I've recently scanned my PC for viruses and Ive found 2 downloaders

Win32/TrojanDownloader.Swizzor.AG trojan
Win32/TrojanDownloader.Swizzor.Z trojan

my logs are:

Scan performed at: 2004/07/25 4:03:34
Scanning Log
NOD32 version 1.820 (20040723) NT
Operating memory - is OK

date: 25.7.2004 time: 04:03:41
Scanned disks, directories and files: C:; D:; E:
C:\pagefile.sys - error opening (file locked) [4]
C:\Documents and Settings\*****\Local Settings\Temp\Rem14.exe - Win32/TrojanDownloader.Swizzor.Z trojan
C:\Program Files\C2Media\Setup.exe - Win32/TrojanDownloader.Swizzor.AG trojan
number of files scanned: 14296
number of viruses found: 2
time of completion: 04:08:16 total scanning time: 275 sec (00:04:35)

Notes:
[4] File cannot be open. It is being exclusively used by another application or operating system.

Ive checked the date of the rem14 file and the c2media setup file and I was dated since april!! I always perform a monthly scan of my entire PC with norton 2002, but it looks like it skipped those files. I'm very curious about the nature of downloader viruses. I usually do alot of transactions/purchases on the internet since then (plane ticket shopping, ebay, online store purchases) and Im really affraid that my Credit Card # was compromised. Is it possible that those files are the remains of a virus purge norton purformed a couple of months ago and they were pretty much useless without its other vital components? Or am I utterly in deep doo doo and should just cancel my CC and transfert all payments onto a new card?

PS. Last Ive checked, which was today, there were nothing wrong with my CC balance.

well first off am glad u useing nod32 its the best scanner out there .i would throw that norton piece of crap out remove it since its not detecting anything, its only takeing up system resources and space.

another good av and its free is www.grisoft.com use it if u want free reliable protection but i would stick with nod32.

if u find a file that cant be removed try running nod32 in safe mode..should remove most non removeable or active viruses.

now as far as that downloader its possible that information might have been keylogged but if u havent noticed any problems u might be in the clear.

also are u useing a firewall such as zonealarm or sygate..these will protect any outbound or inbound problems.

another question is are u useing spyware programs to protect your computer here are some to use.

free=adaware

free scan but paid versions
pestpatrol
spyware eliminator
xoftspy
webroot spysweeper..for hijack protection

these are the best i found and most effective if i didnt list it its not very effective.

any questions just post or email.

goodluck

Thx. Well I usually delete all my cookies and temp files after I do something with my credit card, as an extra security mesure. Still even with that on mind, Im still abit paranoid.

I usually don't use firewall software, I kinda figured that since I'm behind a router/gateway, I leave all the firewalling to the router. Should I still get myself a firewall software?

I mainly use spybot and spywareblaster. But Ive read somewhere that spybot is getting too outdated. I might switch back to adaware (I got spybot back in the days when it still updates frequently)

PS I find NOD32 really really awesome. Its simple to use, nice interface, scans really quickly, doesnt each alot of ram, notifies you very very quickly if it sees a possible infected file when you browse thru your hdd and does the job better than norton.

yes i would get a software firewall..useing a router isnt enough...and keep that firmware on router updated..check with your brand and model and go to their website for latest firmware patches..

now the reason i said get a software firewall is 1. u can never be to safe, no such thing as being too safe. 2. u max your protection by blocking more stuff out that even thinks of sneaking thru the router...

i notice too your not useing enough spyware protection u should..as no one program gets everything...review my last post above on what are the best programs to use as spyware detectors and i can honestly say i bet they will find what adaware didnt period.

as for the choice of firewalls i found no better one than

zonealarm pro. they have a free version if u want to use but paid version is the best.

sygate is also free and very good..

good luck any questions post or email.

p.s. setup file on trojan was the day it was created by the hacker/programmer i wouldnt worry about it unless u noticed something extra on cc. i usually open up the trojans to see if they contain keyloggers and stored data, most do and some dont, this one i believe doesnt.

heres a follow up on my post above on info about your trojans this should make u happy and not to worry about your info spreading.

Troj/Swizzor-AG is a downloader Trojan that attempts to download files from predefined URLs, attempts to download and execute EXE files from a remote website.

Troj/WebDL-AA(Swizzor-Z) is a variant of the Troj/WebDL downloader Trojan family
that attempts to download and run potentially malicious program from some
pre-configured websites.
Troj/WebDL-AA may replace the original IE settings i.e. Start Page, Search Page with the following links

'Website Hosting.lnk'
'Bingo .lnk'
'Casino Online.lnk
'Printer Cartridges.lnk'
'Card Games.lnk'
'Investing .lnk'
'Internet .lnk'
'Travel .lnk'
'Explore Internet.lnk'
'MP3 Downloads.lnk'

Troj/WebDL-AA attempts to download files wa_small.ex2 and wa_big.ex2
from //bins.mysearchnow.com/bins/.

anything on your browser that did match this u know what it was..so i would worry about your information getting out as those 2 trojans for merely for adaware and site mapping.

hope this helps good luck. feel free to email.