Last night it appeared I had picked up a virus. I received several warnings from Trend Micro about attempts to modify access settings. An unknown product, Virus Soft?, started popping messages up. They read something like "Your computer has been infected by a virus, do you want to download virus remover?" This is only a vague description of the message, I was busy scrambling to shut down my PC. When I tried to enter safe mode, I failed and it came up normally. I was able to run a Trend Micro virus scan, but it found nothing. Windows defender found the following in my startup programs:
File Name: qwcpsftav.exe
Display Name: qwcpsftav.exe
Description: Not Available
Publisher: Not Available
Digitally Signed By: NOT SIGNED
File Type: Application
Startup Value: C:\Documents and Settings\Owner\Local Settings\Application Data\qtgman\qwcpsftav.exe
File Path: C:\Documents and Settings\Owner\Local Settings\Application Data\qtgman\qwcpsftav.exe
File Size: 279808
File Version: Not Available
Date Installed: 2/5/2010 5:43:46 PM
Startup Type: Registry: Local Machine (also Current User)
Location: Software\Microsoft\Windows\CurrentVersion\Run
Classification: Disabled
Ships with Operating System: No
SpyNet Voting: Not Available
I disabled the files. I looked for qwcpsftav and qtgman using Foxfire, but found no related references with Google.
The virus appears to be dormant or eradicated by Trend Micro (no references in the logs). However I cannot connect to any sites using unsecured HTTP using IE6 (initially) and later IE8 (after install). HTTPS sites work fine!
I would appreciate any help. Thanks in advance, Larry
Edit: Moved topic from XP to the more appropriate forum. ~ Animal
Back to top
