Help
Somewhat similar in some aspects;
However, detecting one of the particles of an
infection or dropper may not show others related,
and if your A/V etc. has crashed or failed to load
then run tool in the post from majorgeeks link.
This one pretty good and has most info in the pdf
(It's a part hack/detect mix of folks so heads up! )
Which means don't got there if you are soft and squishy.
Direct link to 21.9kb pdf.rar examination/review
If the link doesn't work for you...then you're not ready.
Note that file permission may also be changed, and
possibly some off by one or more executable loading
points (codewise not just on disk or ram location).
Quick tool, if you show any device/global you need help.
Do not attempt repair without extreme skills, goto a
forensic/malware forum and get assistance by case.
I'm not even sure if there are any residual effects
after a reformat and re-install or not, definitely if
you have the problem your 'protection' needs work.
Gmer should detect it but above is a quick post
infection notice, other tools be real_careful and
even upload to virustotal for testing if not sure.
If you don't have an antivirus installed then
at the very least use the Microsoft offering
(update and scan pronto)
and do_not attempt to disable any features
since you will act as your own umm..virus.
This does require a real Windows (legit).
Also make sure your firewall is enabled, never run
without some firewall or at least use the Windows firewall,
also get all updates available via ms updates.
Upgraded kernel and firewall in Win7release
(gold) with MSSE should be able to stop infection
(so far) and I believe WinServer 2008 updated (R2?).
But that is no guarantee if using a pirate edition
or upgrading any legitimate Windows OS to
a newer but not qualified (test for authenticity).
'Seek and ye shall find'
NT Canuck
