Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: two strange quarantined items?

  1. #1
    sandyfl Guest

    Default two strange quarantined items?

    I've been having some unusual activites with my system the past few days:

    ZoneAlarm Security Suite version:9.1.008.000
    TrueVector version:9.1.008.000
    Driver version:9.1.008.000
    Anti-virus engine version:8.0.2.42
    Anti-virus signature DAT file version:1000114624
    AntiSpam version:6.0.0.2383

    (1) I was only getting a zone alarm diagnostics screen. Could not open the control center

    (2) shutdown the system (Windows XP)

    (3) after starting-up, only got UI initializing. It never did

    (4) deleted zone alarm (I thought I did) and re-installed from 11/1 exe file last night

    (5) noticed that it still had all of my settings (which means I didn't get rid of the program when I thought I did?

    (6) program seemed to be working OK after install

    (7) re-started Windows tonight and the quarantine screen popped-up with two items. These didn't show up earlier even though I do a complete scan each night

    (8) the two items are:

    Exploit.Win32.Pidief.cvl, Packed.JS.Agent.bp

    I looked these up and there is no information




    Help!

  2. #2
    sandyfl Guest

    Default Re: two strange quarantined items?

    This morning another quarantined item. In the past 2 years I've never found anything during my daily scan.

    HEUR:Trojan.Script.Iframer


    add this to the other two since re-installing ZA:


    Exploit.Win32.Pidief.cvl,

    Packed.JS.Agent.bp

    I've deleted them, but have no idea if they are really issues.

    Any information will be appreciated.

  3. #3
    findley Guest

    Arrow Re: two strange quarantined items?

    Quote Originally Posted by sandyfl View Post
    This morning another quarantined item. In the past 2 years I've never found anything during my daily scan.

    HEUR:Trojan.Script.Iframer


    add this to the other two since re-installing ZA:


    Exploit.Win32.Pidief.cvl,

    Packed.JS.Agent.bp

    I've deleted them, but have no idea if they are really issues.

    Any information will be appreciated.
    sandyfl,
    My suggestion is you seek expert malware advice by downloading and running a Hijackthis log and posting it to spywarehammer's malware removal forum. To help you with this See How to Create and Post a HijackThis Log

    Findley

  4. #4
    Join Date
    Aug 2009
    Location
    Texas Gulf Coast
    Posts
    1,648

    Default Re: two strange quarantined items?

    Helpful links.

    How to report antivirus/antispyware false positives at this link :

    http://forums.zonealarm.com/showthread.php?t=70505


    Malware Clean-up Guidance at this link :

    http://forums.zonealarm.com/showthread.php?t=70448

    Have a Happy 2010

  5. #5
    sandyfl Guest

    Default Re: two strange quarantined items?

    Thanks for the suggestions. I am following them now.

  6. #6
    findley Guest

    Default Re: two strange quarantined items?

    Quote Originally Posted by sandyfl View Post
    Thanks for the suggestions. I am following them now.
    Good luck sandyfl

    Findley

  7. #7
    sandyfl Guest

    Default Re: two strange quarantined items?

    No response from anyone on spywarehammer forum. So, I did run malwarebytes and it did find 13 registry keys infected (nothing malicious) and 2 files infected in windows\system32 (not malicious).The primary items found in the registry included:Adware.MyWebSearch, Adware.Gdow. The infected file was GTDownDE_87.ocx.

    I then ran another program and it found many adware tracking cookies, all deleted now

    I've run zone alarm all levels and none of these wewre found previous to finding these items in other programs. Should zone alarm have found them, even if they are not considered malicious?

    I've re-rum malwarebytes and everything looks clean, for now. I'll continue to run this periodically along with the zone alarm nightly run.

    Thanks to all for their suggestions!

  8. #8
    findley Guest

    Default Re: two strange quarantined items?

    Hi sandyfl,

    No response from anyone on spywarehammer forum.
    With all the malware out there and all the people needing help, it is not unusual for a response from most of these malware forums to take days to get back to you. Unfortunately, getting in the queue is the first step to getting help, so if you still want them to look at your log and make sure the computer is clean - be patient and when they respond - if you decide to let them have a look - because you made changes you'll be asked to run and post another HJT in your same thread at spyhammer. Up to you really as to whether you do or not.
    So, I did run malwarebytes and it did find 13 registry keys infected (nothing malicious) and 2 files infected in windows\system32 (not malicious).The primary items found in the registry included:Adware.MyWebSearch, Adware.Gdow. The infected file was GTDownDE_87.ocx.

    I then ran another program and it found many adware tracking cookies, all deleted now

    I've run zone alarm all levels and none of these wewre found previous to finding these items in other programs. Should zone alarm have found them, even if they are not considered malicious?

    I've re-rum malwarebytes and everything looks clean, for now. I'll continue to run this periodically along with the zone alarm nightly run.
    MalwareBytes is an excellent tool to keep, update, and run periodically on your computer as an on-demand scanner. Another good one, also free, is SuperAntispyware. It too is an excellent on-demand scanner that can be run periodically to ensure the health of your computer(s). I'd also suggest you add CCleaner to your computer.
    http://www.ccleaner.com/
    http://www.ccleaner.com/help/tour/1-after-installation

    No one security program catches, nor removes everything so a couple additional tools like MBAM, SAS and CCleaner are very useful additions.

    Findley
    Last edited by findley; January 4th, 2010 at 03:42 AM. Reason: delete duplicate quote

  9. #9
    sandyfl Guest

    Default Re: two strange quarantined items?

    Thank you Findley,

    I also ran the superantispyware, and it found the tracking cookies. The good news is nothing found was considered malicious. I'll run the malwarebytes and siperantispyware periodically along with the Zone Alarm.

    Thanks for all of your help!

  10. #10
    findley Guest

    Default Re: two strange quarantined items?

    Quote Originally Posted by sandyfl View Post
    Thank you Findley,

    I also ran the superantispyware, and it found the tracking cookies. The good news is nothing found was considered malicious. I'll run the malwarebytes and siperantispyware periodically along with the Zone Alarm.

    Thanks for all of your help!
    Hi,
    For issues with tracking cookies, add a Hosts file. A Hosts file can block tracking cookies as well as a number of other pests. See
    The Hosts File and What It can Do for You

    What it does ...
    The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local (your) machine. Another feature of the HOSTS file is its ability to block other applications from connecting to the Internet, providing the entry exists.

    You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems.

    Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. Why? ... because in certain cases "Ad Servers" like Doubleclick (and many others) will try to open a separate connection on the webpage you are viewing.
    Blocking Unwanted Parasites with a Hosts file

    The Hosts file is just adding another layer of security to the already strong security found in zone alarm and adding another layer of prevention both in pests, parasites, spyware and tracking cookies. Also by running the zone alarm security suite there is the added feature within ZASS of locking the hosts file and adding additional protection to your computer.

    enjoy the day
    Findley
    Last edited by findley; January 8th, 2010 at 11:14 AM. Reason: additions

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •