tr/crypt.fkm.gen infection
My laptop was infected by this trojan name tr/crypt.fkm.gen as detected by avira antivir.
Some information taken from Sophos :
Troj/Scrods-Gen is a family of Trojans for the Windows platform.
Members of Troj/Scrods-Gen usually attempt to download and execute files from remote locations.
Members of Troj/Scrods-Gen may attempt to copy itself to the Windows folder, often with the filename csrss.scr, and may set the following registry entry:
HKCR\.key
(default)
regfile
I did not know from where did it come from. But my suspect is from torrent, where I download a video (a movie, old one) and when launch it Windows Media Player popup a message said that I need to download a free codec. I did download it (silly me!) and actually run it (an exe file). And nothing happen at that time.
But few days later Avira start to popup this message about tr/crypt.fkm.gen trojan and it detect it at file that is in System32 folder. Oh Boy! Nope! Avira unable to delete it. Ad-Aware not able to detect it. Hijack-This able to delete its entry, but it will magically reappear again.
The way I remove it is by running Malwarebytes’ Anti-Malware. That also took several reboot to clear it from the system…
Scary…. when you have too much important data inside.
Leave a Reply
Jan 7th 2010 • 01:01
by rezdrake
oit.. hows life.. layan jugak saga rupanya.. ingatkan dulu cakap mau trus layan Bimmer hehe