Thread: Can't remove Renos.AW trojan downloader
View Single Post
Old 11-18-2008, 01:44 AM   #15 (permalink)
Eoghan
Registered User
 
Join Date: Nov 2008
Posts: 9
OS: Windows xp service pack 2


Re: Can't remove Renos.AW trojan downloader
hello;

I deleted that BHO via HijackThis and then I ran the ESET online scan. The log file is pasted below and it looks cleaner than a virgins honey potter.

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3618 (20081117)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=68d5212c7498e8419b53bcef1a7ac313
# end=finished
# remove_checked=false
# unwanted_checked=false
# utc_time=2008-11-17 06:39:31
# local_time=2008-11-17 06:39:31 (+0000, GMT Standard Time)
# country="Ireland"
# osver=5.1.2600 NT Service Pack 2
# scanned=249242
# found=5
# scan_time=9745
C:\Qoobox\Quarantine\C\WINDOWS\system32\zdfiumkn.dll.vir a variant of Win32/Injector.CT trojan E5F31331F2BE5E31B842E60B68193046
C:\Qoobox\Quarantine\C\WINDOWS\system32\zdfiumkn32.dll.vir a variant of Win32/Injector.CT trojan E5F31331F2BE5E31B842E60B68193046
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_ati8fkxx_.sys.zip a variant of Win32/Wigon trojan AED7C47EE8F205F0212426D195780FDB
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_ati8fkxx_.sys.zip »ZIP »ati8fkxx.sys a variant of Win32/Wigon trojan 00000000000000000000000000000000
C:\Qoobox\Quarantine\F\autorun.inf.vir INF/Autorun virus 00000000000000000000000000000000
Eoghan is offline