News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
June 19, 2013, 03:59:32
linktree cexx.org - Support Forums  >  Spyware-Related Stuff  >  Report New Spyware Here
linktree Topic: Microsoft Verifier is a virus or a trojan, and definitely a "pop behinder"
Pages: [1]   Go Down
« previous next »
  Print  
Topic: Microsoft Verifier is a virus or a trojan, and definitely a "pop behinder"  (Read 4418 times)
0 Members and 1 Guest are viewing this topic.
« on: December 25, 2007, 06:50:52 »
polski8 Offline
Newbie

 *

Karma: 0
Posts: 2
I have all the regular precautions, take care of where I go, and use Ad-aware regularly and several others whenever I get the urge, so my system has been clean for some time.

Today, I tried to download DX9 from Microsoft itself, and was told that Microsoft was downloading a new "validator" before it would allow me to download any Microsoft upgrade or product. It actually downloaded while I was reading it. Norton popped up in the middle of reading the message, telling me that a virus had been identified in a file. It gave some strange name I can't recall, like 'GJVMS5.dll" or something like that, and also told me it could not delete it as it had been identified as a sytem file. I clicked "OK" and was presented with a message that Microsoft was validating my system. I noticed a small flash, hit {ctrl alt del} and found nothing. I then hit {alt tab} and saw another instance of internet explorer which DID NOT show on my taskbar. When I tried to bring it to the front, it would not come, and when I minimized the browse, it still did not appear, so I hit {alt tab} again, and HELD IT DOWN and finally got a window listing all my files, and something merrily scanning the contents of EACH TEXT, DOC and HTML file and well as my internet cache. I immediately hard-crashed my computer, unplugged my DSL cable, and restarted my computer, and ran Norton, which gave me the same message about can't delete a system file, then, as I have AVG as a backup, I ran that and was told that my system had been infected by an UNKNOWN trojan and a worm virus, and informed me that it could not remove a system file while the computer was running, that the infected file was in use, but offered to remove it on re-boot, which I did.  Has anyone else encountered this, or is it something new? I finally found a backdoor to Microsoft downloads through mdgx.com (axels max speed) and got my files. I would warn anyone who wants to update a Microsoft product to find the download elsewhere. Thanks, Mike
Logged
« Reply #1 on: December 25, 2007, 10:26:16 »
Malware Scum, Die! 		TeMerc Offline
Countermeasures Leader
Administrator WWW
Karma: 66
Posts: 6145
Not sure where you were getting this download from, I'd like to know the url tho.

More than likely your av popped up an false\positive. Btw, you can go into Norton to check exactly what the file was called, it should be recorded in the logs section.

Alot of the validators they use install in the 'back ground', as for that site, I don't recommend people get patches from anyone but MS. If your system is legal you have no worries. All this nonsense about MS installing viruses has never been proven at all.
Logged

Malware Advisor Blog
Ultimate Countermeasures Page
 
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Page created in 0.622 seconds with 19 queries.