Hi all,

I posted on this earlier, but I have new information that redirects the questions. If I am meant to edit the old question instead of post a new one, please inform me so that I may do that in the future.

Zonealarm picked up a virus in my system restore data the other day called Virus.DOS.horse. Quarantined it and all was well. However, I am baffled as to how it got in there. I am careful with my browsing and downloading, I keep ForceField browser virtualization on at all times, and ZoneAlarm never alerted me previously to any infected files, even after scheduled scans. My only theory is that a temporary file from some internet-based program got infected and archived. Now, I've heard that some virtualization programs can archive sandbox data in system restore, and perhaps a sandbox infect-me decoy file from ForceField got archived somehow. Anyone know anything about this, or how to stop it? I haven't cleared my virtual data in some time. Not too worried as restore is an archive and viruses cannot run out of it unless a restore point is restored. It's just rattling anxiously around in my brain until I can get an answer.

Secondly, I'm baffled as to how this file was brought to my attention. I had no scans scheduled for that day, and viruses cannot run out of restore, so on-access scanning is out. I did leave the computer idle for roughly ten minutes after starting it up, and my scheduled scans do get backed up as I don't use that computer too often, so it could have done a quick scan and picked it up, although I didn't know that quick scan scanned the restore files. Is there some background monitoring that could have picked it up even though it wasn't accessed? I'm using Zonealarm Extreme Security.

Anyone have any alternative explanations for these questions? Anyone have any info on this virus?


Peace out and God bless.