Trojan.GenericKD.1609834 (B)

  ferrispedro 10:59 13 Apr 2014

How do I get rid of this?

  Woolwell 12:02 13 Apr 2014

Try running the free version of Malwarebytes in safe mode.

  Fruit Bat /\0/\ 14:36 13 Apr 2014

If malwarebytes does not get rid of it automatically then

check for the following files and delete them

%Appdata%\Microsoft\Address Book\Administrator.wab %Temp%\firefox_updater.exe %Temp%\Sani\voso.exe %SysDir%\drivers\afe296bba4364f4.sys

Also check for and delete the following registry keys using "regedit"

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\17a3c\ImagePath: “\??\%SysDir%\drivers\17a3c.sys” HKLM\System\CurrentControlSet\Services\17a3c\DisplayName: “voso.exe” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\ImagePath: “\SystemRoot\System32\Drivers\afe296bba4364f4.sys” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\DisplayName: “voso.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Voso: “”%Temp%\Sani\voso.exe”"

and check for the virus itself in the system drivers folder look for a file like:


Default location: %SYSDIR%\DRIVERS\AFE296BBA4364F4.SYS

Dropper hash(md5): 1ec6b0ce81fd5aba512467608c848692

from here

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

These brilliant Lego posters show just what children's imaginations are capable of

Mac power user tips and hidden tricks

Comment réinitialiser votre PC, ordinateur portable ou tablette Windows ?