Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected file or false positve?


  • Please log in to reply
5 replies to this topic

#1 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:39 PM

Posted 17 October 2010 - 11:23 PM

Hi Everyone,

I have no symptoms of infection but I have a file on my system that ZoneAlarm is now showing to be a virus. ZoneAlarm and this file have coexisted peacefully on my system for years and, until this last week, it has never been flagged by ZoneAlarm as having a virus but now ZoneAlarm says it is infected. This file has not been modified since 2005.

ZoneAlarm/Kaspersky give the virus it claims is in it the name of Trojan.Win32.Antavmu.jbv and I cannot find any info on this virus, leastwise not with the .jbv on it.

Virus Total shows that 4 out of 43 scanners detect that it might be a virus.

Malwarebytes and SuperAntiSpyware say it is clean.

Is it possible to upload this file to BleepingComputer for analysis?

At this point I do not feel it is a virus and do not need help in cleaning my system, just want to know if the experts here would be willing to test it.

Thank you for your help

Edited by Stang777, 17 October 2010 - 11:35 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:39 PM

Posted 18 October 2010 - 09:00 AM

ZoneAlarm uses the scanning engine from Kaspersky. If you suspect a file was falsely detected (a false positive), then you should submit a sample to the vendor so they can investigate and take corrective action. Please refer to How to report undetected viruses or false positives to the viruslab (via submission form, e-mail, from quarantine)

After a security vendor updates their program version or definition databases, it is not uncommon for subsequent scans to find detection of items, traces of malware files or remnants of registry entries which had previously gone undetected (not reported) by prior scans.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Stang777

Stang777

    Just Hoping To Help

  • Topic Starter

  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:39 PM

Posted 18 October 2010 - 11:35 AM

Thank you quietman,

I just used the link you gave to report it to Kaspersky.

I can't imagine why this file has been included in the last weeks virus updates. This game has been on my system for over 5 years and has never caused any kind of problem.

Thank you for your help

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:39 PM

Posted 18 October 2010 - 11:41 AM

You're welcome. Let us know what they have to say.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Stang777

Stang777

    Just Hoping To Help

  • Topic Starter

  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:39 PM

Posted 18 October 2010 - 03:33 PM

I heard back from Kaspersky, they said it was a false positive and will be corrected in their next update.

Thanks again for helping me find out

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:39 PM

Posted 18 October 2010 - 04:14 PM

Not a problem. :thumbsup:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users