1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Keenval.B trojan

Discussion in 'Virus & Other Malware Removal' started by at_random, May 3, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. at_random

    at_random Thread Starter

    Joined:
    Jun 21, 2001
    Messages:
    208
    This trojan was automatically found by AVG Antivirus in C:\System Volume Information\_restore{F20DC62-5212_4F33-8959-AB7D05D4CDB6}\RP8\A0000790.exe. But the problem is, AVG doesn't find the virus when I run a scan, even with a custom scan for just C:\System Volume Information. It doesn't show up anywhere in add/remove programs, either (unless it goes by a different name there). How do I remove this thing?
     
  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    C:\System Volume Information is in System Restore. The only way to remove a file from there is to turn off System Restore.

    Turn off System Restore:

    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Check Turn off System Restore.
    Click Apply, and then click OK.
    Restart your computer.

    When you are sure you are clean turn it back on and create a restore point.

    To create a restore point:

    Single-click Start and point to All Programs.
    Mouse over Accessories, then System Tools, and select System Restore.
    In the System Restore wizard, select the box next the text labeled "Create a restore point" and click the Next button.
    Type a description for your new restore point. Something like "After trojan/spyware cleanup". Click Create and you're done.
     
  3. at_random

    at_random Thread Starter

    Joined:
    Jun 21, 2001
    Messages:
    208
    The virus hasn't come up since I followed your instructions, but I keep getting the Startium Toolbar in IE. I know I didn't mention that before, but is it related to keenval? I don't know how to remove Startium, since it doesn't show up in add/remove programs. I tried removing it with the Startium uninstaller too, but that failed.
     
  4. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Please do this. Click here to download Hijack This. Click on the Hijackthis.exe.

    Click the "Scan" button when the scan is finished the scan button will become "Save Log" click that and save the log.

    Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.

    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. Someone here will be glad to advise you on what to fix.

    *Note: When you download Hijack This Do Not download it to a temp folder or to the desktop. Create a permanent folder somewhere like in My Documents and name it Hijack This and put it in that folder.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/226119

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice