* Home Help Search Login Register  

Welcome, Guest. Please login or register.
Did you miss your activation email?
May 21, 2013, 12:43:36 PM

Login with username, password and session length

663413 Posts
70528 Topics
145180 Members
Latest Member: dosxx

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Security Products & Services
| |-+  Comodo Internet Security - CIS
| | |-+  AV False Positive/Negative Detection Reporting
| | | |-+  false positive Backdoor.win32.agent?		 « previous next »
Pages: [1] Go Down Print
Author Topic: false positive Backdoor.win32.agent?  (Read 1066 times)
Bah
Newbie
*
Offline Offline

Posts: 2
« on: June 09, 2009, 02:53:45 AM »
First of all, sorry if this has already been asked.

After becoming increasingly unhappy* of at F-secure, I switched to Comodo a couple of days ago.
Ever since then it has detected malware named backdoor.win32.agent.g~5895509 from an XP
restore point file (I think) located in
C:\System Volume information\_restore{litanyofnumbers}\RP1567\A0117056.exe.


A quick google gave a possibility that it might be a false positive, but I want to be sure.
And if it's not a false positive, how do I get rid of it easily?
Logged
L.A.R. Grizzly
Star Group
Comodo's Hero
*****
Offline Offline

Posts: 1510


Akron, Ohio, USA


WWW
« Reply #1 on: June 09, 2009, 07:47:02 AM »
Since it's in your System Restore, unless you're paranoid that you may need to restore that particular restore point, you just have to select "Remove" from the CAV alert box. CAV will delete the file. You won't have to worry about it unless you restore your system to that particular date.
Logged
Win7 Pro SP1 32 Bit - WinXP Pro SP3 32 Bit
CIS 6.1.276867.2813
Firefox and Thunderbird
Toolbar Icon Themes for Firefox and Thunderbird
Bah
Newbie
*
Offline Offline

Posts: 2
« Reply #2 on: June 09, 2009, 11:56:39 AM »
hohumm... how do I remove it? It only shows up on Antivirus Events -window(or something, I'm not sure how it translates to English), and I can't do anything to it there. It doesn't give any alerts, and doesn't show up on scan. At least it didn't show up when I scanned critical parts of machine.
Logged
languy99
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 3943
« Reply #3 on: June 09, 2009, 12:00:49 PM »
just remove the old system restore files, I use CCleaner to do that. install it and go to tools on left -> system restore -> delete all of the restore points but the last two or three. That should remove it unless it is in one of those restore points, if it is you can remove all of them. By default ccleaner will not let you remove the latest restore point so you will still have to just in case.
Logged
http://www.youtube.com/languy99

Software Reviews for all.

Follow me on Twitter http://twitter.com/#!/languy99
shaogang.he
Guest
« Reply #4 on: June 09, 2009, 09:16:28 PM »
Quote from: Bah on June 09, 2009, 02:53:45 AM
First of all, sorry if this has already been asked.

After becoming increasingly unhappy* of at F-secure, I switched to Comodo a couple of days ago.
Ever since then it has detected malware named backdoor.win32.agent.g~5895509 from an XP
restore point file (I think) located in
C:\System Volume information\_restore{litanyofnumbers}\RP1567\A0117056.exe.


A quick google gave a possibility that it might be a false positive, but I want to be sure.
And if it's not a false positive, how do I get rid of it easily?
Hi,Bah
Could you zip the file and attach it to your post.
Thanks
Shaogang.He
« Last Edit: June 09, 2009, 09:27:55 PM by shaogang.he » Logged
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.174 seconds with 21 queries.
Powered by SMF 1.1.18 | SMF © 2006, Simple Machines Design by 7dana.com