Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

  1. #1
    old_timer Guest

    Default Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    I downloaded the new critical update "zaSuiteSetup_70_483_000_en.exe". Before executing, I scanned with current version of ZoneAlarm (7.0.470.000) and received the alert that my download had been quarantined and identified as the virus "Exploit.PHP.Userpic.a". I did not override the alert and install until I get the okay from ZoneAlarm. Is this a false alarm? Has anyone else received the alaert?

    Operating System:Windows XP Home Edition
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!sounds to me as a false positive but still KAV refuses to consider it a false positive....Cheers,Fax

    Message Edited by fax on 07-11-2008 09:12 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    tldg Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hello,
    System: MS XP Professional ie7 sp3
    I had the same problem old-timer did.
    Downloaded file was quarantined and deleted.Am willing to download the file
    again, if it is safe to run/ without scanning first.-Present ZASS firewall was set at medium yesterday per guidance from MS tech.Will the Internet access problem occur again once the 70_483_000 update is run?
    Thank you.

  4. #4
    thenckid Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    I downloaded the update. It was not quarantined and I clean installed it. After it installed the firewall security was automatically set to high and I had internet access. ZL suggested a system scan which I allowed and it did not find any problems. However, today when the automatically schedule scan ran it found and quarantined Exploit.php.userpic.a. The path was C:\Program Files\Zone Labs\ZoneAlarm\Help\zaclients.chm. Looks like someone has reported it to the Kapersky Lab forum http://forum.kaspersky.com/index.php...howtopic=76469, and below is the reply. Not sure where this leaves those who did not install the update or those who did and may have a hopefully quarantined virus.

    I submitted my currently running zaclients.chm (7.0.473) to Kaspersky labs and received the following reply just now:

    From: newvirus@kaspersky.com
    Sent:Fri 7/11/08 1:16 PM
    To: me@hotmail.com

    Hello. This is not false positive, but this file danger only for web-servers.

    Sincerely yours,
    Andrey Bezborodov, Virus Analyst.

    Kaspersky Lab Ltd Moscow, Russia
    Tel/Fax : +7 (095) 797-8700E-mail : newvirus@kaspersky.comInternet: http://www.kaspersky.com, http://www.viruslist.com

    I still think it is a false positive, but have delayed the installation of 70_483_000 while this is sorted out.

    What action will be helpful to the ZoneAlarm folks to be able to resolve this?

  5. #5
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!are you installing on a web server? If not, just ignore it.Report it to ZA technical support at: www.zonealarm.com/tsform Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  6. #6
    charly Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    So, to recap, if I am not a webserver, should I go ahead and install the ZoneAlarm Internet Security Suite 70_483_000 update, or wait?

    Thx,

    Charly

  7. #7
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,288

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    Hi!yes, I think so...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  8. #8
    old_timer Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    I do not have a web server either. I sent an e-mail to tech support but have not received a reply as of this date. Since I did not install the Microsoft update yet, I prefer to wait until I hear from Zone Alarm before installing the ZA update. I agree it may be a false positive but I want ZA folks to say it rather than for me to assume it. Thanks for the Kaspersky comments.

  9. #9
    ananda Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update - Oldtimer

    No need to wait. After an update of the Antivirus list, scanning the file in question
    ( C:\Program Files\Zone Labs\ZoneAlarm\Help\zaclients.chm
    )
    ends in a positive note. It was indeed a false positive, which has been recognised by Kaspersky.

    Kind regards,
    Ananda

  10. #10
    mwidunn Guest

    Default Re: Received Exploit.PHP.Userpic.a alert after download Zonealarm critical update

    What does that mean: "false positive"?Was a virus there or not?Is a legitimate file now improperly quarantined?
    Thanks.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •