Author Topic: false positive Backdoor.win32.agent?  (Read 1286 times)

Offline Bah

  • Newbie
  • *
  • Posts: 2
false positive Backdoor.win32.agent?
« on: June 09, 2009, 02:53:45 AM »
First of all, sorry if this has already been asked.

After becoming increasingly unhappy* of at F-secure, I switched to Comodo a couple of days ago.
Ever since then it has detected malware named backdoor.win32.agent.g~5895509 from an XP
restore point file (I think) located in
C:\System Volume information\_restore{litanyofnumbers}\RP1567\A0117056.exe.


A quick google gave a possibility that it might be a false positive, but I want to be sure.
And if it's not a false positive, how do I get rid of it easily?

Offline L.A.R. Grizzly

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1679
  • Akron, Ohio, USA
    • Grizzly's Home Page
Re: false positive Backdoor.win32.agent?
« Reply #1 on: June 09, 2009, 07:47:02 AM »
Since it's in your System Restore, unless you're paranoid that you may need to restore that particular restore point, you just have to select "Remove" from the CAV alert box. CAV will delete the file. You won't have to worry about it unless you restore your system to that particular date.
Main Machine: AMD FX-8320 8 Core 3.50 GHz - 16 GB G.Skill DDR3 RAM - nVidia GT610 Graphics
Main Machine: Win7 Pro SP1 64 Bit - Second Machine: Win7 Pro SP1 32 Bit - Laptop: WinXP Pro SP3 32 Bit
CIS 7.0.317799.4142

Offline Bah

  • Newbie
  • *
  • Posts: 2
Re: false positive Backdoor.win32.agent?
« Reply #2 on: June 09, 2009, 11:56:39 AM »
hohumm... how do I remove it? It only shows up on Antivirus Events -window(or something, I'm not sure how it translates to English), and I can't do anything to it there. It doesn't give any alerts, and doesn't show up on scan. At least it didn't show up when I scanned critical parts of machine.

Offline languy99

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3940
Re: false positive Backdoor.win32.agent?
« Reply #3 on: June 09, 2009, 12:00:49 PM »
just remove the old system restore files, I use CCleaner to do that. install it and go to tools on left -> system restore -> delete all of the restore points but the last two or three. That should remove it unless it is in one of those restore points, if it is you can remove all of them. By default ccleaner will not let you remove the latest restore point so you will still have to just in case.
http://www.youtube.com/languy99

Software Reviews for all.

Follow me on Twitter http://twitter.com/#!/languy99

shaogang.he

  • Guest
Re: false positive Backdoor.win32.agent?
« Reply #4 on: June 09, 2009, 09:16:28 PM »
First of all, sorry if this has already been asked.

After becoming increasingly unhappy* of at F-secure, I switched to Comodo a couple of days ago.
Ever since then it has detected malware named backdoor.win32.agent.g~5895509 from an XP
restore point file (I think) located in
C:\System Volume information\_restore{litanyofnumbers}\RP1567\A0117056.exe.


A quick google gave a possibility that it might be a false positive, but I want to be sure.
And if it's not a false positive, how do I get rid of it easily?
Hi,Bah
Could you zip the file and attach it to your post.
Thanks
Shaogang.He
« Last Edit: June 09, 2009, 09:27:55 PM by shaogang.he »

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek