CIMA - am I downloading it correctly

My NOD 32 antivirus has said that I am possibly having a threat. It states it is possibly a varient to win 32/adware. agent and each time the size is exactly the same with the same varient.

I am going into the NOD32 log file and copying the said possible threat which starts [ C:\ and ends in…ocx ] and then pasting this onto the CIMA line - one of the lines says process - failed - but the assesment is that it is not a threat. Am I doing it correctly .

I don’t think CIMA is capable of analysing .ocx files.

You could upload the file to one of these sites and see what they report:

thanks toxteth,

I tried the middle one , but it says that “0 bytes sent , possibly firewall or malware stopping it being sent”. I tried virustotal and it seemed forever to down load the file , so what I have done is send my suspect ones via their e-mail address.

What are .ocx files anyway ?

I’m sorry to hear things didn’t work as expected, but hopefully you’ll get a reply to your e-mail.

Alternatively, you could upload the file to Avira\Antivir. They will send you a confirmation immediately after receiving the file and you’ll get a final report, after the file was analysed.

These guys are very fast. Usually the final report (which clearly indicates whether the file is infected or not) is send within 1 or 2 days. If you want 100% certainty, this is the way to go (because the file is actually analysed, not just checked by scanners).

What are .ocx files, you ask? I can’t help you there.
This should explain it, although I still don’t understand. :smiley:

You didnt understand!!! - I stood no chance, I read it 3 times and even took a copy to my local takeaway in case they understood the language but they couldnt help either - bring back old fashioned “plain English”

I thought about it and I believe the fault probably lies with me . I thought I was downloading it correctly by copying the offending line on the log report and then pasting it onto the scan sites. so I think I am just pasting a line of text? To be honest I am not sure what I actually have to send off, whether it is the whole of the log file report or if I was right by just sending the one line ?

But as always - thanks for the help thus far…

How do you scan and download comodo firewall?

If you managed to paste the one line you mentioned before, C:…ocx, and clicked send, you did everything right. Although I don’t know how you did it. I can’t paste anything on the websites from my earlier post. ??? :smiley:

Perhaps something went wrong using copy\paste. Try using the browse button on, for example, VirusTotal and select the file that way. That should work.

I went into my ‘scanner report’ in NOD32 and highlighted the line which said it was possibly a threat, right clicked and copied it. I then pasted it onto the line of the visus scan deleting all the other words such as ’ possibly a varient of adware agent , item cleansed … blah… blah …etc so that I just left the C:\ … .ocx

ilpinn 55,
I assume you posted this in the wrong place ?

Eset has removed the file from that location and placed it in Quarantine or deleted it.
That’s why you get “0 bytes” and/or “another program may be using it”.

Basically, that file don’t exist in that location no more.

OCX files, in plain English, as small programs generally designed to perform one or two specific functions. They may have been installed as part of application X, but the OCX parts of application X can be called and used by other applications.

It’s a way of sharing functionality between applications. This sharing can be for good or not-so-good purposes.

Hope this helps,
Ewen :slight_smile: