Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Trojan removal "downloader.keenval.O"

Posted on 2004-10-05
3
Medium Priority
?
628 Views
Last Modified: 2010-04-11
OS: Windows ME

AVG anti-virus has identified "downloader.keenval.O" as being present on one of my co-worker's home machines, but will not remove it.

Apparently she picked it up from Kazaa....this is a new variation of the popular trojan, and there is little documentation on it.

AdAware/S&D Spybot don't even see it.

Sorry for those of you looking for cheap/cheesy points.  This one requires real work...I already Googled it.

All I can find are posts from people looking to get rid of it.  I have an email into GrisSoft, but have not heard back from them.

Oh yeah...just in case any Lounge Lizards see this post...fdisk and format are NOT an option.

 

0
Comment
Question by:HeadIdiot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 700 total points
ID: 12232309
>> AVG anti-virus has identified "downloader.keenval.O" as being present on one of my co-worker's home machines, but will not remove it.

AVG does such things..... when the infected files are being in used or u dont have permissions,,,, but the OS here is WinME,,, it cannot be a permission problem coz no NTFS drive !!

So the first case... files are in use... and to cure it, u can try running AVG in safemode,,, and remember to disabe ur system restore before cleaning the system !!

Also consider running Disk Cleanup on ur hard drive to delete all temp and temp internet files !!
reboot back in normal mode to check if any progress or not ??
0
 
LVL 4

Author Comment

by:HeadIdiot
ID: 12232498
I'll hve her check it and will post again tomorrow.
Thanks.
0
 
LVL 2

Expert Comment

by:visualcoat
ID: 12236740
go to www.avast.com and download a copy of there home eddition AV. Avast AV software alows you to do a scan before boot-up which can clean infected active files. You might have to run the scan 2 time but it will most likely clean your trojan.

http://www.avast.com/eng/down_home.html
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question