Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Guys Whats This Viruz?


  • Please log in to reply
5 replies to this topic

#1 taenamo

taenamo

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:58 PM

Posted 05 July 2007 - 01:33 PM

i scan my computer with a free edition of bitdefender and the summary is:

Summary:

C:\WINDOWS\sbnet\ShowBehind.exe Infected Backdoor.Showbe
C:\WINDOWS\sbnet\ShowBehind.exe Disinfection failed
C:\WINDOWS\sbnet\ShowBehind.exe Moved
C:\WINDOWS\system32\H@tKeysH@@k.DLL Infected Trojan.Keylogger.HotKeysHook.A
C:\WINDOWS\system32\H@tKeysH@@k.DLL Disinfection failed
C:\WINDOWS\system32\H@tKeysH@@k.DLL Moved


whats this viruz???

BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:58 PM

Posted 05 July 2007 - 04:09 PM

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Post a Hijack This log in the Hijack This Forum by following the directions in the link below. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

You probably picked up the Adware and Keylogger from freeware or cracks.
Key Logger: (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans).

Edited by buddy215, 05 July 2007 - 04:22 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:58 PM

Posted 05 July 2007 - 04:30 PM

Hi taenamo
Try this link.....
http://www.bleepingcomputer.com/startups/S...D.EXE-4923.html
then click on:
Advertisement display which can be stopped here

But your main problem is:
C:\WINDOWS\system32\H@tKeysH@@k.DLL Infected Trojan.Keylogger.HotKeysHook.A
see here:
http://research.sunbelt-software.com/threa...threatid=125799

You really should follow the link supplied by buddy215 and submit a hjt log for analysis.
This is quite serious.

BBPP6nz.png


#4 taenamo

taenamo
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:58 PM

Posted 08 July 2007 - 08:47 AM

which links of buddy??? 1 2 or 3????

starbuck do have to download all your links??

plz help,,,

#5 buddy215

buddy215

  • BC Advisor
  • 12,613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:58 PM

Posted 08 July 2007 - 10:10 AM

Starbuck's suggestion is to use the tool in the link below to remove the adware Showbehind.
http://www.showbehind.com/adremove.exe

You also have a keylogger that my first link, Super Antispyware may remove as well as others.
You should also post a Hijack This log following the instructions in the link I provided in my first post.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#6 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:58 PM

Posted 08 July 2007 - 04:26 PM

Starbuck's suggestion is to use the tool in the link below to remove the adware Showbehind.
http://www.showbehind.com/adremove.exe

You also have a keylogger that my first link, Super Antispyware may remove as well as others.
You should also post a Hijack This log following the instructions in the link I provided in my first post.

spot on.
Like i said, taenamo this keylogger is serious...... you really should have a member of the hjt team take a look at your log.
Don't forget to tell them what 'keylogger' was found.
Good luck.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users