Results 1 to 10 of 10
  1. #1
    Member Steph's Avatar
    Join Date
    Nov 2004
    Location
    London, UK
    Posts
    961
    Points
    60

    Default ZA Trojan warning (?) and Kaspersky update failure

    Here we go again - and it's not even Sunday yet

    Earlier on today ZA popped up a Scanning Status result that said I was infected with a high risk trojan and should delete it immediately : Win32. Worm.Generic.9827.18. The file path was Program Files\7-Zip\7-zip.dll - I think it said it had been quarantined but I'm not sure. Although the warning looked legitimate I didn't delete anything just in case but googling it didn't bring up anything definitive. Shut down the computer, rebooted, made sure everything was up to date and then ran a number of scans : Avast / Malwarebytes/ Superantispyware / SpywareBlaster and the ZA scan. Nothing was found. Then I tried running Kaspersky, shutting down avast first but it won't run - it's downloaded all the latest definitions but keeps saying the update has failed.

    Two questions really, if anyone can shed any light : was that a legitimte ZA warning and why didn't anything pick it up after I rebooted? And, why won't Kaspersky run?

    Thank you.

    Steph
    Last edited by Steph; 08-07-2009 at 06:11 PM. Reason: Added file path
    Today is the dawn of another error ...



    Intel Core i3-3240 @ 3.4GHz;
    RAM 8.0 GB;
    Windows 7 Home Prem SP1 64 bit
    Firefox; IE11

  2. #2
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    6,151
    Points
    1293
    Blog Entries
    4

    Default

    Hi Steph,

    Sounds like a false positive. You aren't alone, so maybe something in the latest update is picking it up. See here. Try reporting it to ZA.

    Looks like it may have affected AV programs too, see here.

    See you sunday.

  3. #3
    Member Steph's Avatar
    Join Date
    Nov 2004
    Location
    London, UK
    Posts
    961
    Points
    60

    Default

    Hi Arraknid

    Thanks for the links - seems it was a false positive as the warning disappeared pretty quickly.

    I haven't tried running Kaspersky since this was fixed so I'll try it later and post back if it still doesn't want to run.

    Having an Adobe problem right now (well, it is Sunday) but I'll start a new thread.

    Steph
    Today is the dawn of another error ...



    Intel Core i3-3240 @ 3.4GHz;
    RAM 8.0 GB;
    Windows 7 Home Prem SP1 64 bit
    Firefox; IE11

  4. #4
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    6,151
    Points
    1293
    Blog Entries
    4

    Default

    See you there.

  5. #5
    Member Steph's Avatar
    Join Date
    Nov 2004
    Location
    London, UK
    Posts
    961
    Points
    60

    Default

    OK, ZA has just scanned and warned about Win32. Worm.Generic.9827.18 (file path Program Files\7-Zip\7-zip.dll) again, just like last week. This seemed to have been a false positive last week (as per previous post in this thread)and wasn't reported on further scanning - except that it's now just happened again, a week later.

    Any ideas please?

    Thanks

    Steph
    Today is the dawn of another error ...



    Intel Core i3-3240 @ 3.4GHz;
    RAM 8.0 GB;
    Windows 7 Home Prem SP1 64 bit
    Firefox; IE11

  6. #6
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    6,151
    Points
    1293
    Blog Entries
    4

    Default

    Undoubtedly a false positive. Something in the scripting of 7-zip.dll is throwing up the warning. It's one of the problems with heuristic detection. You could tell ZA to ignore it in future, or just get rid of 7-Zip. If you only need to unzip files, XP's integrated utility will do just that. For other file types, like .rar, or the ability to create compressed files, you'll need something like Izarc. Totally free and opens virtually anything.

    See you sunday.

  7. #7
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,949
    Points
    557

    Default

    I personally have had no problems with 7-zip, so you can upload the file to jotti for analysis if you like, just to be sure.

    Jotti's malware scan
    Always remember you're unique.


    ...Just like everyone else!
    If your problem is solved, here's how to say thanks!

    Windows XP
    Windows Vista
    Windows 7

  8. #8
    Member Steph's Avatar
    Join Date
    Nov 2004
    Location
    London, UK
    Posts
    961
    Points
    60

    Default

    Hi Arraknid, thanks for the reply. This problem showed itself exactly as it did last week - everything freezing up first of all, programs not responding and CPU usage very high in bursts and then the ZA scan with the 7-zip result. I rebooted several times but it didn't seem to help. I shut everything down for a few hours and have just run ZA scan again and this time "no infection found".

    Also uploaded the file to jotti as Mr Darn suggested (thanks Chris) but no problem was found with it.

    Something is not happy but I don't know what it is ...

    As for uninstalling 7 zip, as I don't use it for creating zipped files should I just uninstall it with Revo do you think? If I can just go ahead and unzip files with XP's utility how would I access that - do I just double-click on the zipped file to start the unzipping process?

    Thanks

    Steph

    Steph
    Today is the dawn of another error ...



    Intel Core i3-3240 @ 3.4GHz;
    RAM 8.0 GB;
    Windows 7 Home Prem SP1 64 bit
    Firefox; IE11

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Hi,

    The Revo Uninstaller will do a thorough job at uninstalling it.

    See link for unzipping and zipping in xp ---------How To Zip or UnZip a File or Folder in Windows XP

  10. #10
    Member Steph's Avatar
    Join Date
    Nov 2004
    Location
    London, UK
    Posts
    961
    Points
    60

    Default

    Thanks for the link zep - and 7zip now uninstalled.

    Steph
    Today is the dawn of another error ...



    Intel Core i3-3240 @ 3.4GHz;
    RAM 8.0 GB;
    Windows 7 Home Prem SP1 64 bit
    Firefox; IE11