I have Windows Vista Home Premium SP2 on my laptop.I have ZoneAlarm Security Suite. I also have 3 usb disks with backups of my critical programs and their associated product keys. None of these usb disks are bootable. Here's the problem: ZA noticed a virus or some kind of malware on one usb drive on the root (cnvix.pif). It included an autorun.inf. Of course, I allowed ZA to "treat" it and deleted the autorun file. The next time I put in the disk, it had another reported threat and another autorun on the root of the drive. To me, this suggested it's being spread from my laptop, despite the vigilence of ZA. So far, ZA has idenified tmlqia.exe, bsrr.exe, xptf.exe, hfaobw.pif, vwod.pif, xiiea.exe, ghuecj.pif, xffux.exe and fiukdq.exe. I'm getting tired od deleting them and finding it again the next time I put in the drive.

My first thought (right or wrong) was rootkit. I downloaded Sophos rootkit and ran it. Now, I don't know what to do. It came up with several "unknown hidden files". I only recognize one: C:\Program Files\LastPass\lastpass.exe. All of them report Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available), but no verified rootkit.


On another note, ZA reported a virus "Trojan-Downloader.JS.Agent.gmf", but when I looked it up, the ZA site reports "There are no matching records for Trojan-Downloader.JS.Agent.gmf. Please try your search again." WTF?

Sorry if I'm sqeezing 2 problems into 1 post.