Re: Re: Downloader.Keenval.J
From: <*(((><{ ({_at_Ocean.Net)
Date: 05/16/04
- Next message: <*(((><{: "Re: Re: eye"
- Previous message: Ron: "Request: Please send me a virus"
- In reply to: mdt6288: "Re: Downloader.Keenval.J"
- Next in thread: mdt6288: "Re: Downloader.Keenval.J"
- Reply: mdt6288: "Re: Downloader.Keenval.J"
- Reply: mdt6288: "Re: Downloader.Keenval.J"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 16 May 2004 01:09:44 -0700
It's hiding in your restore files. Turn off System restore. Reboot.
Check to see if the virus is gone. Turn on System restore. Reboot.
Check to see if the virus is still gone.
<*((((><{
Fishy@Ocean.Net
On 15 May 2004 20:30:01 -0700, mdt6288@yahoo.com (mdt6288) wrote:
|I wanted to post this message just in case there are some people out
|there who have had this Trojan Horse trot it's way into thier
|C:\Program Files\Common Files\updater\wupdater.exe It's name is Trojan
|Horse Downloader.Keenval.J
|
|Althought the AVG virus detector wouldn't heal or remove this virus
|(if you want to call it that) manually removing the entire 'updater'
|file works, after you stop using the application... What I mean by
|'stop using the application' is: hitting Ctrl, Alt and Delete, (if
|your using XP)choosing the Processes tab and clicking the wupdater.exe
|and clicking 'End Process'. After which you should be able to delete
|the actual file and it's contents.
|
|So far, I have had no problems with this Trojan Horse or symptoms of
|it's presence save for the initial warning of it's being on the
|computer. I know nothing about it except for the assumption that it's
|spyware and possibly a cause of trouble while shutting down your
|computer.
|
|If there is anything else I should know about this, or some other
|suggestions for me concerning this little guy or it's removal please
|post and let us all know. Thanks a ton!
|
|....................................
|
|To follow up a little bit, I should tell you all that the Drama
|continues...
|
|According to AVG the virus no longer exists on the computer, HOWEVER
|windows has detected the exact same Trojan elsewhere on my PC. AVG
|does not detect it yet in it's scans. Windows frequently pops up to
|say it's there and tells me where it is.
|
|Now it is moved to a folder I cannot access manually on my PC.
|C:\System Volume Information\_restore{2AD2B242-1E70-421B-A858-436AF21-ADA96}\RP93\A0006065.exe
| AVG sees the folder when I run my scans, but doesn't find anything
|wrong with it. The folder can't be accessed or seen by any usual means
|in Windows Explorer or even by showing hidden and system files.
|
|And so... I welcome any more advice on how to dispose of it,
|downloading a whole bunch of programs in 'unapealing' but I will if I
|can't figure it out on my own. It annoys me to have it on my machine
|still, though it's temporarily relocated.
- Next message: <*(((><{: "Re: Re: eye"
- Previous message: Ron: "Request: Please send me a virus"
- In reply to: mdt6288: "Re: Downloader.Keenval.J"
- Next in thread: mdt6288: "Re: Downloader.Keenval.J"
- Reply: mdt6288: "Re: Downloader.Keenval.J"
- Reply: mdt6288: "Re: Downloader.Keenval.J"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
