Need help eliminating Qoologic Trojan Variant

10CFR · Apr 18, 2005

I got it. I've tried several things to get it off. I've managed to delete it and removed the registry entry associated with it, then it comes right back.

The registry entry I found is:

KAVSVC = C:\WINDOWS\SYSTEM32\inaznn.exe

It shows up on my hijack this log as:

04-HKLM\..\Run: [KavSvc] C:\WINDOWS\system32\inaznn.exe

I found one discussion of the problem here, but it didnt' work for me:

http://forums.techguy.org/t350714&highlight=Qoologic+trojan.html

I have also posted logs and requests for help here:

http://www.lurkhere.com/forum768.html (look under Conferences>Catching Critters>Topic #526

and here:

http://forums.techguy.org/t353904.html

chaslang · Apr 18, 2005

Please follow the steps below:

1 - Please EXTRACT all files from Qoologic Tool to its own folder - C:\Program Files\QoologicFinder . Then, DoubleClick Find-Qoologic.bat to run the tool. It should produce a log - Please attach that with your next post!

2 - Please EXTRACT all the files form RKFILES Tool.Zip Tool to its own folder - C:\Program Files\RKTOOL. Then, Please boot to SAFE MODE and DoubleClick rkfiles.bat to run the tool. Let it run and then, when it finishes, look for a log at C:\Log.txt and please attach that log.

Log in or Sign up

Need help eliminating Qoologic Trojan Variant

10CFR Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Log in or Sign up

Need help eliminating Qoologic Trojan Variant

10CFR Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Useful Searches