Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

Hybrid View

  1. #1
    old_timer Guest

    Default Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    I downloaded the new critical update "zaSuiteSetup_70_483_000_en.exe". Before executing, I scanned with current version of ZoneAlarm (7.0.470.000) and received the alert that my download had been quarantined and identified as the virus "Exploit.PHP.Userpic.a". I did not override the alert and install until I get the okay from ZoneAlarm. Is this a false alarm? Has anyone else received the alaert?

    Operating System:Windows XP Home Edition
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!sounds to me as a false positive but still KAV refuses to consider it a false positive....Cheers,Fax

    Message Edited by fax on 07-11-2008 09:12 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    thenckid Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    I downloaded the update. It was not quarantined and I clean installed it. After it installed the firewall security was automatically set to high and I had internet access. ZL suggested a system scan which I allowed and it did not find any problems. However, today when the automatically schedule scan ran it found and quarantined Exploit.php.userpic.a. The path was C:\Program Files\Zone Labs\ZoneAlarm\Help\zaclients.chm. Looks like someone has reported it to the Kapersky Lab forum http://forum.kaspersky.com/index.php...howtopic=76469, and below is the reply. Not sure where this leaves those who did not install the update or those who did and may have a hopefully quarantined virus.

    I submitted my currently running zaclients.chm (7.0.473) to Kaspersky labs and received the following reply just now:

    From: newvirus@kaspersky.com
    Sent:Fri 7/11/08 1:16 PM
    To: me@hotmail.com

    Hello. This is not false positive, but this file danger only for web-servers.

    Sincerely yours,
    Andrey Bezborodov, Virus Analyst.

    Kaspersky Lab Ltd Moscow, Russia
    Tel/Fax : +7 (095) 797-8700E-mail : newvirus@kaspersky.comInternet: http://www.kaspersky.com, http://www.viruslist.com

    I still think it is a false positive, but have delayed the installation of 70_483_000 while this is sorted out.

    What action will be helpful to the ZoneAlarm folks to be able to resolve this?

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!are you installing on a web server? If not, just ignore it.Report it to ZA technical support at: www.zonealarm.com/tsform Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    charly Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    So, to recap, if I am not a webserver, should I go ahead and install the ZoneAlarm Internet Security Suite 70_483_000 update, or wait?

    Thx,

    Charly

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!yes, I think so...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    mwidunn Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    What does that mean: "false positive"?Was a virus there or not?Is a legitimate file now improperly quarantined?
    Thanks.

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update


    <BLOCKQUOTE><HR>Is a legitimate file now improperly quarantined?<HR></BLOCKQUOTE>Hi! Yes...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    mwidunn Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Thanks for the reply.
    If I'm understanding you correctly, then I should go into the ZA Quarantine tab; select Exploit.PHP.Userpic.a; and, click &quot;Restore.&quot;
    Is that right?

  10. #10
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!
    yes, that's right.
    In principle you should not see anymore the file tagged as Exploit the quarantine (but this is just a detail)

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •