Results 1 to 5 of 5
  1. #1
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    105
    Thanks
    2
    Thanked 0 Times in 0 Posts

    How does Themida get on my PC

    While shutting down my PC last night I received a message from Themida saying that I had a monitor running and needed to shut this down. I searched my computer but found no Themida.
    What is this, what is it doing on my PC and what do I need to do about it?

  2. #2
    WS Lounge VIP Calimanco's Avatar
    Join Date
    Dec 2009
    Location
    UK
    Posts
    721
    Thanks
    1
    Thanked 144 Times in 130 Posts
    Themida is a software protection product designed to prevent software from being cracked. It is also frequently used by malware writers to hide their malware, gamekeeper turned poacher if you will. It uses encryption so it is difficult for any anti-virus product to confirm one way or another if its malware. Have you installed any games recently?

  3. #3
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    105
    Thanks
    2
    Thanked 0 Times in 0 Posts
    No, I do not install games and I have installed nothing recently.

  4. #4
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,733
    Thanks
    95
    Thanked 128 Times in 125 Posts
    Download, install, run Piriform's Speccy. Keep your logs, don't post them. You can "publish" the URL to your log later, if anyone here needs to see it. After saving the logs, look through the sections for Services running, programs and utilities installed and running -- you're looking for anything that gives you a "What is this?" vibe.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  5. #5
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    "message from Themida saying that I had a monitor running and needed to shut this down" <- possibly a message referring to a RAT (Remote Access Trojan) still being active, it could be that GOTD still uses that wrapper (did you just install something from giveawayofthe day?), probably a number of other possibilities.

    It sounds like it was *something* run during that Windows session that hadn't been run/accessed before.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •