Page 2 of 5 FirstFirst 12345 LastLast
Results 11 to 20 of 50

Thread: Win32.Backdoor.Revell.110 ???

  1. #11
    seahorizons Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    HiYes, I have had the same issue.
    I think it is a false positive.
    I deleted the so-called trojan and rebooted but immediately Office 2000-SR1 (yep I still like it!) reinstalled the component - Data2.msi.


    I then did a rescan (offline) and the same "trojan" was detected.
    I quarantined it but on reboot - Office 2000 reinstalled Data2.msi.I like ZA - I am using vista Internet Suite 7, but there is still a lot of work to be done to bring it up to the XP standard.
    For example, when updating the definitions, I do not get a progress screen, which seems a bit odd, and there is no cache cleaner. Hopefully, these details will be put right in new builds.Seahorizons

  2. #12
    sfumatopants Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    Is this helpful?

    http://www.spywaredb.com/remove-backdoor-revell-110/

    I hate messing with the registry. Can anyone expand on these vague instructions?

  3. #13
    ble Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    I also got my first "hit" by ZoneAlarm on c:\windows\system32\msrdo20.dll today. The file on my system is version 6.0.88.62 last modified on 5/11/2000.

    The MD5 and SHA-1 and CRC-32 hashes, plus the file size, for the file on my system all matched the hashes and file size given for a legitimate file listed at CastleCops http://hashes.castlecops.com/Hashes.html

    I am assuming the "hit" by ZoneAlarm is a false positive.


    My ZASS program info
    ZoneAlarm Security Suite version 7.0.337.000
    TrueVector security engine version 7.0.337.000
    Driver version 7.0.337.000
    Anti-virus engine version 3 DAT file version 01.200708.2235
    Anti-spyware engine version 5.0.172.0, DAT file version 01.200708.2235
    Anti-spam version 4.9.1.8211

  4. #14
    lateralus Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    I got the same thing, I think it's a false positive but I want to be 100% sure.

    Any news?

  5. #15
    sftsft Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    We found the same (Win32.Backdoor.Revell.110) and noticed someone associated it to IE. This is interesting because we found that Mozilla Firefox had been replaced with IE on one of our user accounts after the rather large windows-update a few days back. It seems weird that the 'default brouser' would be changed on only a user acct. , and then ZA finds a trojan? This may not be related but getting Firefox back as default was not easy--again this was just a 'user'acct.

  6. #16
    aih Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    I'm another who just had this pop up on a scan (today), for what it's worth.
    (So, did search, this page came up first, and here I am....)

  7. #17
    morey Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    Admins,


    Please combine my posting under Antispyware Section with this discussion.
    I have mailed the suspected file to Kaspersky as noted there and will post their answer in that other thread.

    So far as I can determine the suspected false positive of Win32.Backdoor.Revell.110 is contained in MSRDO20.DLL which may be a necessary file for Windows XP.
    Thus, I quarantined it and will not delete it until I hear from Kaspersky.
    They may revise their database if they determine it was a False Positive.

  8. #18
    scorpiodragon Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    My anti-spyware scan today resulted in detection of this alleged "trojan" also.

    Same version everyone else's scans
    have detected:
    6.0.88.62 with a date modified 5/11/2000 (2:06pm).
    It didn't detect this during previous scans.
    (I'm using ZoneAlarm Pro version:6.1.744.001 because 6.5 has issues [for whatever reason] on my machine.)

    If it is indeed a false positive, then it seems it resulted from the latest anti-spyware definitions update I did today (because the previous definitions update on 8/17 didn't detect this).
    Spybot S&D didn't detect it as being a trojan or spyware/malware.
    I'm looking forward to finding out more detailed information about this.

  9. #19
    frostbite Guest

    Default Re: Win32.Backdoor.Revell.110 ???



    New here (WinXP, ZoneAlarm Security Suite version: 7.0.337.000)




    I too encountered win32.Backdoor.Revell.110 on a scan today. I also jumped the gun and deleted it. This was not detected on an August 14 scan. So far my computer seems to be operating OK after deleting. I will check back to see what develops.



  10. #20
    gpuliti Guest

    Default Re: Win32.Backdoor.Revell.110 ???

    Hi,
    same problem here. I own ZoneAlarm Security Suite 7.0.362.000.
    Before running a spyware scan with ZA I ran it with Spybot. This software crashed many times after about 25% of the scan was completed. So I tried with ZoneAlarm instead, and it found Win32.Backdoor.Revell.110. I quarantined it, and then ran Spybot again. This time Spybot ran completely with no problem. It seems like that whatever it is, was blocking Spybot from doing its job.

    ~Gian

Page 2 of 5 FirstFirst 12345 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •