Hey,
Every once in a while I scan my host computer to check up on things and it found 3 things. 2 of which were from an early test of the Zeus Trojan network I found. (I forgot I had launched the file, oops). But Avast! also detected another file in my downloads folder. Images Album.exe. Detected as a Trojan backDoor.IRC. Is anything noticeable in a OTL scan?
I renamed the file
I’ll attach OTL here in a sec
Can you upload the file to Malwr.com and post the link here?
You can look through Malwr and OTL then to compare it.
Also, Windows is apparently not genuine anymore. I got this shortly after cleaning up the mess left by this thread:
Malwr: https://malwr.com/submission/status/M2I4ODIzYWVhNjBkNGE0MDllZmI0YjYzMzNmMjI4MDI/
OTL has been attached. (I don’t understand OTL nor do I have the training to)
What software are you using for the VM?
You can create snapshots and roll back everything.
Malwr is still running.
http://en.wikipedia.org/wiki/Backdoor.Win32.IRCBot
Once installed on a PC the worm copies itself into a Windows system folder, creates a new file displayed as "Windows Genuine Advantage Validation Notification" and becomes part of the computer's automatic startup.
Rolling back I don’t think would work
Also, Software, Just Avast!, OTL and MBAM. Nothing else…
Pondus, the IRC Wor wasn’t active at the time. Just sitting there as a .vir file…
And If that can still happen without being executed then why has my Host computer which is where I found the file not been changed?
Do you want to check your system, I think you’re really infected…by looking at OTL
Twin, it’s a Virtual Machine. my real system never had the file launched
Is OTL.txt you attached performed on host or VM?
VM