Congrats To Me
I'm the proud father of a bouncing, baby computer virus. Do I deserve congrats for letting it get on my computer on the first place, or finding it?
Looks like no harm done.
I came home from the Bay Area yesterday and went to check my e-mail. The Zonelabs virus scan starts up, as it does when it's scheduled to. I get rather annoyed with that and nearly always cancel the scan. After all, everything that goes into the computer gets scanned. How could I have a virus?
I decided to let it run this time, since it is a good idea to scan for viruses on occasion. Did a full scan on the laptop last week for the same reason, with negative results. After all, you could download a virus that hasn't yet been added to your anti- virus program's virus definitions.
So I let the scan continue since I couldn't remember the last time I did a full scan.
Went out to clean out my truck, coming in occasionally to check on the scan progress and after about twenty minutes saw something I'd never seen before: The Zonelabs virus scan window showed an infection found. That got my attention.
The scan finishes and I check out the virus. Zonelabs says it's: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b
It was in my Documents and Settings file. I went in to the file but couldn't find the virus. I was a little nervous about deleting something in Documents and Settings so tried to find out what this supposed virus does. I click on Zonelab's More Information tab and I'm sent to this page.
Gee. That sure helps.
So I go to the Symantic (Norton Anti- Virus) web site and see if they have any info on it. A search there comes up with nothing. I then try doing a Yahoo search for not-a-virus and get this page with no real specific information I could find in any of the links. One page said something about the "virus"(assuming I'm reading it right) being some kind of remote control application.
Rather strange there isn't more info on this supposed virus.
I was nervous about deleting it so went ahead and Quarantined it. Supposedly it can't do anything if it's quarantined and, if I find not having the file screwed something up, I can always restore the virus and then repair it.
But everything's working fine and seems to have been working fine for some time.
I'm wondering how it got on this computer? I suspect it was one of those web sites I mentioned here a while back where I clicked on some link and the download window popped up. After I supposedly downloaded something in two seconds, I couldn't find anything that had been downloaded.
Pretty clever of whoever did it. I'll have to run virus scans more often.