Possible False Possible with Zone Alarm Install
Hi
SpyBot Tea Timer reported a problem whilst I was installing Zone Alarm ISS Upgrade V9.1.008.00. Is this a false positive?
I've not reproduced this occurence as I've not re-installed the ZoneAlarm Upgrade. Details:-
* Operating System Windows Vista Home Premium SP2
* Browser FireFox 3.5.4
* Version of Spybot S&D i.6.2.46
* Latest updates -
[teatimer166.zip]
InstallDate=2009-03-30
ReleaseDate=2009-03-11
URL=http://www.spybotupdates.biz/updates/files/teatimer166.zip
LocalFile=C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.zip
UpdateName=TeaTimer update 1.6.6
Description=!TeaTimer update (1011 KB)
[advcheck163.zip]
InstallDate=2009-07-31
ReleaseDate=2009-07-29
URL=http://www.spybotupdates.com/updates/files/advcheck163.zip
LocalFile=C:\Program Files\Spybot - Search & Destroy\Updates\advcheck163.zip
UpdateName=Advanced detection library 1.6.3
Description=!Advanced detection routines update (784 KB)
[advcheck164.zip]
InstallDate=2009-09-20
ReleaseDate=2009-09-09
URL=http://www.spybotupdates.com/updates/files/advcheck164.zip
LocalFile=C:\Program Files\Spybot - Search & Destroy\Updates\advcheck164.zip
UpdateName=Advanced detection library 1.6.4
Description=!Advanced detection routines update (792 KB)
* where did the false positive occur? - on installing Zone Alarm Update V9.1.008.00
o Scan result? - N/A not a scan
o after fix? - N/A not a scan
o Spybot message at start of scan? - not N/A a scan
o Teatimer message when a program was executed? - details not noted but similar to that shown in your original post re an Adobe install
o not reachable/restricted website? - ????
o SDHelper popup? - ???
Log report read:-
05/11/2009 09:29:52 Allowed (based on user decision) value "ISW" (new data: ""C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"") added in System Startup global entry!
05/11/2009 09:29:53 Encountered and terminated 2Search in C:\Program Files\CheckPoint\ZAForceField\ForceField.exe!
Thanks
Richard
Another False Postive (I think)
After the last update to Seek & Destroy, it decided to delete a bit of software called Netmeter. This only measures the upload & download rate of my internet connection (in graph form). So am wonder why..?!
PC OS Windows XP (SP3)
Mainly use Firefox (sometimes use IE8)
JQS.EXE (Java Quickstart in version 18 ) false positive?
After an authentic-looking self-update by Java from V.17 to V.18 on 27th January 2010, A Spybot popup appeared and reported that it had identified the Java Quickstart Process JQS.EXE as Win32.Fraudload. Unfortunately, I can't send you the file as I allowed SBSD to delete it to be on the safe side.
I mention it only so that you can add it to any further reports you may get of SBSD reporting this file as malicious.