New
#31
Hi,
Its likely the malware was contracted through the VMWare keygen - avoid cracked software if you don't want these problems.
Is malware still flagged on your system, or does it show up clean now?
Regards,
Golden
Hi,
Its likely the malware was contracted through the VMWare keygen - avoid cracked software if you don't want these problems.
Is malware still flagged on your system, or does it show up clean now?
Regards,
Golden
Well as far as I know, it should be clean now since I quarantined and deleted the exploits shown up by microsoft security essentials, and deleted VirTool:Win32/DelfInject.gen!X shown up by defender offline. I don't think it was vmware as I haven't used it for a long time, I've been using virtual box since, and this issue has only cropped up over the last few days. I didn't keep my windows XP AV updated and didn't scan on the few times I loaded XP environment within vbox, so I'm wondering whether I let the exploits through because of that.
Hi,
Its possible, but I was looking specifically at this item:
None-the-less you have deleted that. How is the system now?Resource Path:\$RECYCLE.BIN\S-1-5-21-1716146104-364351621-1683301092-1001\$RYRILHJ\VMWare.Workstation.v6.5.3.185404.Incl.Keygen-DI\keygen.exe
Regards,
Golden
Well, the only virus flagged by defender offline was the VirTool:Win32/DelfInject.gen!X which is deleted. The keygen files are deleted but they didn't flag a virus. But I won't know how the system is until I reinstall a couple of programs back to c:/program files (x86) and see if they disappear or not.
Hi,
Keygens can behave as what are known as 'droppers' - they carry the malware payload, which then typicallly infects other files. So whilst the keygen is strictly speaking not malware, it was in all probability the source of the malware.
Let us know how your system is once you get everything sorted.
Regards,
Golden
True, but those keygens have been on my system for years, so unless they were benign lying dormant and suddenly became active and dropping the malware payload, I honestly don't believe they're responsible.
To add, the fact that malwarebytes disappeared from both my desktop AND laptop, AND both from program files x86, AND both computers had the same java exploit blacole, that's where I put my money.