need help with possible virus

  • Thread starter Thread starter Tim.T
  • Start date Start date
T

Tim.T

I've just finished a complete virus and spyware sweep using ZoneAlarm
Internet Security Suite 7. I found two files in a Temp folder on another
drive supposedly infected with the "ipWins" Trojan (I think that was the
name). One or both files were named "System.dll" and when I rightcliked it
to examine its properties, it didn't have what you'd expect. Instead it
looked more like what you'd get if you rightclicked a JPEG or movie file.
That made me suspicious. Anyway, after quarantining and deleting those files
and emptying the Temp folder I noticed that the ZoneAlarm program group on
my Start Menu has been emptied (it was there before), and even though I have
"Hide extensions for known file types" checked, file types on my pc had
their extension shown. I've managed to get that back to normal now, though
I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly let
this thing reside on my PC without flagging it up only after a manual scan.
It IS set to scan and monitor every file).

What makes me mad is often when I download what I think are trustworthy
application setup files, for example the latest DivX drivers, sooner or
later my AV scanner flags one or all of their files as a Trojan or
something - I'm pretty certain that's where these two files originated. I'm
usually so careful about these things and always scan my PC.

Anyway, are these the symptoms of a virus? Should I still be concerned that
the virus is still present? Anyone know a good tool or website where I can
scan my system again, for a second opinion, so to speak?

Cheers,
Tim
 
I heard Trend Micro has a decent online scanner.

"Tim.T" <blah@blah.com> wrote in message
news:Op3m3mZxIHA.4876@TK2MSFTNGP02.phx.gbl...
> I've just finished a complete virus and spyware sweep using ZoneAlarm
> Internet Security Suite 7. I found two files in a Temp folder on another
> drive supposedly infected with the "ipWins" Trojan (I think that was the
> name). One or both files were named "System.dll" and when I rightcliked it
> to examine its properties, it didn't have what you'd expect. Instead it
> looked more like what you'd get if you rightclicked a JPEG or movie file.
> That made me suspicious. Anyway, after quarantining and deleting those
> files
> and emptying the Temp folder I noticed that the ZoneAlarm program group on
> my Start Menu has been emptied (it was there before), and even though I
> have
> "Hide extensions for known file types" checked, file types on my pc had
> their extension shown. I've managed to get that back to normal now, though
> I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly
> let
> this thing reside on my PC without flagging it up only after a manual
> scan.
> It IS set to scan and monitor every file).
>
> What makes me mad is often when I download what I think are trustworthy
> application setup files, for example the latest DivX drivers, sooner or
> later my AV scanner flags one or all of their files as a Trojan or
> something - I'm pretty certain that's where these two files originated.
> I'm
> usually so careful about these things and always scan my PC.
>
> Anyway, are these the symptoms of a virus? Should I still be concerned
> that
> the virus is still present? Anyone know a good tool or website where I can
> scan my system again, for a second opinion, so to speak?
>
> Cheers,
> Tim
>
>
>
>
>
 
DivX & codec updates are frequently infected & are not files you should
update from other than a known source ie a hardware manufacturer
You are likely infected with malaware / trojans that are often not detected
by AV apps
Download update & run all of
MS Defender
SpyBot
Adaware


"Tim.T" <blah@blah.com> wrote in message
news:Op3m3mZxIHA.4876@TK2MSFTNGP02.phx.gbl...
> I've just finished a complete virus and spyware sweep using ZoneAlarm
> Internet Security Suite 7. I found two files in a Temp folder on another
> drive supposedly infected with the "ipWins" Trojan (I think that was the
> name). One or both files were named "System.dll" and when I rightcliked it
> to examine its properties, it didn't have what you'd expect. Instead it
> looked more like what you'd get if you rightclicked a JPEG or movie file.
> That made me suspicious. Anyway, after quarantining and deleting those
> files
> and emptying the Temp folder I noticed that the ZoneAlarm program group on
> my Start Menu has been emptied (it was there before), and even though I
> have
> "Hide extensions for known file types" checked, file types on my pc had
> their extension shown. I've managed to get that back to normal now, though
> I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly
> let
> this thing reside on my PC without flagging it up only after a manual
> scan.
> It IS set to scan and monitor every file).
>
> What makes me mad is often when I download what I think are trustworthy
> application setup files, for example the latest DivX drivers, sooner or
> later my AV scanner flags one or all of their files as a Trojan or
> something - I'm pretty certain that's where these two files originated.
> I'm
> usually so careful about these things and always scan my PC.
>
> Anyway, are these the symptoms of a virus? Should I still be concerned
> that
> the virus is still present? Anyone know a good tool or website where I can
> scan my system again, for a second opinion, so to speak?
>
> Cheers,
> Tim
>
>
>
>
>
 
Back
Top