Only got this PC yesterday lunch time, installed Zone alarm and AVG before going online but when I just run AVG it reports a virus as follows -:

program files\helpcentre\EHC.ZIP: \ehc\hc2\printers\Troubles.hoo\images\ep1.bmp.shs warning hidden extention still infected

Is this a virus or a false alarm?

It is a ZIP file dated 03/02/2003 and looks like a normal help file of some sort.

I have not noticed any problems so far.

I just googled "ep1.bmp.shs" and it did not find anything, so I am guessing its a false alarm?

nothin on yahoo, or symantic either

Files dont need double extentions though so why does that have one?

Having just changed from ME to XPPro I am being asked by Zonealarm whether I wish to grant permission for Gerneric Host Process for WIN32 Services to be allowed server access. Should I allow this?

If I remember correctly, WIN32 Services is used by one or more essential processes. (I have it marked for OK at all times in my ZA)

You can always disallow a permission request and see what happens. Typically, what you want to do either works, in which case you did not need to allow it, or it doesn't work, in which case at that point you need to open the ZA Control Center and mark it to either 'prompt' if you are still not sure, or permit if you are.

In the former case, you will be asked again for permission, which typically follows somehting you are trying to do.

You can also use Google to search and there are one or more websites devoted to giving you information on each process, if you have the time and interest.

From what I found on the net shs = Shell Scrap Object, I found this http://filext.com/detaillist.php?extdetail=SHS so I reckon it is not a virus (hopefully):)

Originally posted by williegunn
Having just changed from ME to XPPro I am being asked by Zonealarm whether I wish to grant permission for Gerneric Host Process for WIN32 Services to be allowed server access. Should I allow this?

allow it access but not server rights

Double extension is a VERY bad sign - as if you normally hide "known extensions" - you will see an apparently innocuous "BMP" - instead of the more alarming SHS.

Shell Scrap DOES have hostile capabilities, as the link given clearly mentions!

As it stands, it's inside the ZIP file - and probably harmless from there, but unless you can attribiute it to a genuine source, I'd be VERY, VERY wary!

ditto, double extensions are a very very bad sign. id want to know a 100 percent the source of it first, before any action is taken.

Right click and look at its properties.

Nig:)

y not create a restore point, delete the file and see hoe it goes, any probs restore system.

uff restore points, one of the first things i do when i install windows is turn it off.

find them invaluable meself, but each 2 their own.

By the look of the zip file in question I reckon it was on the pc as I received it and installed by Evesham.

did you get a restore disc or a full XP disc?

restore disc.

Man why dont they just give the full CD out anymore :\ you will just have to remember what it is next time you do an install then mate. Out lass's Toshiba laptop came with a restore disc so i formatted it with my XP home CD and used her licence key to activate it, as far as i know its still legal and it doesnt have all the shite on it that toshiba reckons she needed.