Trojan Horse Downloader.Generic2.BVD

Status
Not open for further replies.
While running a routine check... AVG found the following virus... Downloader.Generic2.BVD

I have Google'd this specific virus and it seems no forum site can identify this virus with the .BVD suffix.

Can anyone help me delete this annoying thing from my system please?

Here is my HJT log...
 
Hello and welcome to Techspot.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.


Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Run HJT with no other programmes open(except notepad).Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {196B9CB5-4C83-46F7-9B06-9672ECD9D99B} - C:\WINDOWS\SYSTEM32\winbrume.dll

O2 - BHO: (no name) - {87185E78-A61B-4DB3-965A-3235BBD7A622} - C:\WINDOWS\SYSTEM32\win32hp.dll

O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html

O9 - Extra button: Juegos On Line - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\eurogamelandia\entrar.html (file missing)

O16 - DPF: Win32 Classes -

O17 - HKLM\System\CCS\Services\Tcpip\..\{C5323B81-E91F-4A0C-B876-66E5368531C6}: NameServer = 195.92.195.95 195.92.195.94<Only fix this, if it doesn`t belong to your ISP.

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\SYSTEM\blank.htm
C:\WINDOWS\SYSTEM32\winbrume.dll
C:\WINDOWS\SYSTEM32\win32hp.dll

Reboot into normal mode and turn system restore back on.

Post a fresh HJT log.

Regards Howard :wave: :wave:
 
New HJT scan

Hey Howard... Thanks for replying so soon.

I followed your instructions... Lets hope it solved it.

New HJT log...
 
Your HJT log is clean.

However, I can find no evidence of you having a firewall installed.

You should deffinitely consider gettin some firewall software.

Either the free Zonealarm or the free Kerio firewalls are very good.

You can get them HERE and HERE.

Regards Howard :)
 
Thanks

I've just ran AVG and it reports no sign of that dogged virus...

Thanks for all ya help man... You're a star!!

I'll take ya advice and install ZoneAlarm right now.

Thanks again... Much appreciated.
 
Status
Not open for further replies.
Back