SPAM ALERT: Your PC(s) may be infected with a computer virus that sends out large amounts of spam. As such, your outbound email service has been temporarily suspended. Please click below for more details.
It tells me to click below and I download the trial version of Trend Micro Pc-Cillin Internet Security. It finds this:
dmdsmp4s.dll WORM_STRAT.AB
qediwdig.dll WORM_STRAT.AB
el.dll WORM_STRAT.FQ
webcnwpr.dll WORM_STRAT.FQ
So I am unable to quarantine the files. They aren't listed in the registry. Then Trend Micro PC-cillin quarantines 8 viruses. The files are deleted somehow.. I forgot what I did. I try my email account (firefox) and it works again.
Now, today I get the same message about my email being disabled. I now have 4 messages across my screen for Trend Micro. These are new ones.
WARNING! Computer virus found
confcio.dll TROJ STRATIO.SA
ciastat.dll TROJ STRATIO.SA
CIO STAT.DLL TROJ STRATIO.SA
CONFCIO.DLL TROJ STRATIO.SA
Another thing, Mozilla keeps opening windows. I had 15 windows open across the screen with no information in the properties. This is too weird.
What do I do? This is really frustrating and it takes over 30 minutes to do a computer scan. I don't know how this happened.
Will the Trend Micr PC-cillin work better if I buy it and it isn't just the trial? It won't fix it.
The message PCcillin gives is this:
Protection Against Viruses Warning What caused this warning? This warning opened because PC-cillin Internet Security found but could not clean a virus or Trojan horse program.
Why could PC-cillin Internet Security not fix the problem? A virus or Trojan horse program may prove uncleanable for a variety of reasons. Viruses found in files burned to a CD or DVD cannot be removed, for example, because PC-cillin Internet Security cannot make edits to these forms of storage media. An infected executable file that has already launched may prove impossible to interrupt. In certain cases, email and instant messages can also prove difficult to disinfect.
What to do now Open the main console, and click Virus & Spyware Controls.
Under Virus & Spyware Quarantine, click Examine Quarantined Files.
Click Add to add the program causing these warnings to the quarantine. Future updates may allow you to clean the file at a later time.
If unable to quarantine the file, try deleting the infected file if you do not need to keep it.
What do I do now? ************************************************************* 09-28-06, 04:19 PM Georgia85 This screams of a phishing scheme with a virus attached. First, how did you get the notice? Was it in an e-mail? Secondly, when you clicked on the link did you "view source" to see if the link took you to the authentic Pc-Cillin Internet Security site? It very well could have taken you to a forged site and then there is no telling what software you downloaded.
My first suggestion would be to go to your Control Panel and uninstall this "trial" version and then try to do a system restore to a time when your computer was acting normal. System Restore is usually found under Start>Progams>Accessories>System Tools. Try it and then let us know what happens. ************************************************************* 09-28-06, 05:08 PM clarebear My internet provider disabled my email and gave me the link for The Pc-Cillin. The message was on my browser, not in an email. The trial version isn't the problem. Actually, the trial version has quarantined 19 items already. 2 days ago my internet provider had the error message on my screen saying it had disabled my mail account due to an excessive amount of mail being sent. It said to click below. "Below" was a link to the PC-cillin. I first tried to send an email and it wouldn't work. I then did various scans and tried a few other antivirus programs. I even tried PC Tuneup and others. I don't know what to do now. I never used system restore and had it disabled. When I tried to restore to an earlier time, it wanted to have today be a start point. ************************************************************* 09-28-06, 07:16 PM clarebear So far I have used:
Spy Bot PC Doctor Anti-Trojan Shield AVG Trend Micro PC-cillin Symantec check
*sigh* Frown ************************************************************* 09-28-06, 07:19 PM Georgia85 OK - go to AOL, create an account, and download the AOL security center. It has a virus scan as well as spyware protection and a computer checkup. AOL services are now free Smile Also try Microsoft Defender - it is a free download off of microsoft.com ************************************************************* 09-28-06, 07:33 PM clarebear Thanks Georgia. ************************************************************* 09-28-06, 07:43 PM Georgia85 Clare - I don't pretend to know how to fix this and about all I can do is offer suggestions for computer scans. When my computer gets mucked up I usually run every scan I have and then do a system restore. Hopefully Dwight will come along for you. ************************************************************* 09-28-06, 07:52 PM Dwight Try running the Anti-Virus in Safe Mode. If the virus program is running, it will not be able to be deleted. In Safe Mode, hopefully the virus program won't run, so that it can be deleted.
Also, once the virus is removed, I suggest you run a second virus scan provided by one of the online services to double check that all infected files are removed. http://www.pcpitstop.com is a good one.
Be sure to delete the System Restore so that the system doesn't get reinfected again. This page shows how to shut system restore off, then how to restart it after recovery.
Shut off System Restore The above link shows the steps for setting a restore point on WinXP. Instead of unchecking it, click to check the shut off option. Then once the system is cleaned and has been restarted in normal mode, go through the steps to set a new restore point.
This picture shows the IE image resize tool. If the image is to small to read, move your cursor to the lower right side of the image. When you see the image resize tool (as show in the link above), click it to set the image size. You can also just download the image (Right-click, save picture as).
To run A Windows machine in Safe Mode: Click Here Please read the section pertaining to the Operating System installed on your computer.
Finally, there will likely be elements of the virus in the I386 folder and in the Prefetch folder. Do a search for any files that you noted in the virus scan and delete any of these files that you see. You want to eliminate these so the virus does not come back on you.
Then ask yourself; How did this virus get past my system protection? Do I need a better AntiVirus Program? I like AVG, which is a free download from Grisoft at This site Others here have expressed a preference for other downloadable Anti-Virus programs. If you want to see other options a post about preferred utility antivirus software will generate lots of replies.
Virus infections often are the result of spyware. The spyware gets into your system, then disables the antivirus software and allows the infected files to enter. In this day and age, Spyware Protection is a must. See my page at http://dwightblackburn.com#spyware
Dwight ************************************************************* 09-29-06, 05:21 AM clarebear Thank you Dwight. I will try to scan in safe mode. I'm not sure how it got past the AVG. Confused My internet provider informed me of the virus when they disabled my email. The link they gave me was the PC Cillin. When I uninstalled AVG and got this new program, it found over 20 viruses and worms. I went to PCPitstop and PC Hell. They found a lot of cookies and adware but no viruses. I first had 4 worms and now I have 4 Trojans. I have bugs. Frown
I will keep trying.
This message has been edited. Last edited by: clarebear, 09-29-06 05:37 AM ************************************************************* 09-29-06, 09:56 AM clarebear I got rid of the PC-cillin and reinstalled AVG and spysweeper. AVG found 2 more. I then went to PC Tuneup and its still there!
Scan Results: Virus Infection Found Our scan of 5371 files found these viruses: The Trj/Agent.CTE Virus was found in file C:\WINDOWS\system32\hticwmis.exe The Trj/Agent.CTE Virus was found in file C:\WINDOWS\system32\hticwmis.exe
DISINFECT IMMEDIATELY!
Virus infections can destroy data and infect other users via networks or your email contact list! We recommend these two important steps:
Immediately eliminate this virus infection. Some viruses continue to do damage as you run the PC; some will send out viruses to everyone in your address book and to anyone who sends you an email. To prevent or minimize damage, you must eliminate the virus NOW. Take steps to avoid reinfection. If this system has become infected with a virus, the chances are high that it will happen again in the future. To protect your PC against future viruses, install an antivirus program. For a complete solution... ... we recommend EZ Antivirus from Computer Associates. By signing up for their service you can immediately remove your current virus infection and prevent new ones. Also try EZ Armor for the complete protection of an antivirus and firewall.
Mozilla keeps opening phantom windows. I'm getting frustrated. Mad ************************************************************* 09-29-06, 11:57 AM Dwight
quote: I'm getting frustrated
That is why we want to avoid these problems in the first place...and I'm not trying to be a wise***, just stating why so much effort is placed on prevention.
In Windows Safe Mode, search for and delete
C:\WINDOWS\system32\hticwmis.exe
Be sure to stop the Restore Point and then do another search for any infected filename that you can recall. If any are found in the Prefetch or especially in the I386 folder, delete that, too.
It is possible that the virus is regenerating itself as you remove it. If this is the case, this can be a long hard struggle to clean. But try these last steps and then rescan the system. If more pop up, you may be further ahead to just reformat the drive and then reinstall everything.
Do you have backups already? Have they been isolated so that they are sure to be free of infection?
If not, be very careful to scan and clean the backup files before reinstalling them after infection.
Dwight
By-the-way, I thought I should add... If it would be easier for you, you can delete the C:\WINDOWS\system32\hticwmis.exe file using the Command Line
Click Start/Run Type in: cmd Click OK
type in:
del C:\WINDOWS\system32\hticwmis.exe
Press Enter
This may be possible to do in normal mode, but if it won't delete there, go to safe mode.
Also, you could just find the C:\WINDOWS\system32\hticwmis.exe file in Windows Explorer and delete it that way, too. Again, though it may be necessary to do this in Safe Mode.
This message has been edited. Last edited by: Dwight, 09-29-06 12:16 PM ************************************************************* 10-01-06, 09:25 AM vansrme Clare, I hope nobody is offended by this, but if it were me, I'd get rid of AVG altogether, as its not very good at detecting Trojans. I use Antivir and Avast, mainly because they're so good at finding and getting rid of Trojans and viruses. You can find them at:
Antivir is a little easier to use, but both are very good in my opinion. Please post again if you have any questions about either program.
chris
10-01-06, 02:17 PM clarebear I think I got rid of it. AVG caught it yesterday and so far so good. *crosses fingers*
Dwight
Thank you so much for your help. I did try to delete it but I guess its gone. I need to straighten this out and then finish working on converting chat. I owe ya a smilie. Big Grin
Chris
Nice to see you! AVG did not detect it the first time. I downloaded too many free trials and the then deleted them trying to fix this. I think AVG fixed it for now. I will take a look at the sites you listed. Smile
I do have a followup question.
I downloaded spysweeper which I had before. That Micro PC-cillin made me delete it. When I tried to download another free version of spysweeper I ended up having to get a free download manager (which I want to get rid of). I now have a trial version instead of the free version I had.
Where can I get the free Webroot Spysweeper that isn't the trial one? I've had it for a few years and I really like it. Is it still free? ************************************************************* 10-02-06, 01:23 PM Dwight
quote: Then ask yourself; How did this virus get past my system protection? Do I need a better AntiVirus Program? I like AVG, which is a free download from Grisoft at this site. Others here have expressed a preference for other downloadable Anti-Virus programs. If you want to see other options a post about preferred utility antivirus software will generate lots of replies.
As I said above, there are lots of different options available concerning your choice of Anti-Virus software and Firewall protection. Which one you prefer is really up to you.
You can test the security of your system at this site: Click Here
PS: to Vansrme, I'm certainly not offended because you prefer a different software. I like to see different choices offered because I'm always open to suggestions of better software.
Dwight
This message has been edited. Last edited by: DorianGreyed,
Posts: 5308 | Location: The Motor City | Registered: 06-03-02
