Results 1 to 2 of 2

Thread: is it false positive?

  1. #1
    bacchus Guest

    Unhappy is it false positive?

    I have Windows Vista Home Premium SP2 on my laptop.I have ZoneAlarm Security Suite. I also have 3 usb disks with backups of my critical programs and their associated product keys. None of these usb disks are bootable. Here's the problem: ZA noticed a virus or some kind of malware on one usb drive on the root (cnvix.pif). It included an autorun.inf. Of course, I allowed ZA to "treat" it and deleted the autorun file. The next time I put in the disk, it had another reported threat and another autorun on the root of the drive. To me, this suggested it's being spread from my laptop, despite the vigilence of ZA. So far, ZA has idenified tmlqia.exe, bsrr.exe, xptf.exe, hfaobw.pif, vwod.pif, xiiea.exe, ghuecj.pif, xffux.exe and fiukdq.exe. I'm getting tired od deleting them and finding it again the next time I put in the drive.

    My first thought (right or wrong) was rootkit. I downloaded Sophos rootkit and ran it. Now, I don't know what to do. It came up with several "unknown hidden files". I only recognize one: C:\Program Files\LastPass\lastpass.exe. All of them report Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available), but no verified rootkit.

    On another note, ZA reported a virus "Trojan-Downloader.JS.Agent.gmf", but when I looked it up, the ZA site reports "There are no matching records for Trojan-Downloader.JS.Agent.gmf. Please try your search again." WTF?

    Sorry if I'm sqeezing 2 problems into 1 post.

  2. #2
    Join Date
    Jun 2006
    The 3rd Coast - South Central Texas

    Default Re: is it false positive?


    Please follow ALL the steps as described here:
    Malware Clean-up Guidance <== Click here
    If one fails skip to the next and so on...

    If you are not yet on latest ZA version then once you have cleaned your PC fully install the latest you find here: Looking for the latest version?

    Finally to avoid future infections see here:
    xyz was not detected. What I should do? <== Click Here

    ZoneAlarm® Extreme Security

    Click here for ZA Support
    Monday-Saturday 24 Hours Pacific Time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. False Positive?
    By myproblem in forum Malware Discussion
    Replies: 1
    Last Post: June 28th, 2010, 12:02 AM
  2. False positive
    By firestormpt in forum Security Issues
    Replies: 1
    Last Post: January 12th, 2010, 07:32 PM
  3. False Positive
    By LakotaElf in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 5
    Last Post: September 27th, 2009, 11:23 AM
  4. Possible False Positive?
    By dbled in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 5
    Last Post: June 16th, 2008, 08:48 PM
  5. Could this be a false positive
    By arthurdent in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 11
    Last Post: April 14th, 2008, 05:35 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts