FP - Win32.Zhelatin.k ?
Hiya
I think that this is a false positive (case here):
Seems that the ArcSoft also has a program which uses a file named "greeting card.exe". It is the same filename as Zhelatin.k usesWin32.Zhelatin.k
Settings
HKEY_USERS\S-1-5-21-3293823761-4021508746-2703944788-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\x\greeting card.exe
OK thank you
Same ol' same ol'...
Hi there. I gather Tashi's reopened this forum for me because I'm getting alerts about that trojan again. I sent the following to her:
I had a discussion going that's now closed - http://forums.spybot.info/showthread...070458&t=15458 - and the team decided I was getting a "false positive." I'd like some reassurance please. I was told that this would be corrected in a week, but I'm still getting notifications from Spybot that I have a trojan called Win32.Zhelatin.k, with the same registry key cited. Can you confirm that this is still nothing to worry about, and that the team hasn't yet had a chance to take Win32.Zhelatin.k off its hit list?
thank you for reporting,
this will be corrected with the update this week, it looks like we skipped the trojans.sbi last week
But you need not be concerned about detections showing MuiCache, those are actually usagetracks and will be treated as such in the near future.
Usage tracks
Thanks, Yodama. I'm reassured.
Mystery message
Hi Jake. Can I still post here? I want to ask about the various software packages you advised me to install (ATF Cleaner, SpywareBlaster, MVPS Hosts). I did so, and other than auto updates for firefox, windows and java nothing else has changed on my system. But this is what I've got on two separate occasions this past week:
Windows – Virtual Memory Minimum Too Low
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file. During this process, memory rquests for some applications may be denied. For more information, see Help.
I've had my computer for 6 years and never seen this alert before. I checked the help & support feature, and was advised to set my virtual memory paging file to "system managed size," so I did that. But I'm wondering why I would get that message. I tend to run about four applications at once, sometimes more, but I only had Outlook, Firefox and Word open at the time (other than the various anti-virus/-malware packages operating in the background).
So I'm asking if any of those packages (ATF, SpywareBlaster & MVPS) could have upset my system. The last unusual thing I did was use ATF to clean out all the "selected files" yesterday. What do you think?
(Should I be posting somewhere else?)
Hello Benzmum
Sorry for the delay...
Ok the MVPS Hosts might slow your computer down especially if you didn't follow the advice in the "Editors note"-section:
http://www.mvps.org/winhelp2002/hosts.htm
ATF Cleaner and SpywareBlaster shouldn't slow down the computer.Editors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine. This only occurs in W2000/XP/Vista. Windows 98 and ME are not affected.
To resolve this issue (manually) open the "Services Editor"
* Start | Run (type) "services.msc" (no quotes)
* Scroll down to "DNS Client", Right-click and select: Properties
* Click the drop-down arrow for "Startup type"
* Select: Manual, or Disabled (recommended) click Apply/Ok and restart.
Let me know if it helped
DNS Client
OK, I've set the Startup type to disabled - thanks. But I'm wondering what that's got to do with Virtual Memory being too low. I understand that my machine would be slowed down if I didn't change the DNS Client setting, but I thought the alert I was getting meant I was running out of useable memory. Can you explain this for me, please?
Hello
When the service is enabled and running with a big hosts file it will eat tons of memory. This caused the "Virtual Memory being too low" message.
Posting Permissions
Reply With Quote
