Trojan Horse downloader.keenval.c

Discussion in 'Trojan Defence Suite' started by Brotherhood, Jun 5, 2004.

Thread Status:
Not open for further replies.
  1. Brotherhood

    Brotherhood Registered Member

    Joined:
    Jun 5, 2004
    Posts:
    1
    Ok i ran avg and it got rid of a couple of trojans but it said this on couldn't be put in the virus vault. It's in C:/Program Files/Common Files/UPDMGR/SIMGR.exe

    Help! What do I do?
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi Brotherhood :)

    Welcome to Wilders.

    U could follow the instructions here,

    https://www.wilderssecurity.com/showthread.php?t=15913

    then post your HijackThis log in the hijack cleaning forums with a full description of your problem and one of the experts will give u recommendations on any Malware found.


    snowbound
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    The file was probably running and thus could not be moved.
    With TDS > system analysis > process list you can see the running processes and kill the nasty, in the autostart explorer you can delete the registry key responsible for it, effective immediately even without reboot.

    Do you run TDS? If not www.diamondcs.com.au and get the evaluation version, after install get back to the download page and get the latest update file which you put in the TDS directory, now best reboot because of the install, start TDS and after it's initial startup scans --if that doesn't bring up the nasty yet look in the System Testing > Scan control , put checkmarks in every box and save that configuration, now do a full system scan.
    With this first close all other scanners, including their resident protection, also close all other unnecessary programs and browser windows to give TDS all room to speed up it's scanning process and step away from the system to have a coffee, whatever.
    When it's finished, you will see some alerts in the bottom console. Right click on one of them, choose "save to text" (which is the scandump.txt, in the TDS directory, in case you ever you search for it) which file you cqn paste in your next posting, so we can advice you about what to do.
    don't delete anything yet.
    Looking forward to your next posting!
    Before or after this whole operation the HijackThis log is a good suggestion too! More because you write there were more infections found.
     
Thread Status:
Not open for further replies.