Is this a virus?

  techhelp 19:06 26 Apr 05
Locked

Can anyone tell me if this is a virus? If I delete it will that make the system safe? How can I tell what type of virus it is and get the corresponding virus killer to remove it?

C:\Prgoram Files\ehc\hc2\Printers\Troubleshooting\images\ep1.bmp.shs

Thanks.

  VoG II 19:11 26 Apr 05

Seems to be a false positive by AVG click here

  pauldonovan 19:35 26 Apr 05

... I'd be interested to know what else is in your:

C:\Program Files\ehc\hc2
directory? Searches on google return nothing about that path which surprises me. I wonder if anything else in there suggests what that file is for. If the contents shed any light on the file then great.

AVG is right to be concerned as why should a file have a dual extension and it looks like it could be a shell file masquerading as an image....

  VoG II 19:44 26 Apr 05

Try an online scan click here

  Technotiger 19:50 26 Apr 05

Hi, Trojan according to this -


CastleCops :: View topic - Hijack Log
...and failed to clean the following 2: 1: Trojan horse Downloader.Skoob.D 2: looks like and infected .bmp - ep1.bmp.shs. AVG lists it as a...
click here

  techhelp 17:54 29 Apr 05

CAN ANYONE EXPLAIN/HELP?

Did a 'files and folder' search for the '...ep1.bmp.shs' file and found two. I tried renaming them without any success, I was able to delete both files although there seems an awful lot to delete.

Next I turned System Restore off and ran PC-cillin 2002(Results were o.k) and AVG 7.0 gave 'Virus detected' alarm but returned (Results were OK).

What I do not understand is why AVG says during the scan 'Virus Detected', gives me options but the only active option is Continue:-

CONTINUE - closes the Virus detected box.
INFO - there is no further information about this infection
HEAL - required action is not avaialable for this object.
DELETE FILE - required action is not avaialable for this object.
MOVE TO FAULT - required action is not avaialable for this object.

but the test reults at the end of the scan say results were OK?

And as if by a miracle, although I had deleted both ...ep1.bmp.shs files and took all the above actions, guess what has just appeared during a further AVG scan, yes, Virus Detected, but yet again the Test Results:OK.

AVG RESIDENT SHIELD

VISUS DETECTED

While opening file C:\Documents and Settings\ j \Local Settings\Temporary Directory 1 for EHC.ZIP\ehc\ehc2\Printers\Troubleshooting\images\ep1.bmp.shs

Warning: Hidden extension shs.

(Strangely, even though I deleted the two .shs files in Program Files, this has appeared in Documents and Settings as a temporary file with the same extension.) What is going on here?

Does anyone know why AVG will not activate it's own options to - HEAL, MOVE TO VAULT OR DELETE THIS FILE or return Test Results of OK? Have I got a problem and what is the problem? How can I resolve it?

Can anyone explain what is happening here, answer any of the above questions or provide a clear set of instructions I can follow to get rid of this trojan / virus or whatever it is please.

  VCR97 18:48 29 Apr 05

Try the AVG forum at click here

  techhelp 12:10 30 Apr 05

Thanks for that Keith S. will try them for assistance.

This thread is now locked and can not be replied to.

Best phone camera 2016/2017: Galaxy S7 vs iPhone 7 vs Google Pixel vs HTC 10 Evo vs OnePlus 3T vs…

1995-2015: How technology has changed the world in 20 years

Best Christmas Agency Projects of 2016

Super Mario Run preview | Hands-on first impressions of Super Mario Run: Mario's iPhone & iPad…