Working on someone else's computer, every time any program connects to the internet, something tries to download a trojan, named "HTML/framer" by AVG, called other things by other. I've scanned with AVG, Kaspersky, Superantispyware, HijackThis, Combofix, none of them find anything unusual. Windows Firewall blocks nothing, nor does Zone Alarm tell what's trying to download the file. Removing all BHOs, toolbars, plug-ins, etc. from Internet Explorer do not help. Resetting ip & winsock configurations do not help.
Best I can tell, it's downloading the trojan from some random poor soul also with an infected machine. So Google searches are worthless to focus on what's being downloaded.
Heck, even from the start menu selecting "search" will cause the machine to go out and download the trojan (which AVG then blocks). It's not just Internet Explorer, but pretty much every software that connects out to the internet.
The only other symptom I've found is that the Linksys router was reprogrammed with static DNS entries (the standard 85.xxx.xxx.xxx). When I cleared that out, at least a few more things started working with the internet, but does not solve the big problem.
My best guess right now is to backup the drive, run a repair install of Windows. Who knows what will happen, but so far all software utilities have failed.
Best I can tell, it's downloading the trojan from some random poor soul also with an infected machine. So Google searches are worthless to focus on what's being downloaded.
Heck, even from the start menu selecting "search" will cause the machine to go out and download the trojan (which AVG then blocks). It's not just Internet Explorer, but pretty much every software that connects out to the internet.
The only other symptom I've found is that the Linksys router was reprogrammed with static DNS entries (the standard 85.xxx.xxx.xxx). When I cleared that out, at least a few more things started working with the internet, but does not solve the big problem.
My best guess right now is to backup the drive, run a repair install of Windows. Who knows what will happen, but so far all software utilities have failed.