Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Custom Built PC Infected (Trojan Dropper)

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 8 posts
SOLVED (Read Second Post)

So I downloaded a program and wanted the full version so I found a crack for it. When I scanned it at VirusTotal it came up with two things so I figured they were just false positives. Unfortunately I was wrong and upon running the .exe file inside the .zip, my screen turned black so I tried to stop whatever was happening and just did a force shutdown. Once I rebooted everything seemed normal, nothing had changed and I hadn't lost any files. So I scanned my computer with Microsoft Security Essentials and it had found nothing. I also did a system restore to about 15 minutes before I had ran the .exe file, just in case. The only thing that seemed odd was that when I was surfing the web, random tabs would be opened, not pop ups, but pages similar to what I was searching. As if I clicked on a link on the page I was browsing.

Now two days have passed... Today I left my computer up while I was playing on my Xbox 360. After about an hour I noticed it had gone from the screensaver, to sleep, and then it magically restarted by itself, which I thought was odd. So I watched it for a few seconds and when I got to the login screen, I attempted to login, but I wasn't able to type for whatever reason. So I did another force shutdown and got to the login screen again, only this time I could type. So I typed in my password and was immediately greeted with a BSOD. So I tried rebooting and logging in again, but only got another BSOD. So I did another forced shutdown and started up in safe mode. Then I decided to download and run a Kaspersky Virus scan that came up with a few things that I deleted. So then I thought downloading a virus scanner that detected the virus in the crack originally was a good idea so I found and downloaded NOD32, but I'm unable to run it in safe mode, so I'm not sure how I should proceed.

Any advice or tips on what I should do?

Also, I'm running Microsoft Windows 7 Home Premium 64-Bit. Here's a few more bits of information.

This is what was found when I just recently scanned the crack at VirusTotal.com...
Emsisoft - Trojan.Win32.Alureon!IK
eTrust-Vet - Win32/Nebuler.C!generic
Ikarus - Trojan.Win32.Alureon
Microsoft - Trojan:Win32/Nebuler.M
NOD32 - a variant of Win32/Trojan Dropper.Joiner.NAH
Panda - Suspicious File

This is what the BSOD says... (I've read on several forums that it could be hardware or software that causes this, however I want to point out that I only received this BSOD after running the crack and infecting my computer. Before that I had no problems whatsoever. I've had this computer since December 5, 2010, so it's almost brand new and there haven't been any problems so I don't know how it could be hardware related.)

A problem has been detected and Windows has been shut down to prevent damage to your computer.


If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any Windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software, Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then selected Safe Mode.

Technical Information:
*** STOP: 0x0000000A (0x0000000000000008, 0x0000000000000002, 0x0000000000000000, 0xFFFFF80003258D29)

Collecting data from crash dump...
Initializing disk for crash dump...
Beginning dumb of physical memory.
Dumping physical memory to disk: 50

Lastly, I've scanned my computer or tried scanning with the following...
Microsoft Security Essentials - Found nothing until after the infection. After, found 1 item, quarantined and removed.
Kaspersky Anti-Virus 2011 Trial - Was unable to install due to infection.
Norton Anti-Virus 2011 Trial - Was unable to finish scan due to BSOD.
BitDefender Online Scanner - Found nothing.
ESET Online Scanner - Found 1 item, quarantined and removed.
ESET NOD32 AntiVirus 4 Trial - Was unable to install due to infection.
Emsisoft Anti-Malware - Found 33 items, quarantined and removed.

Thanks in advance,
~ OsirisX

SOLVED (Read Second Post)

Edited by OsirisX, 26 January 2011 - 11:20 PM.
removed URL.

  • 0




    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I just wanted to let whoever reads this know that I followed the tutorial on how to fix Google redirects and it has fixed my problem. Therefore this thread can be closed, thanks for the assistance!


Edited by OsirisX, 26 January 2011 - 11:17 PM.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP