Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Dr. Lawrence Ho

2 Intern

 • 

2K Posts

8205

June 21st, 2006 13:00

A warning about a malicious program.

Yesterday, while browsing from Googgle for legal information, a download box suddenly appeared and downloaded something.  This was followed by the message, "Your product is updated."  I was unable to stop the download. Then I immediately scanned with Mcaffe antivirus, Windows Defender, and Spy Sweeper, but found nothing.  On restart, I discovered that Mcaffe AV was missing.  I did a system restore and reinstalled the AV.  Does anyone know what attacked me?

bamajim

10.4K Posts

June 21st, 2006 14:00

paindoc

Just from the description it would be difficult to determine whether the program was malicious or not. Since you have a couple of anti spyware programs running, update downloads are not uncommon.

But the fact that Macafee disappeared, that is not a good sign.

If you feel that your pc could be infected, you could post a Hijackthis log to examine. To do that

Go Here And download HijackThis

Save it in a convenient permanent folder such as C:\\HJT\\, double click HijackThis.exe, and hit "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that, save the log, Ctrl-A to Select All, and copy its contents AT THE LINK BELOW


LINK

and include a description of the problem along with your log

Please do not be tempted to "fix" on your own. Hijackthis is a very powerful tool, if used incorrectly can cause system problems

bamajim
Training at Malware Removal University

Dr. Lawrence Ho

2 Intern

 • 

2K Posts

June 21st, 2006 15:00

Aside from too many G's in Google, and extra f and missing e in McAfee in my previous post, I found no changes in HijackThis.  Windows now operates as expected.  The update window was not the kind of notification I get for any of my programs.  Further, no source or end program was identified.  There are trojans around that will remove an AV program.  I plan to check with McAfee if their no service people will respond.

bamajim

10.4K Posts

June 21st, 2006 15:00

paindoc

please reply if I can help further

bamajim

Training at Malware Removal University

chuket

1.4K Posts

June 22nd, 2006 03:00

paindoc

Do a 'scan online' here:

http://www.bitdefender.com/

It might find something your AV missed.

Dr. Lawrence Ho

2 Intern

 • 

2K Posts

June 22nd, 2006 14:00

chuket, Thanks.  I will scan at the suggested site.   After a restore and reinstall of McAfee which eventially needed using the McAfee "Black M tool," I am reasonably sure the computer is clean.  I'll post if anything turns up.
Support our troops!

Dr. Lawrence Ho

2 Intern

 • 

2K Posts

June 22nd, 2006 17:00

chuket, I didn't do the suggested scan yet, as I was about to start it, McAfee flashed a warning that I had a New Poly Win32 infection in tmp 000f154b4.  I have deleted everything in the temp folders.  The virus is no longer detected.   Initially, the message noted that while New Poly Win32 was detected it could not be removed or repaired.

Was this post helpful?

View All

No Events found!

Top