Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Word 2007


  • Please log in to reply
8 replies to this topic

#1 Commander Gman

Commander Gman

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 16 July 2007 - 05:22 AM

Recently,I borrowed my friend's USB memory stick to transfer files and my AVG Anti-Virus Professional found a virus (.dll) as i enter the contents of the USB
He says it is some visual basic application program so,just for security I quarantined it and deleted it
Then...a day after that
I opened a file on Microsoft Word 2007 just to see things good
But as i open it,Microsoft Word 2007 hanged
It didn't move actually (scrolling down doesn't work and it is non-responsive)
You can see the file in the work area
As then i was able to terminate the application
There was this file on my desktop that appeared immediately called "~$E Assignment" and it was a bit of transparent and it is a Microsoft Word 2007
Out of curiosity,I viewed it's properties but nothing came up valuable
I didn't even accessed it because I was highly inspecting it was malware
So i deleted the file But I'm wondering though,since I didn't came up with any searches on the internet about the file,Is it malware?
Also,Corel Draw X3 seems to be running in background...as i open security task manager it says it is some driver thing even if the main windows didn't show up and haven't even opened it
After some time,the process was gone so it didn't show up in the Task Manager
Am i Infected?

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


BC AdBot (Login to Remove)

 


#2 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 16 July 2007 - 06:19 AM

I just got a lead to what may be the cause of the Word 2007 Incident
McAffee sent an email about Additional Microsoft Vulnerabilities Disclosed
I recently downloaded updates and installed them already with Windows Updates
Here are the details:
What Is This About?

Microsoft has released 6 new security bulletins -- three "critical," two "important," and one "moderate"
(MS07-036 to MS07-041) -- covering 11 separate vulnerabilities. These vulnerabilites affect Windows software/operating systems including XP, Vista and .NET Framework and also Office products such as: Word, Excel, PowerPoint, and Publisher. General risks include:
Loss of personal data
Remote system access by cyber criminals
"Drive by" downloads of malware and other unauthorized programs
Information disclosure
And tells me i should see more in this site http://www.microsoft.com/technet/security/....mspx?cid=34044
Is there anyway to uninstall my newly installed updates?
I also recalled there was this Processor update relaiblity on intel Processors
sounds a bit odd though...

Edited by Commander Gman, 16 July 2007 - 06:20 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#3 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:04:34 AM

Posted 16 July 2007 - 06:43 AM

There was this file on my desktop that appeared immediately called "~$E Assignment" and it was a bit of transparent and it is a Microsoft Word 2007

This is just a temp file that shows up when you have an open document. Not Malware

#4 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 17 July 2007 - 08:00 AM

Sorry,I got the worst expected
Bad news
I saw something far more than Microsoft Office 2007
I saw "My Recent documents" I fear this is also tracking me down under C:/Documents and settings/user which was transparent in appearance and it is odd to see it there
There were other files that seemed to track my usage in including the "Send To" folder which is transparent
i saw a mail icon there,desktop,My documents drop thing and many more
I saw also this transparent text pad named "ntuser.dat.log" something like that that coudn't be deleted
I also saw the "~$E Assignment" file on My Documents
I fear that I'm being tracked down especially this folder C:/Documents and Settingtits/User/Local Settings (The Local Settings folder is cloacked transparent in appearance)/history
this when i open the folder,shows every action i do and has a thumbnail of an internet icon
when i double click it,I go to the file that was specified in the selection
Then it is sent back to the attacker
every move i did was being tracked down
There is also this video file CD Movie called "NTUSER"
I'm a little familiar with these names as i got a past experience with malware with it some NT Authority worm i think is related
Even i accessed corel draw,It hangs and quits usually and if i am working on a file,i accessed the data recovery system and telling it that it is unstable
This isn't usual like the Corel Draw i use and it is really noticable that malware is the cause of all this.
luckily,I followed the policy of disabling my internet connection if i'm not using it and will change my passwords soon
One more insane thing was i saw the "WINDOWS" folder on C/Documents and settings/user folder it was really noticable
So the decsion for me was to reformatt
These files are undeletable by all means except for reformatt
No matter delete on reboot,overwrite delete or unlocking processes which are using it it goes back again :thumbsup:

Edited by Commander Gman, 17 July 2007 - 08:06 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#5 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 17 July 2007 - 08:07 AM

btw,using my laptop now
any suggestions of what program can delete any file by all means?

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#6 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:04:34 AM

Posted 17 July 2007 - 08:25 AM

Everything you are describing are system files.....you are seeing them because you have at some point SHOWN HIDDEN FILES AND FOLDERS.

#7 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 17 July 2007 - 08:29 AM

I haven't ticked that option yet but yet how come i see them?

Edited by Commander Gman, 17 July 2007 - 08:29 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#8 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:04:34 AM

Posted 17 July 2007 - 08:49 AM

You are positive? You have double-checked the hidden files and folders, operating system files, extensions for known file types, are all deselected?....

What exactly is the problem you are having? Pretty much everything you are mentioning is on every computer running Windows.

#9 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 18 July 2007 - 06:06 AM

Yes I'm certainly possitive
I even didn't recall ticking on that option yet and didn't even know how to
I'd also be eager to even place a screen shot of the folder containing the files but I already had reformatted it :thumbsup:
It is just that those files are either bugs in terms of malware or worst which was malware "since the history folder has been tracking my every move when i open an application like Super-Anti Spyware"
I didn't expect that the file "~$E Assignment" was even a backup since Word 2007 should already have notified me about it :flowers:
They also have the feature that gets the un-saved files in Power point,Excel and in Word shown by a docker
You'll have the option wether to recover it or not
The fact that the folder "WINDOWS" was located on C:/Documents and Settings/user was located was practically odd
It should be on C:/WINDOWS
Well there were more than that actually
Automatic Updates folder (transparent) seen on C:/Program Files
That was odd...
To add more,if there was this folder called "My Documents drop" in C:/Documents and Settings/user/Send to
with this other folder named "Mail drop" (both transparent) located in that folder was strange
For now,my opinion was either it is Malware or Bug
My quicklaunch didn't show up anymore even if i go to properties of the Taskbar then show quicklaunch
There was also this application called "default user" in the Task Manager and doesn't show any windows at all
It resembles itself as a "My Computer" icon picture (The process appears sometimes)and if i ended it,my Taskbar would disappear then reaappear again
When i use Corel Draw for an hour or more,it reports that the application is unstable :trumpet:

Edited by Commander Gman, 18 July 2007 - 06:07 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users