Trojan Horse downloader.keenval.c

Discussion in 'Trojan Defence Suite' started by Brotherhood, Jun 5, 2004.

Thread Status:
Not open for further replies.
  1. Brotherhood

    Brotherhood Registered Member

    Jun 5, 2004
    Ok i ran avg and it got rid of a couple of trojans but it said this on couldn't be put in the virus vault. It's in C:/Program Files/Common Files/UPDMGR/SIMGR.exe

    Help! What do I do?
  2. snowbound

    snowbound Retired Moderator

    Feb 18, 2003
    The Big Smoke
    Hi Brotherhood :)

    Welcome to Wilders.

    U could follow the instructions here,

    then post your HijackThis log in the hijack cleaning forums with a full description of your problem and one of the experts will give u recommendations on any Malware found.

  3. Jooske

    Jooske Registered Member

    Feb 12, 2002
    Netherlands, EU near the sea
    The file was probably running and thus could not be moved.
    With TDS > system analysis > process list you can see the running processes and kill the nasty, in the autostart explorer you can delete the registry key responsible for it, effective immediately even without reboot.

    Do you run TDS? If not and get the evaluation version, after install get back to the download page and get the latest update file which you put in the TDS directory, now best reboot because of the install, start TDS and after it's initial startup scans --if that doesn't bring up the nasty yet look in the System Testing > Scan control , put checkmarks in every box and save that configuration, now do a full system scan.
    With this first close all other scanners, including their resident protection, also close all other unnecessary programs and browser windows to give TDS all room to speed up it's scanning process and step away from the system to have a coffee, whatever.
    When it's finished, you will see some alerts in the bottom console. Right click on one of them, choose "save to text" (which is the scandump.txt, in the TDS directory, in case you ever you search for it) which file you cqn paste in your next posting, so we can advice you about what to do.
    don't delete anything yet.
    Looking forward to your next posting!
    Before or after this whole operation the HijackThis log is a good suggestion too! More because you write there were more infections found.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.