need help with possible virus

[Guest Tim.T]

I've just finished a complete virus and spyware sweep using ZoneAlarm

Internet Security Suite 7. I found two files in a Temp folder on another

drive supposedly infected with the "ipWins" Trojan (I think that was the

name). One or both files were named "System.dll" and when I rightcliked it

to examine its properties, it didn't have what you'd expect. Instead it

looked more like what you'd get if you rightclicked a JPEG or movie file.

That made me suspicious. Anyway, after quarantining and deleting those files

and emptying the Temp folder I noticed that the ZoneAlarm program group on

my Start Menu has been emptied (it was there before), and even though I have

"Hide extensions for known file types" checked, file types on my pc had

their extension shown. I've managed to get that back to normal now, though

I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly let

this thing reside on my PC without flagging it up only after a manual scan.

It IS set to scan and monitor every file).

 

What makes me mad is often when I download what I think are trustworthy

application setup files, for example the latest DivX drivers, sooner or

later my AV scanner flags one or all of their files as a Trojan or

something - I'm pretty certain that's where these two files originated. I'm

usually so careful about these things and always scan my PC.

 

Anyway, are these the symptoms of a virus? Should I still be concerned that

the virus is still present? Anyone know a good tool or website where I can

scan my system again, for a second opinion, so to speak?

 

Cheers,

Tim

[Guest Pablo]

Re: need help with possible virus

 

I heard Trend Micro has a decent online scanner.

 

"Tim.T" <blah@blah.com> wrote in message

news:Op3m3mZxIHA.4876@TK2MSFTNGP02.phx.gbl...

> I've just finished a complete virus and spyware sweep using ZoneAlarm

> Internet Security Suite 7. I found two files in a Temp folder on another

> drive supposedly infected with the "ipWins" Trojan (I think that was the

> name). One or both files were named "System.dll" and when I rightcliked it

> to examine its properties, it didn't have what you'd expect. Instead it

> looked more like what you'd get if you rightclicked a JPEG or movie file.

> That made me suspicious. Anyway, after quarantining and deleting those

> files

> and emptying the Temp folder I noticed that the ZoneAlarm program group on

> my Start Menu has been emptied (it was there before), and even though I

> have

> "Hide extensions for known file types" checked, file types on my pc had

> their extension shown. I've managed to get that back to normal now, though

> I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly

> let

> this thing reside on my PC without flagging it up only after a manual

> scan.

> It IS set to scan and monitor every file).

>

> What makes me mad is often when I download what I think are trustworthy

> application setup files, for example the latest DivX drivers, sooner or

> later my AV scanner flags one or all of their files as a Trojan or

> something - I'm pretty certain that's where these two files originated.

> I'm

> usually so careful about these things and always scan my PC.

>

> Anyway, are these the symptoms of a virus? Should I still be concerned

> that

> the virus is still present? Anyone know a good tool or website where I can

> scan my system again, for a second opinion, so to speak?

>

> Cheers,

> Tim

>

>

>

>

>

[Guest DL]

Re: need help with possible virus

 

DivX & codec updates are frequently infected & are not files you should

update from other than a known source ie a hardware manufacturer

You are likely infected with malaware / trojans that are often not detected

by AV apps

Download update & run all of;

MS Defender

SpyBot

Adaware

 

 

"Tim.T" <blah@blah.com> wrote in message

news:Op3m3mZxIHA.4876@TK2MSFTNGP02.phx.gbl...

> I've just finished a complete virus and spyware sweep using ZoneAlarm

> Internet Security Suite 7. I found two files in a Temp folder on another

> drive supposedly infected with the "ipWins" Trojan (I think that was the

> name). One or both files were named "System.dll" and when I rightcliked it

> to examine its properties, it didn't have what you'd expect. Instead it

> looked more like what you'd get if you rightclicked a JPEG or movie file.

> That made me suspicious. Anyway, after quarantining and deleting those

> files

> and emptying the Temp folder I noticed that the ZoneAlarm program group on

> my Start Menu has been emptied (it was there before), and even though I

> have

> "Hide extensions for known file types" checked, file types on my pc had

> their extension shown. I've managed to get that back to normal now, though

> I'd still like to know why it happened. (I'm a bit annoyed ZA seemingly

> let

> this thing reside on my PC without flagging it up only after a manual

> scan.

> It IS set to scan and monitor every file).

>

> What makes me mad is often when I download what I think are trustworthy

> application setup files, for example the latest DivX drivers, sooner or

> later my AV scanner flags one or all of their files as a Trojan or

> something - I'm pretty certain that's where these two files originated.

> I'm

> usually so careful about these things and always scan my PC.

>

> Anyway, are these the symptoms of a virus? Should I still be concerned

> that

> the virus is still present? Anyone know a good tool or website where I can

> scan my system again, for a second opinion, so to speak?

>

> Cheers,

> Tim

>

>

>

>

>