Results 1 to 4 of 4

Thread: Virus with filename gate.php and path http://.....??

  1. #1
    Join Date
    Oct 2013
    Posts
    2

    Default Virus with filename gate.php and path http://.....??

    Hi,

    Since yesterday I get a ZoneAlarm window every two minutes (!) saying it has detected and treated a High Risk Virus with filename gate.php
    The path is an Internet address that I don't recognize (it's not part of my LAN): -http://91.218.36.xxx/.../gate.php-
    I have run a full scan and it revealed no problems or threats.
    Does anybody know what's going on?
    I'm running the ZoneAlarm Security Suite on Windows7

    Thanks.
    Last edited by fax; October 9th, 2013 at 04:07 AM. Reason: delinking - masking IP

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Virus with filename gate.php and path http://.....??

    Sounds like an web page you are visiting is calling upon this page that is infected by malware. Identify the source of this problem and notify the web master. Other possibility is that you are infected by malware that tries to download components from the web. Finally, it could be a false positive by the antivirus in ZA.

    You can scan internet web pages with virustotal:
    https://www.virustotal.com/#url
    You will see that only Kaspersky is detecting it as malware (the antivirus engine in ZA). This may be an indication that is a false positive.

    For reporting the false positive / check if the detection is valid, see here:
    How to diagnose and/or report antivirus/antispyware false positives

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Join Date
    Oct 2013
    Posts
    2

    Default Re: Virus with filename gate.php and path http://.....??

    Thanks Fax, You got me in the right direction with your suggestions.
    I couldn't really agree with the first suggestion, since I wasn't really connecting to anything myself. The message kept popping up right after startup of the PC. The IP-address turned out to be from the Ukrain. I don't want to be a bigot, but that didn't make me feel very comfortable, so I couldn't agree with the virustotal conclusion as well.
    I checked all the processes running on my system and I found one that I couldn't explain. It was audiohd.exe. I stopped the process and the warning message disappeared! I found the audiohd.exe hidden in a folder xxx\Roaming and I think that the problem is now solved. Unfortunate that ZoneAlarm couldn't identify the file as a virus/malware, because that's surely what it must be.

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Virus with filename gate.php and path http://.....??

    Hi!

    please see here below how to report what you beleive false negatives to Kaspersky.

    xyz was not detected. What I should do?

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. What does C:\??\C:\Program Files path mean?
    By waveuponwave in forum ZoneAlarm Free Firewall
    Replies: 1
    Last Post: August 1st, 2013, 12:52 AM
  2. Replies: 5
    Last Post: August 2nd, 2012, 09:49 AM
  3. Alert - not enough info - can I get a path?
    By unovis in forum ZoneAlarm Free Firewall
    Replies: 2
    Last Post: November 18th, 2010, 07:18 AM
  4. blank filename when downloading.
    By donaldt in forum Web Security/Security Toolbar/Do Not Track
    Replies: 0
    Last Post: August 30th, 2009, 09:48 AM
  5. Virus? http://the*uptodate*safety*.com
    By gdstubbs in forum General - Questions that don't fit any other category
    Replies: 2
    Last Post: October 2nd, 2006, 05:48 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •