TechSpot

Trojan Horse Downloader.Generic2.BVD

By Zebedee
Jul 19, 2006
  1. While running a routine check... AVG found the following virus... Downloader.Generic2.BVD

    I have Google'd this specific virus and it seems no forum site can identify this virus with the .BVD suffix.

    Can anyone help me delete this annoying thing from my system please?

    Here is my HJT log...
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.


    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Run HJT with no other programmes open(except notepad).Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).


    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

    O2 - BHO: (no name) - {196B9CB5-4C83-46F7-9B06-9672ECD9D99B} - C:\WINDOWS\SYSTEM32\winbrume.dll

    O2 - BHO: (no name) - {87185E78-A61B-4DB3-965A-3235BBD7A622} - C:\WINDOWS\SYSTEM32\win32hp.dll

    O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html

    O9 - Extra button: Juegos On Line - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\eurogamelandia\entrar.html (file missing)

    O16 - DPF: Win32 Classes -

    O17 - HKLM\System\CCS\Services\Tcpip\..\{C5323B81-E91F-4A0C-B876-66E5368531C6}: NameServer = 195.92.195.95 195.92.195.94<Only fix this, if it doesn`t belong to your ISP.

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\WINDOWS\SYSTEM\blank.htm
    C:\WINDOWS\SYSTEM32\winbrume.dll
    C:\WINDOWS\SYSTEM32\win32hp.dll

    Reboot into normal mode and turn system restore back on.

    Post a fresh HJT log.

    Regards Howard :wave: :wave:
     
  3. Zebedee

    Zebedee TS Rookie Topic Starter

    New HJT scan

    Hey Howard... Thanks for replying so soon.

    I followed your instructions... Lets hope it solved it.

    New HJT log...
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    However, I can find no evidence of you having a firewall installed.

    You should deffinitely consider gettin some firewall software.

    Either the free Zonealarm or the free Kerio firewalls are very good.

    You can get them HERE and HERE.

    Regards Howard :)
     
  5. Zebedee

    Zebedee TS Rookie Topic Starter

    Thanks

    I've just ran AVG and it reports no sign of that dogged virus...

    Thanks for all ya help man... You're a star!!

    I'll take ya advice and install ZoneAlarm right now.

    Thanks again... Much appreciated.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...