navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
Open Discussions
My Threads
Create Thread

Forum Thread: Zombie file

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:

This thread has been marked as locked.
douglas_s Zombie file
Member 14th May, 2011 17:09
Ranking: 0
Posts: 3
User Since: 14th May, 2011
System Score: N/A
Location: US
I have a 64 bit Windows 7 machine. I run ZoneAlarm Extreme Security. When I download PSI 2.0 from either the Secunia or CNET site and attempt to save the file a heuristic scan by ZoneAlarm declares the file to be "zombie" software.

I would attach a screen shot but can not figure how to do it,

Is there a known problem?

douglas_s RE: Zombie file
Member 15th May, 2011 16:30
Score: 0
Posts: 3
User Since: 14th May 2011
System Score: N/A
Location: US
Well, thanks to another thread on this forum I tried downloading from IE instead of Mozilla. The file passed the Heuristic scan. Perhaps Secunia should include some language regarding the preference to use IE on the initial downloads. Anyway, good forum, thank you.
Was this reply relevant?
This user no longer exists RE: Zombie file
Member 16th May, 2011 09:01

There is no preference for downloading the PSI with IE. Quite the contrary, using a non-ie browser has occasionally helped some users download the PSI installer without corruption occuring in the file.

If you have downloaded the Secunia PSI installer from our website, the file is safe, regardless of what any heuristic scanner tells you.

In that case, it is a false positive with their software, and you could probably alert their support to it.

hope this helps.
Was this reply relevant?
Anthony Wells RE: Zombie file
Expert Contributor 16th May, 2011 11:59
Score: 2468
Posts: 3,356
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 16th May, 2011 12:03
Hi ,

I have always run ZA on my PC from free firewall to Internet Security Suite (+/- Force Field) and now have Extreme Security . I have never used IE to download/update , etc., these programmes always Firefox and on occasion Chrome .

The only problem I have experienced PSI wise - on my XP system - is that the Program Control ->Main->Program Control->Custom ->Enable component control setting WHEN ENABLED tends to block correct access to M$ updates (which are set by me to manual) and so tends to give an error when running a scan and inaccurate results for M$/Windows programmes . This setting is probably overkill on my system anyway and so I tend to leave it disabled .

You may find additional info on the ZA forum (not looked there recently) ; I think your problem has been raised on this Forum some time ago , but cannot find the exact reference atm . As Emil has said , just a "normal" advanced heuristics "false positive" if you are using a signed installation file .

Hope that helps .



It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?

This thread has been marked as locked.

 Products Solutions Customers Partner Resources Company
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
Technology Partners
 About us

Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
Secunia © 2002-2015 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+