Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ZA unlisted viruses

Status
Not open for further replies.
farmor

farmor

Technical User
Dec 2, 2001
38
US
I have Version 6.5.722 of Zone Alarm running on XP HOme. I use Mozilla Firefox as browser with dial-up modem. From time to time ZA says there is a virus which it lists as Win32.Bardust.A, found in an alphabet soup of supposed programs in Windows and occasionally in "System Volume Information +{alphanumerics}" . ZA doesn't list this "virus" on their seb site and an attepmt to ask them about it received an unresponsive, unintelligible response from a non-native English speaker. The places where it is supposedly found in Windows likewise can not be found in a search with Tools. Recently I've been receiving a pop-up, occasionally, at log-on saying that SysMon is trying to set one of these "programs" to run at startup (after they have been "treated" by ZA). I click deny.Then I receive a pop-up from SpyBot warning that the "program" is going to be deleted from the registry; "allow" or "deny". Apparently SpyBot's usage of the terms is the reverse of what one might expect as I subsequently found the program listed as running on startup.
These "programs" start with a variety of 4 letters which don't suggest any acronym and end with ~enc.exe. I found a similar one in looking at startup with msconfig.
Can anyone tell me what these "programs" are? Is ZA running a scam to pretend they are finding and cleaning viruses? How should I deal with these pop-ups concerning SysMon? (I find Sysmon in Win98 but not in XP) Information on Microsoft's Tech site doesn't correspond with reality as there is no System Monitor pane to be found.
Thanks for any help.
(Usually the "finding" of a virus has occurred when I haven't been on the internet since the last scan or shut down.)
 
Sort by date Sort by votes
Trend Micro's japanese site show a listing for Win32/Bardust.A here.
I don't read Japanese and can't find any more information, but it seems it may be a genuine find.

farmor said:
Is ZA running a scam to pretend they are finding and cleaning viruses
Click to expand...
I'd be very surprised if they were, considering their entire product line is security-based..

You could try downloading ewido's micro-scanner from here and seeing what it picks up. It's a small downloadable .exe that runs without installation, but requires downloading definitions each time it runs.

HTH

TazUk

[pc] Blue-screening PCs since 1998
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bpellet314
  • Locked
  • Question
ZA versus McAfee Free Security Suite for at&t Customers
Replies
0
Views
50
bpellet314
bpellet314
jrpatdlgs
  • Locked
  • Question
ZA in use, IE stops responding
Replies
0
Views
73
jrpatdlgs
jrpatdlgs
beefeater267
  • Locked
  • Question
Run ZA Pro 6 From Command Line ?
Replies
1
Views
59
oksofar
oksofar
jagoan
  • Locked
  • Question
Hacked by Zay
Replies
3
Views
110
smah
smah
Bebosan
  • Locked
  • Question
ZA Security Suite 6 firewall configuration...
Replies
0
Views
57
Bebosan
Bebosan

Part and Inventory Search

Sponsor

Back
Top