Spyware, Viruses, & Security forum

General discussion

Virus In a microsoft.com download?

by 9SLING / March 5, 2007 10:02 AM PST

I recently began getting various types of errors when starting up XP.
Mostly dll related. So I went to open Spybot SD just to check and it crashed with an error related to riched20.dll. While investigating this something (I dont exactly remember) brought me to decide to download IE7. About 15 seconds into the download PCcillin pops up and tells me that a generic trojan is downloaded and quarantined. Tried cleaning the quarentined files. Couldn't. Deleted them and now I dont find any malware in scans but....

Now whenever I open IE all kinds of weirdness happens. Multiple IEs start cascading across my desktop. Sometimes just one or two open and freeze and I have to kill process to close them. I downloaded an app from Trend that is supposed to find and clean generic trojans but it finds nothing. I tried using NAV.. nothing. Ad-Aware... nothing.
How can I clean something if nothing I use can detect it. It is so strange that PCcillin detected a Trojan during my IE7 download but never detected anything again. Any help or ideas?

Discussion is locked
You are posting a reply to: Virus In a microsoft.com download?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Virus In a microsoft.com download?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Carol posted something similar
by tomron / March 5, 2007 10:54 AM PST

Click HERE,not sure if theres a connection,just a thought.

Tom

Collapse -
Re
by 9SLING / March 5, 2007 11:09 AM PST

Tom,

Yeah, it did sound similar. Although the one thing that concerns me most is something that Carol didn't mention happening to her. PCcillin detected a trojan in my IE download. Now its not being detected and I am still getting all these opening windows. If it were a stuck key or defective keyboard that would be apparent when in a word processor. Unfortunately thats not the case. The paranoid side of me keeps thinking of how my Trend software is expiring soon and have thus far not responded to the "Buy Me" popups that it is giving me. HAHA.

Collapse -
9SLING
by tomron / March 5, 2007 11:14 AM PST

IE 7 might be a mistake since there are known issues,

Does this trojan have a name?

Try AVG ANTI SPYWARE,don't forget to update.

Tom

Collapse -
re
by 9SLING / March 5, 2007 11:17 AM PST
In reply to: 9SLING

No, tom, the only thing Trend called it was "Generic Trojan".

Dave

PS: I never ended up installing IE7. I cancelled the dwnld as soon as the trojan was detected... maybe too late. I will try that AVG though. Thanks.

Dave

Collapse -
I forgot
by tomron / March 5, 2007 11:35 AM PST
In reply to: re
Collapse -
Re
by 9SLING / March 6, 2007 6:17 AM PST

Well this is getting funny now. I went back to try and duplicate what was happening again so I could get more specific info and everything seems fine now. No startup errors no multiple IE windows and still nothing detected on a multitude of virus/spyware scanners. Which, by the way I am only installing and using one at a time.

The suspicious side of me thinks two things: 1) I dont know much about them but I have read some on rootkits which tell your system that viruses are good. But I use rootkit revealer and it finds no problems.

2) My Trend Micro PCcillin Internet Security 2006 is expiring in a week and I have not replied to the emails and popups it is giving me to buy more. I dont put it past any AV company to distribute harmless malware to convince you that their product is worth having.

Hopefully neither of these are the case - especially the rootkit! Strange how Carols similar issue just "stopped" happening too. If something comes up again I will be sure to continue posting here. You are all a helpful bunch! Thank you.

Dave

Collapse -
You're welcome, Dave..
by Carol~ Moderator / March 6, 2007 6:50 AM PST
In reply to: Re

Dave..

You can rest assured I also tried to duplicate it. I'd like to say, "no such luck" .. but I won't. I'm glad I couldn't! For the time being, I consider it behind me. Hopefully, this will be both our experiences.

Quell the 'suspicious side' of you. I wouldn't worry about rootkits. IF our causes were similiar, it's not a rootkit. I scanned with 3 different rootkit scanners. The reason? Just 'cause I had them. Happy I also know "what I do" and "where I go". I highly doubt a rootkit caused it.

I'm glad to hear all is well with you. The best of luck in the future..
Carol

Collapse -
Generic Trojan / Adware Removal Procedures
by Marianna Schmudlach / March 5, 2007 2:36 PM PST
Collapse -
RE: IEs start cascading....
by caktus / March 6, 2007 6:19 AM PST

This kind of thing happened on my ME machine some years back when I learned that one of the kids had been
porn-surfing. (Needless to say, the child got a severe "what-for'ing). I don't recall the name of the adware or spyware program that had been surreptitiously downloaded onto the the computer. But every time I or and anti-malware scanner would find and delete it, it would in turn replicate and bury itself in a different file or folder some where in the system files.

As I mentioned, I don't recall the name of this rascal but this 'magic jumping been' turned out to be a strange program that had magically appeared in
ADD/Remove Programs and MSCONFIG. After removing it from ADD/Remove Programs and MSCONFIG the problem was eradicated.

Hope this is helpful.

Charlie

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?