Hi there,
I wonder if you can help. I exe'ed a file and it contained a keylogger virus that hides me system 32 folder in windows. I have used NOD32 and if find's the virus but states it cannot delete it because it is in operator memory. I changed me virus checker to kaspersky but that will not find it. Can anyone help me out please?

Thanks you

Da_Boo

Hey there furryboo,

Try booting into safemode and then running your antivirus software, the virus shouldn't be activated when in safemode.

Do you know the name of the virus/keylogger?

See if this gets youre system32 folder to show again:

Go to start/run/cmd and type/copy: attrib c:\Windows\system32 -a -h -r -s and press enter.

If that doesn't work , and if youre AV still cant remove the keylogger then please follow the instructions in the "prework" link below in my sig , and post back with the 2 resulting log files.

Cheers peeps for the help so far.

When I type that in it does bring back system 32 folder but when I reboot back in to windows it disappears again. I have tried virus checker in windows and in safemode......still happens.

Cheers

Da_Boo

Problem as first post.

Cheers

Da_Boo

Hya Furryboo.

Looks like Spysweeper has gotten rid of the keylogger.

But i dont see a firewall running on youre pc , it is recommended to have one running to be better protected. Have a look in our download section for some free firewalls if needed.

Does the system32 folder stay visible now? And if yes , do you still have any other problems?

If not , or if you still have other problems , then do a Panda active scan here:

http://www.pandasoftware.com/products/activescan

And post the log from it when done please.

Please see attached fiel and help.

Thank you

Da_Boo