Hello
I did an offline KAV scan which found two instances of 'Trojan-Spy.Win32.Keylogger.bhg'.
I'd like to know what the log reveals if possible.
Thanks in advance for looking!
Dave
Printable View
Hello
I did an offline KAV scan which found two instances of 'Trojan-Spy.Win32.Keylogger.bhg'.
I'd like to know what the log reveals if possible.
Thanks in advance for looking!
Dave
Please make sure that you have read and followed the r[URL="http://virusinfo.info/showthread.php?t=9184"]ules[/URL] before posting.
[quote=Rene-gad;319698]Please make sure that you have read and followed the r[URL="http://virusinfo.info/showthread.php?t=9184"]ules[/URL] before posting.[/quote]
I appreciate that you have laid down rules - which I [I][U]have[/U][/I] read. :)
However, as I'm really just experimenting at the moment, I'd be really, really, pleased if someone could take a quick look at the attached file (zipped) and tell me if I have any cause for concern.
If necessary - I'll then come back and follow your rules to the letter! Promise! ;)
I hope you can accomodate my request on this occasion. TIA
Dave
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
StopService('ZDBRGSYS');
DeleteService('ZDBRGSYS');
QuarantineFile('C:\WINDOWS\system32\ZDBRGSYS.SYS','');
QuarantineFile('F:\setup.exe','');
DeleteFile('C:\WINDOWS\system32\ZDBRGSYS.SYS');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('ZDBRGSYS');
BC_Activate;
RebootWindows(true);
end.
[/CODE]
After reboot:
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool [URL="http://support.microsoft.com/?scid=kb%3Ben-us%3B315246&x=17&y=6"]cleanmgr[/URL] or [URL="http://www.ccleaner.com/"]CCleaner[/URL] or [URL="http://www.clearprog.de/"]ClearProg[/URL]
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the [URL="http://virusinfo.info/showthread.php?t=9184"]rules[/URL].
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Attach 3 logs to your new post..
Hi
I've endeavoured to comply with your request. I've run Dr Webb in safe mode (nothing found) cleaned all drives and scanned with HJT. I'm not sure what other logs you require, but here is my HJT log:-
Pls. don't quote the posts completely.
Logs should be attached, not posted.
We need 3 log files, not only one.
I have two private messages, but I cannot read either of them! :(
Here is one - what does it say? (in English, please!)
Привет BoaterDave,
Созданное вами сообщение, в нижеуказанной теме, было отредактировано:
[QUOTE=BoaterDave;320134]
Привет BoaterDave,
Созданное вами сообщение, в нижеуказанной теме, было отредактировано:[/QUOTE]
Hello BoaterDave
Message you have made in the underneath marked topic , was edited:
What other log files do you require?
[QUOTE=BoaterDave;320237]What other log files do you require?[/QUOTE]PLS READ THE [URL="http://virusinfo.info/showthread.php?t=9184"]RULES[/URL] OR LET SOMEBODY READ AND EXPLAIN IT FOR YOU.