Results 1 to 7 of 7

Thread: win32.backdoor.small.eih

  1. #1
    lateralus Guest

    Default win32.backdoor.small.eih

    Hi everyone,

    ZA found this in these files just now and I wonder if anyone else has had the same problem?

    File: C:\WINDOWS\system32\dllcache\msuni11.dll
    File: C:\WINDOWS\system32\msuni11.dll

    I suspect that it is a false positive. I uploaded the file to virustotal and it found nothing. The file itself was created 2003-06-02 and has the description: "Microsoft Jet Sort Tables" and "Copyright (C) Microsoft Corp. 1993-1999"

    Thanks a lot in advance!

    Best regards

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: win32.backdoor.small.eih

    Quote Originally Posted by lateralus View Post
    I uploaded the file to virustotal and it found nothing. Best regards
    Nothing? Sure? Not even Kaspersky? Are you using the latest version? If yes, then your ZA may not work properly.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    lateralus Guest

    Default Re: win32.backdoor.small.eih

    Thanks a lot for the swift reply mate, you're the man. I'll see if it gets better during this week as I continue to download the latest definitions.

    Regards

  4. #4
    WhatYouWant Guest

    Default Re: win32.backdoor.small.eih

    I received the same notice on a PC that had patches applied on 13 SEP 2009 and then displayed the notice on 14 SEP 2009. Prior to this the system was off for over a week and reported no prior issues.

    Ran the file through virustotal as well and nothing was reported. A virus scan and other tools did not report issues with it as well.

    Is there a way to verify ZA is working properly?

    I am running:
    ZA Pro 8.0.298.000
    TVSE 8.0.298.000
    Driver Version 9.0.298.000
    ASPY engine 5.0.209.0, Dat File version 01.200909.6565

  5. #5
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: win32.backdoor.small.eih

    H!
    you should update to the latest ZAPRO 9.
    The antispyware in ZAPRO has been removed.

    I also hope you are running a good antivirus. ZAPRO does not cover viruses, trojans, malware and bots

    Cheers,
    Fax
    Last edited by fax; September 15th, 2009 at 11:59 PM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  6. #6
    lateralus Guest

    Default Re: win32.backdoor.small.eih

    Hi again,

    The infection was found using the latest ZoneAlarm Internet Security Suite with both antivirus and anti-spyware updated with the latest files.

    I thought I could take the opportunity to uninstall the suite and buy the new Extreme Security 2010. So I did and after a successful install, and a deep inspection search with the newly installed Extreme Security 2010, it found nothing (I never quarantined the file with the old suite since I suspected it was a false positive).

    Best regards

  7. #7
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: win32.backdoor.small.eih

    Yes, probably it was.
    Note that with a valid ZASS 8 license you can update free to ZASS 9.
    ZA Extreme is another product and needs another license.

    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •