Trojan horse MusicSearch

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Rhettman5.1

Thread Starter
Joined
Sep 24, 2002
Messages
1,592
Has anyone else heard of this ?
It was picked up by AVG this morning and healed.
The path was C:\Windows\Download Program Files\Downlo~EXE

Nothing was affected that I am aware of..any Ideas where this thing came from, I have winMX and Kazza Lite, but haven't used them for about a month...just curious...Rhett
 

Attachments

Joined
Dec 9, 2000
Messages
45,855
AVG seems to be the only AV picking that up from what I can see. But if it was an .exe in the Downloaded Programs directory, it certainly didn't belong. Shouldn't be anything but ActiveX (ocx) objects there.
 

Rhettman5.1

Thread Starter
Joined
Sep 24, 2002
Messages
1,592
Thanks Rollin, as I said , never executed, so appears to have done no damage, hard to find any info on it though... Rhett
 
Joined
Dec 9, 2000
Messages
45,855
No problem :)

You're right about the paucity of hits, what I found were all AVG users.
 
Joined
Jul 7, 2002
Messages
77
Yesterday I (or rather, SpyBot) also found this in "C:\Documents and Settings\Owner\Application Data\" (have XP). There were 13 files including application, but near as I (and Norton) could tell, nothing much'd been changed. Haven't had any problems with browsing or the like.

Like you, I also wonder how it came to be on my PC.:confused:
 

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
Originally posted by GENERIC:
Yesterday I (or rather, SpyBot) also found this in "C:\Documents and Settings\Owner\Application Data\" (have XP). There were 13 files including application, but near as I (and Norton) could tell, nothing much'd been changed. Haven't had any problems with browsing or the like.

Like you, I also wonder how it came to be on my PC.:confused:
They usually get there because your security settings are too lax.

Here are three recommendations:

1) Go to IE > Tools > Windows Update > Product Updates, and install ALL Critical Updates listed.

2) Go to Internet Options/Security/Internet, press 'default level', then OK.

Now press "Custom Level."

In the ActiveX section, set the first three options ("Download signed and unsigned ActiveX controls", and 'Initialize and Script ActiveX controls not marked as safe") to prompt.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.

Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top