Results 1 to 10 of 10

Thread: Backdoor.Win32.Rbot.aklg

  1. #1
    deistdennis Guest

    Default Backdoor.Win32.Rbot.aklg

    ZoneAlarm detects and quarantines 'Backdoor.Win32.Rbot.aklg' that it found in C:\Program Files\Shockwave.com\PhotoJam 4 Deluxe\data\product\PhotoJam 4 Deluxe.exe

    But now my photo editing program "PhotoJam 4 Deluxe" won't open with the "virus or trojan" removed. PhotoJam is an old program that used to work fine and I'm wondering if ZoneAlarm has recently decided this Backdoor thing is a threat of some sort. I can't find any info on what Backdoor.Win32.Rbot.aklg is, even ZoneAlarms SmartDefense Adviser has nothing to say about it, but it removes (quarantines) the thing and won't let the program open unless I let it run free and that bothers me. What's the deal?

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Backdoor.Win32.Rbot.aklg

    Follow the procedure here below to check for false positive. You first need to exclude the file from ZA and then upload the file to virustotal. If false positive then submit it to Kaspersky to be fixed.

    How to diagnose-report antivirus/antispyware false positives

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    deistdennis Guest

    Default Re: Backdoor.Win32.Rbot.aklg

    No, couldn't get this VirusTotal thing to accept Backdoor.Win32.Rbot.aklg in its text field box. I know I can instruct ZoneAlarm to ignore it but I want to know it's safe first. Can anyone help?

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Backdoor.Win32.Rbot.aklg

    euh? Please relax, sit down, read slowly the message and the virustotal website. You need to upload the FILE "PhotoJam 4 Deluxe.exe" and not the detection name.

    By moving the file from the quarantine back to its place you are not executing it. You just copying it. You need to do this to check for false positives. There is nothing to worry about. Just don't run Photojam if you are worried something will happen and remove the exception if you want the file back to quarantine.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    deistdennis Guest

    Default Re: Backdoor.Win32.Rbot.aklg

    I'm relaxed, just trying to figure out what's happening here. I did manage to send "PhotoJam 4 Deluxe.exe" to VirusTotal and it reported a "0/ 43 (0.0%)" as the result. I guess that means it's a false/positive??? Not sure, but it looks that way to me. Now I gotta figure out how to send it to Kaspersky to be fixed (if I need to do that...) or I can instruct ZA to ignore Backdoor.Win32.Rbot.aklg. What do ya think, Fax?

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Backdoor.Win32.Rbot.aklg

    If virustotal says 0 then either your ZA does not update or your are running an old ZA (e.g. version 8 or 7). ZA engine is Kaspersky then it should be listed there. Update the virus signature of your ZA and try again.

    Finally be sure to have actually uploaded a file that is different than 0 bytes lenght.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    deistdennis Guest

    Default Re: Backdoor.Win32.Rbot.aklg

    Actually, I'm using ZA Security Suite version 9.3 and as far as updating goes, it updates all the time. Updates and slows my computer to a snails pace for 5 to 15 minutes at a time. And it will do this every couple hours or so. It's been doing this for a few weeks now.

    And funny thing is, this downloading the updates problem started about the time PhotoJam wouldn't open. I wouldn't think the problems are related but what do I know? I do think this Backdoor problem is only a problem with ZA but I want to be sure before I instruct ZA to ignore the Backdoor thing.

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Backdoor.Win32.Rbot.aklg

    As already said, there is something wrong. ZA should not detect it if virustotal shows 0. And if virustotal shows 0 then you should be quite safe.

    For the rest I think its time you contact the official support and start a proper troubleshooting with them on the issue of updates.

    However, before doing this try to do a clean install of the latest ZASS. By clean install I mean removing your version and install the new you find here:

    Where to download latest version of ZoneAlarm


    If you have still problem of updating then you should defrag your HD, clean the registry and the system folder with ccleaner. Most of the time the slow operation are due to other security tools + HD not defragged + too much **** in temp or registry. May be you can do this before installing the latest ZASS version.

    Finally contact support if the above does not work. You find the link to ZA technical support in my signature.

    Cheers,
    Fax
    Last edited by fax; September 16th, 2010 at 09:07 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    deistdennis Guest

    Default Re: Backdoor.Win32.Rbot.aklg

    I got with ZA support when shortly after the update problem started and they had me do a clean install but it's not helped. I use System Mechanic to clean the registry, defrag the HD and all that stuff so I don't think that's the issue.

    I dread going back to support but I guess I'll have to.


    But since you say the PhotoJam thing is safe because VirusTotal shows 0, then I'll have ZA ignore the Backdoor thing.

    Thanks.

  10. #10
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Backdoor.Win32.Rbot.aklg

    Well, once again. Your ZA does not work well if it detects it. It should not. Then I would not recommend system mechanics. It mess up more than you could think of. Has been often source for problems in here and I would not be surprised it is also part of the problem. Less you touch the registry better it is and if you really need to do it don't trust the many applications out there. ccleaner is pretty safe, free and used by millions of users.

    Finally, you should have gone back to support to inform them that what was suggested did not work especially considering that it was working fine before.

    Unless there are other questions and since I have said all what could be said about it I will be closing soon this thread. Please do not hesitate to PM if you need to reopen it in order to post how you manage to resolve the issue and/or to post any useful information for other users here.

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: May 3rd, 2008, 07:50 PM
  2. Trojan-Clicker.Win32.Agent.adg & Backdoor.Win32.Rbot.jqt removal
    By fax in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 0
    Last Post: May 3rd, 2008, 04:55 PM
  3. Backdoor:Win32/Rbot
    By sadmen in forum General - Questions that don't fit any other category
    Replies: 17
    Last Post: February 19th, 2008, 03:21 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •