Malware or pop-up?

[strategic]

So far within one week, I have been asked to look at 2 PC's. When I looked at the screen, the Internet Explorer appeared as a "My Computer" window, then there was a window in the center of the display which listed trojans found and a dialogue window above that saying to 'press ok to repair or cancel' (I regret not taking a screendump). Well, I wasn't about to hit ok or cancel, but I hit the red 'x' at the top of that window and it just puts you into a loop and keeps coming back, then I shut down IE and everything disappeared. I reopened IE and it was normal. I proceeded with the 8-steps, but haven't found anything (I should post the hijack log since I can't really read it all).
Please note, I only did the 8-step on one computer, the other only went as far as a virus scan with my "Avast U3" version on my flash drive, and then the Norton 360 installed-both returned positive. Has anyone seen something like this? Might it be a fancy pop-up?

 

[raybay]

It is usually a spyware problem rather than a virus... I would first run SuperAntiSpyware, MalwareBytes, or SpySweeper, and spyware Doctor... along with Window Defender
Often this is happening with a Windows 8.0 or Windows 7.0 install. If so, Remove or delete 7.0 or 8, then run a defragment, and scan then reinstall... suprisingly the problem often goes away... But you have to get back to Windows 6.11, then clean up, then reinstall.

 

[captaincranky]

There are certain infections, (or so I've been told) that run in RAM and won't survive a reboot. I wouldn't bet the ranch on this in your case, but it might be what happened. You could also catch a piece of something, that didn't manage to get itself installed. I only mention these things as possibilities, in case you wind up getting too involved in scans without finding any problem.

If that doesn't seem pro-active enough, try CCleaner and/or this new "Advanced System Care" thingy; https://www.techspot.com/downloads/3160-advanced-windowscare-systemcare-free.html

If that still doesn't seem pro-active enough, the "Microsoft Malicious Software Removal Tool" for August has also been released.

 

[strategic]

First of all, I'd like to thank you both for your prompt reply

It is usually a spyware problem rather than a virus... I would first run SuperAntiSpyware, MalwareBytes, or SpySweeper, and spyware Doctor... along with Window Defender
Often this is happening with a Windows 8.0 or Windows 7.0 install. If so, Remove or delete 7.0 or 8, then run a defragment, and scan then reinstall... suprisingly the problem often goes away.

Thanks RAybay, I could probably go for the 'spyware' assumption (which is why I figured it looked like a pop-up)

There are certain infections, (or so I've been told) that run in RAM and won't survive a reboot. I wouldn't bet the ranch on this in your case, but it might be what happened. You could also catch a piece of something, that didn't manage to get itself installed. I only mention these things as possibilities, in case you wind up getting too involved in scans without finding any problem.

If that doesn't seem pro-active enough, try CCleaner and/or this new "Advanced System Care" thingy; https://www.techspot.com/downloads/31...care-free.html.

Thanks Captain!, I could agree that it runs in RAM, it never came back on the 1st PC, the 2nd is never shutdown (backups nightly) so I'll do a restart in the AM. Thanks for the Advanced System Care link, I just tried it on my PC about 5 minutes ago... it's awesome

 

[Bobbye]

Malware or pop-up?

A malware pop-up!

 

[strategic]

A malware pop-up, very interesting!
(I still wish I would have done a "print screen" on it though, I had 2 chances and blew it )

 

[Bobbye]

a window in the center of the display which listed trojans found and a dialogue window above that saying to 'press ok to repair or cancel'

but I hit the red 'x' at the top of that window and it just puts you into a loop and keeps coming back

Has anyone seen something like this?

Yes

Might it be a fancy pop-up?

No 'fancy' about it! Classic malware symptom!

the other only went as far as a virus scan with my "Avast U3" version on my flash drive,

Infection might be on the flash drive.

All giveaways for malware. You can get help HERE Let the helpers run through your logs. You know we're short of helpers here.

 

[captaincranky]

the Internet Explorer appeared as a "My Computer" window, then there was a window in the center of the display which listed trojans found and a dialogue window above that saying to 'press ok to repair or cancel' (I regret not taking a screendump). Well, I wasn't about to hit ok or cancel, but I hit the red 'x' at the top of that window and it just puts you into a loop and keeps coming back, then I shut down IE and everything disappeared.

This is not a recommendation, but, this is the point where I would have simply pulled the plug. Harsh, I know! But still, it does preclude being tempted to make a bad click, or affording the malware further opportunity to f*** with your head.

 

[strategic]

Thank you Bobbye,
When you say that the infection may be on my flash drive, I have to think I explained something wrong because (as much as I shouldn't say it...) it's impossible.
Scanning with my flash drive is the only opportunity I had, then Norton 360 did a complete scan overnight (as much as I hate the product). Norton 360 never found anything.
I'll have to get some logs and post them on the other site. On an honest level (again, as much as I hate Norton) should there really be anything *bad* to worry about since the PC always had Norton on it? I'm thinking more like it could have been transferred through the backup drive from the old PC (which is almost a year ago)?

 

[Bobbye]

I just wanted you to understand the the flash drive 'could be' infected. And if, for instance, you were using it between computers and it got infected on one system, input from it to another system 'could' pass the malware on to it.

As for Norton finding nothing, does that mean that you have nothing? Unfortunately it does not. If any security program came with a guarantee that it would prevent anything and everything 'bad' from accessing a system, then we would have one 'master' security program!

Legit program don't usually present windows like you describe. And the announcement that you have x number of Trojans 'do you want to remove them' smacks' of a favorite trick of many malware programs.

Whether it's a virus, a Trojan or any one of many types of malware, isn't really important. While it is true that they may act differently, be capable of assaulting the system differently, there is some really nasty 'stuff' out there. If you have any doubt, run the scans and have the logs checked.

 

[strategic]

Thanks again, I will definitely get logs created asap, and get them posted to the link you posted.
Is there a way I can put it to your attention?