When performing anti-spyware scan with ZA Pro, win32.trojan.psw.ldpinch.vm was identified as spyware with moderate risk and a suggested action of quarantine. When I took ZA's suggestion and rebooted, I got the blue screen of death and was put into continual rebooting mode. I was able to boot into safe mode which makes me believe that the problem could be due to a startup item but which one. Fortunately, I had a recent image backup and was able to restore and continue computing but not without a two hour interruption.

I Googled for the piece of spyware without the .vm suffix. I found a number of search results for this spyware with an .ajs suffix but none of .vm. All the responses indicated that treating the item as spyware was a false positive that seemed to occur only ZA and the spyware causes no harm. However, none of the responses indicated what the spyware did.

I had a similar problem with Adware which is why I switched to ZA. At least ZA gives you the option of changing the suggested action whereas Adware did it automatically perhaps due to my preference settings. I have since performed another scan and selected the action of ignore once and rebooted without incident. I wanted to get more information before I took the action of always ignore.

First, the lesson I learned is that it is better to Google first before quarantining. Is there a better way?

Secondly, does anyone know what this spyware does or what program it is associated with?

Finally, what do the suffices .ajs and .vm refer to?

I Googled for answers to the last two questions and found no help.

Dunno about .ajs and vm [maybe something to do with virtual machine] but don't forget you can always restore stuff from quarantine in ZA if it happens again.

Since I cannot reboot in normal mode, I am assuming that I would be able to restore from quarantine in safe mode.

Is my assumption correct?

I'll have to read up on the restore procedures unless you want to save me the aggravation?

BTW, have I told how youthful you looK? :-)

Jack,

I hope that you can "rip" off the procedures to restore a quarantined piece of spyware because having gone through the Help manual I could not find any reference to restore procedures.

Hold on Jack!!!

Stupid me; I went to the Help procedures. Like putting together the kid's bike on Christmas Eve night, don't read the instructions; just do it!

The restore option is in the spyware section under the quarantine tab.

Haha -I'm too late, you've already sussed it out yourself. :D



Youthful???