the file you (want) and right-click and selecting copy.
Then start the file packer program and right click in the white box and select paste to paste the copied file names in the field.
Then press the Continue button.
I will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.
Rename this file to yourmembername.cab (for example grinler.cab).
Then go to:
http://www.bleepingcomputer.com/submit-malware.php
and fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.
Stelios
Download this program:
submit files packer
Highlight the file you (want) and right-click and selecting copy.
Then start the file packer program and right click in the white box and select paste to paste the copied file names in the field.
Then press the Continue button.
I will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.
Rename this file to yourmembername.cab (for example grinler.cab).
Then go to:
http://www.bleepingcomputer.com/submit-malware.php
and fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.
Stelios
hello,
i've uploaded the cab file per your instructions!
thanks so much
i've uploaded the cab file per your instructions!
thanks so much
We will see what Grinler has to say!!!
Have Patience!
Stelios
Have Patience!
Stelios
Farstone Driveclone Pro v3.0 keygen program
Norman is showing it as W32/Delf.AXIP.
Norman is showing it as W32/Delf.AXIP.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.