Trojan.GenericKD.1609834 (B)

  ferrispedro 10:59 13 Apr 14
Locked

How do I get rid of this?

  Woolwell 12:02 13 Apr 14

Try running the free version of Malwarebytes in safe mode.

  Fruit Bat /\0/\ 14:36 13 Apr 14

If malwarebytes does not get rid of it automatically then

check for the following files and delete them

%Appdata%\Microsoft\Address Book\Administrator.wab %Temp%\firefox_updater.exe %Temp%\Sani\voso.exe %SysDir%\drivers\afe296bba4364f4.sys

Also check for and delete the following registry keys using "regedit"

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\17a3c\ImagePath: “\??\%SysDir%\drivers\17a3c.sys” HKLM\System\CurrentControlSet\Services\17a3c\DisplayName: “voso.exe” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\ImagePath: “\SystemRoot\System32\Drivers\afe296bba4364f4.sys” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\DisplayName: “voso.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Voso: “”%Temp%\Sani\voso.exe”"

and check for the virus itself in the system drivers folder look for a file like:

AFE296BBA4364F4.SYS

Default location: %SYSDIR%\DRIVERS\AFE296BBA4364F4.SYS

Dropper hash(md5): 1ec6b0ce81fd5aba512467608c848692

from here

This thread is now locked and can not be replied to.

Qualcomm Snapdragon 835 benchmarks: Antutu, Geekbench 4, GFXBench and PCMark results

1995-2015: How technology has changed the world in 20 years

This animated short film tells a moving story of domestic violence for Refuge

New iPad 2017 preview: Apple's affordable but underspecced new iPad may appeal to the education…