Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

  1. #11
    morey Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    The Trojan is a False Positive.
    Go here to see the original thread:
    http://usera.imagecave.com/SirMaru/Z...-Jun292007.jpg
    Just update your virus database, release the False PositiveTrojan from quarantine and you should be able to use Regedit.exe again.

  2. #12
    costin Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    i don't know what means a F/P or false positive but:regarding to win32.pakes.x3 i can tell you the following: i let my KIS to quarantine the file regedit.exe!after this i was able to access the regedit utility but i was not able to use some files with extension .reg. i want to mention that i could use the files on other computers!i restored the regedit from quarantine but i had the same problem!!!when i looked at the .reg file i saw that it says that it is opened by %1..... lol.... i changed the open with file with regedit32.exe from windows/system32 and than i was able to use the .reg files!respectfully costin

  3. #13
    glenconaway Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Same problem here.
    Zone alarm say I have a virus:
    Trojan.Win32.Pakes.X3
    located in;C:\windows\regedit.exe
    C:windows\SERVIC~1\386regedit.exeand also in another location that cannot be deleted so it must be deleted on reboot.
    It is also asking for my Windows service pack 2 cd so I can restore dammaged files.
    But I have no such CD as I have the origional release of XP.So I downloaded Service Pack 2 (larger version) and installed it.Zone alarm wanted to reboot and so did service pack 2, and on the reboot their was an exemption and Zone Alarm failed to start.
    Then I updated my Zone Alarm definition and rescanned my computer and had several new instances of the virus on my computer.
    Anyway then I attempted to do a system restore and when the system rebooted a message came up saying that it was unable to restore my computer and to change the restore point.
    My system is a fairly new clean install and my internet use is very minimal and I'm supprized I got a virus if I did?

  4. #14
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Hi!user support forum for Kaspersky retail products is here:http://forum.kaspersky.com/Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #15
    tekncl_kwestyn Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Glen,The "virus" is a "False Positive". In other words Zone Alarm "found" a "virus" that was NOT a virus. So if you tell ZoneAlarm to ignore the virus, and then update your virus definitions, and run another scan, you should be ok.
    Supposedly there has been a fix issued already.
    My questions are these:
    1) What exactly happened here? Did windows update these files, and did that generate a warning that the files did not match? Or did ZoneAlarm cause all this? How did these files change?
    2) Since I took the recommended action and deleted
    then rebooted, I cannot get my registry editor back, even though I tried to "restore" the regedit.exe from the quarantine. How do I get my registry editor back? That reminds me.. I forgot my Windows CD. (darn it!).


  6. #16
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe


    <BLOCKQUOTE><HR>Tekncl-Kwestyn wrote:
    Glen,The "virus" is a "False Positive". In other words Zone Alarm "found" a "virus" that was NOT a virus. So if you tell ZoneAlarm to ignore the virus, and then update your virus definitions, and run another scan, you should be ok.Supposedly there has been a fix issued already.My questions are these:1) What exactly happened here? Did windows update these files, and did that generate a warning that the files did not match? Or did ZoneAlarm cause all this? How did these files change?2) Since I took the recommended action and deletedthen rebooted, I cannot get my registry editor back, even though I tried to "restore" the regedit.exe from the quarantine. How do I get my registry editor back? That reminds me.. I forgot my Windows CD. (darn it!).
    <HR></BLOCKQUOTE>
    1. False positive are due toa virus update by kaspersky that incorrectly flag a pattern of virus into a legitimatefile. See here: http://forum.kaspersky.com/index.php?showtopic=42082. Not directly a ZA issue butthe AV portion by KAV. 2. Not sure I follow but if you have deleted the file there is no way to recover it. By default ZA quarantine not remove the suspect file/entry. You may want to read the post by GURU OLDSOD to recover a backup of regedit if you have removed it. See here: http://forums.zonealarm.com/zonelabs...essage.id=2275Hoep this help.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #17
    tesselaar Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Why the heck is ZoneAlarm not responding? Don't they owe an explanation and a positive fix to their customers?

  8. #18
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Hi!This false positive is fixed since some days... update you antivirus definitions...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #19
    tesselaar Guest

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    OK - I update all my antivirus and spyware programs daily and they run during the night as I leave my computer on. What does ZoneAlarm say to do next? I've seen one message where the user said to update the virus definitions etc., and that he then reinstalled the virus files. Is this the recommended fix or just wishful thinking.
    Am I paranoid about reinstalling a virus - dambetcha!

  10. #20
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: What the heck... Trojan.win32.pakes.x3 path C:\Windows\regedit.exe

    Hi!yes, update virus defintions, restore the file from quarantine... scan the file or the system and you should be ready to go...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •