Articles

Virus I got from Logitech

May 13, 2005 at 16:46:07
Specs: XP Pro, P4 2.4 GHZ 512K

Hi,

I don't know what to make of this but allow me to share this one with all of you. I have a Logitech QuickPro 4000 webcam. I formatted my system last December and it has been working great. I never re-installed my webcam so last night I thought I'd download the latest drivers from Logitech. Their latest version is 8.4.6 build 1016. As I was running the setup, Webroot Spy sweeper popped up and indicated some files were suspicious. I saw that a few were Logitech so I kept those, except for one that had no details. The file name was grp.conv. Before I did anything else, I opened up a browser and went to Google. Apparently this is a Trojan. So I told Spy sweeper to remove it. The install went fine, but something told me to run AVG. I have the free edition. AVG found 8 files infected with a virus called jar/java and in the file name something that said Class. Then AVG stopped and another window showed only 6 viruses, 2 of which could have been moved to the vault, but the other 4 were embedded in Documents. I tried to search for them, but nothing came up. I didn't format, nit just yet. What I did do, I uninstalled AVG and ordered Norton. I want to give that a try and see if it might clean it out. Has this happened to anyone else where you run a download from a company's website and zingo you get a virus? I sent the webmaster an E-mail, sine Logitech doesn't seem to have an E-mail for tech support. They replied and asked me to follow the support links, which I did, but no E-mail capability.

Oh, before I forget. I ran AVG the night before last and there were no viruses. I didn't download anything as far as I can remember when the last download was, which I think was a critical update from Microsoft. I have to conclude that Logitech had something on that file. I only want to make them aware so that they can check into it.

Thanks,
Veets


See More: Virus I got from Logitech

Report •


#1
May 13, 2005 at 17:36:07

I really doubt that Logitech's software came with any malicious programs (though I suppose it is slightly possible).

You might try installing it again after you clean up your system to see if it happens again. You might also make sure your browser and Windows are all up to date to make sure you didn't get something that way.

Finally, you could try emailing Logitech at something like support@logitech.com. That, or contact the webmaster again and ask for more contact info.


Report •

#2
May 13, 2005 at 17:45:52

GRPCONV.EXE isn't a trojan - it's a Windows file. But it may be infected with a trojan. Why don't you download the installation file from the same website again and (don't open it) scan it with your anti-virus program(s). If the AV detects something wrong with the installation file, then your complaint is with Logitech. But I can tell you I've never had such a problem with a file from a commercial vendor. If the installation file was really infected you can be there would be a lot of angry customers posting on sites like these.

I've used Norton for years and (always with auto-protect on and set to auto-update the virus definitions) haven't had a problem yet. I definitely recommend it.

GRPCONV.EXE
http://support.microsoft.com/default.aspx?scid=kb;en-us;119941


Report •

#3
May 13, 2005 at 22:29:26

I can't remember exactly...but I remember two instances when I was downloading drivers from major manufacturer websites, and they had viruses in them.

Major manufacturers can be targeted by hackers, and then have their download files replaced with infected versions. I know my mouse's website was one of them...


Report •

Related Solutions

#4
May 14, 2005 at 03:58:00

"Webroot Spy sweeper popped up and indicated some files were suspicious."

What does a web cam do?

It sends information over the internet.

How can it do this?

It must have a file that has the same attributes as a trojan or virus, no? One might find this suspicious if you didn't know what a web cam is supposed to do.

To be able to make the sent images smaller it compresses them. How? By using .jar.

Java uses class objects. Java was used in compiling this particular web page here at Computing.net.

Webroot and AVG are applications. For them to work at their highest capacity human intervention is required.

In this case you have used the intervention to pose your questions or concerns about the findings here.

What is the link that contains the suspicious file? I will download a copy to see if McAfee AV jumps all over it, or not, as I download it.

Best regards,
Bryan


Report •

#5
May 14, 2005 at 04:36:15

My Logitech files cause my McAfee to give a false ping when I load the whole program. Basicly in the xp enviroment all you need is the usb drivers. With all the programs that can access your webcam why bother with the rather large clunky program Logitech offers?
XP programs as Movie Maker II and Media Encoder 9.
And chat and message services don't need it either. My advice? Just load the usb drivers and be done with it.


I may be crazy, but I'm not stupid...


Report •

#6
May 14, 2005 at 07:05:04

I downloaded it and scanned it as is...no flags. Then I extracted it to a folder and scanned each file and got the same clean bill of health.

Jimi_l


Report •

#7
May 14, 2005 at 12:14:00

Hi all,

Thanks for your input. I didn't even think about using the drivers that came with XP. Bryan, here is the link.

http://www.logitech.com/index.cfm/downloads/software/US/EN,CRID=1794,contentid=6023

The window will open up and default to the English download.

Title: QuickCam Software Version: 8.4.6 build 1016A Posted: 05/04/2005
Platform: Windows XP


Please keep me posted on your results. I appreciate everyone's input and for all your help and advice.

Veets


Report •

#8
May 14, 2005 at 15:27:06

http://www.logitech.com/index.cfm/downloads/software/US/EN,CRID=1794,contentid=6023
32.1 MB no infections found by McAfee 9.1.06 when scanned.

Regards,
Bryan


Report •

#9
May 14, 2005 at 15:30:43

Bryan,

Thank you so much. At least it rules out the Logitech software. When my Norton arrives I will run that and see if it cleans out whatever it is I have. I am hoping that maybe I have no virus at all.

Thanks,
Veets


Report •

#10
May 14, 2005 at 15:37:06

You don't want to clean it out. If you do you will render the Logitech software useless.

It is your free softwares that is flagging it as simply "Suspicious". Your software does not know that it is software to run a webcam that needs to be able to access the internet.

Any software that has the ability to interact with the internet would also be flagged as "Suspicious".

In my earlier post I noted that the webcam compresses the images in a .jar file. I actually have no idea if this Logitech software does that or not. But, a .jar file is simply a zipped file like .zip or .rar.

Bryan


Report •

#11
May 28, 2005 at 21:49:37

I got the same scenario. It installed something named Antivirus Gold in my system and also my desktop become web enable with a backgroup of something like "your computer is infected". I use symmantic to scan my computer with the latest update but no inflected virus. even I uninstalled the logitech driver and the app. my desktop is still jammed. I disable that particular web desktop and everytime I reboot my system, that stupid web desktop comes up. I can't find it in the add/remove program. man, i'm in deep trouble. what did stupid logitech do to my computer?!!!!! It also gives me error like LVCOM (or something) cannot find when I login sometimes. I hate logitech now~


Report •


Ask Question