Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Win32.Trojan.Dropper.Small.156

  1. #11
    creg Guest

    Default Re: Win32.Trojan.Dropper.Small.156

    I noticed that everyone had a PNF file associated with the
    Win32.Trojan.Dropper.Small.156.
    However, in my case, it was found an INF file...here's the path... c:\windows\inf\oem8.inf
    My ZA settings are setup to Quarantine an infected file (so I can make the decision to delete)...I've never been comfortable
    giving any software the ability to automatically
    delete anything without my knowledge.

    Any idea what I should do with the oem8.inf file?


    Can anyone confirm what this file is for?
    I tried searching the inet for its purpose, but didn't find a clearcut description.
    Thanks!




  2. #12
    zausser Guest

    Default Re: Win32.Trojan.Dropper.Small.156

    I also had this problem and deleted oem8.pnf, oem9.pnf and a thinkpad.dll file (or similarly named file from the system32 directory) as recommended by ZoneAlarm.

    Got the black screen, but was able to boot with F5 and selected 'boot system from last known good configuration'.

    System appears to be working ok now, but checked and the above files are still deleted.

    My question is:

    What are these files?
    Is my system ok to run without them?
    How does one obtain the files without doing a system restore (my laptop came with windows XP preloaded so no windows discs unfortunately).

    Thanks in advance!

  3. #13

    Default Re: Win32.Trojan.Dropper.Small.156

    Hi, IGNORE the false positive- a PNF and INF are the same thing except the PNF is more binary.

  4. #14
    newu Guest

    Default Re: Win32.Trojan.Dropper.Small.156

    Hi,

    I hope you can help me out. I having this problem too except I didn't delete the file, I quarantined it and after learning it was a false positive, I restored it but now, I assume ZA has already deleted the registry keys, but fortunately I had copied down the keys and I am wondering if I could manually re-enter the keys into the registry through "regedit" because I want to avoid using system restore since my experience with it was chaotic and egregious. I'm using window xp btw. Thanks in advance.

  5. #15
    fung Guest

    Default Re: Win32.Trojan.Dropper.Small.156



    I've just received a reply from ZA regarding removal of this trojan from their definitions
    - Result !!




    Fri, August 3, 2007 7:41 pm (BST)

    Subject:

    Tech Support Ticket: Anti-spyware removal ISSUE=582060 PROJ=4

    From:

    &quot;ZoneAlarm Technical Support&quot; <div align="center" class="MsoNormal"><hr>

    Hello Fung,
    Thank you for contacting ZoneAlarm Technical Support.

    I understand that you have a question about a virus on your system. I
    apologize for any inconvenience that this issue may be causing you.

    We have updated the anti-spyware definitions as of August 1 to ensure
    that we don't detect this file as malicious any longer. Ensure that
    ZoneAlarm is up to date by clicking the Update Now button on the
    Antivirus/Antispyware -&gt; Main tab.

    ......

    Thank you for choosing ZoneAlarm Security!

    Kelly
    Technical Support
    ZoneAlarm
    A Division of Check Point Software<div align="center" class="MsoNormal"><hr>

    Original msg:

    Please see User Forum Thread titled ZA Anti Spyware thinks oem8.PNF is Trojan

    Should Trojan name Win32.Trojan.Dropper.Small.156 be removed from your Anti-Spyware definitions list so that it doesn t come up in the Scan Report ?? Or at least update the ZA webpage linked to warn users that it may cause problems if quarantining it before deciding if the files are needed, when users click on the More Info button.



Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •