heffy23 wrote: Files Infected:
d:\documents and settings\administrator\my documents\downloads\test drive unlimited 2 serial keygen.zip.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
I hope you noticed this one too.
Keygen/crack warning!There are
keygens and/or
cracks on your computer. Please be aware that these programs are generally used for
illegal purposes. Software piracy is a
crime that we at GeekPolice do not recommend or approve (but rest assured that we do not
report it either).
Keygens and cracks form a very important
distribution network of malware. It might be the reason of your present infection. Even if you use reknown security software, you can never be safe, as you might run into a fresh new variant (a so-called
0-day threat).
Example: Two VirusTotal reports of a keygen, that in reality was a
trojan carrying a nasty infection called
TDSS.
THIS is the report of the trojan just after release -
0/40 virusscanners detected the deadly load.
THIS is a report of the same file just
five days later -
24/40 have updated their signature database to detect it.
If you would repeat the analysis today, it would probably be detected by even more scanners. Tough luck for the users that picked it up early. Make sure
you are not among them.
Stay out of trouble: get free software instead! I provide some safe websites where you can pick up free software, often just as good as commercial software.
====================Download
GMER Rootkit Scanner from
here and save it to your
desktop.
Note that it will have a random name.
- Double click the file to run the tool. It may take a while to load.
- If it gives you a warning about rootkit activity and asks if you want to run a full scan, click No
- In the right panel, you will see several boxes that have been checked
- Make sure this is unchecked: Show All
- Make sure only your system drive (usually C:\) is checked and uncheck all other drives you might have on your system
- Click Scan to start the scan
- When it has finished, click Save and save the log as gmer.txt on your desktop
- If GMER reports any <--- ROOTKIT entries, donĀ“t take any action. It could be a false positive.
- Click OK to quit GMER.
- Please post the contents of gmer.txt into your next reply.