Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojans - downloader-acv - adclicker-ba.dll [CLOSED]


  • This topic is locked This topic is locked

#1
dieseld

dieseld

    New Member

  • Member
  • Pip
  • 1 posts
Hi,

I looked up previous forums on how to deal with my virus but still am unable to resolve the issue. I followed instrustions scanned my computer at trend micro. Received the following results.

C:\WINDOWS\system32\dist001.exe TROJ_AGENT.VI Deletion successful
C:\WINDOWS\system32\SSK3_B5 Seedcorn 4.exe TROJ_SMALL.AQC Deletion successful
C:\WINDOWS\system32\vgactl.cpl TROJ_QOOLOGIC.AD Deletion successful
C:\WINDOWS\system32\wuauclt.dll TROJ_QOOLOGIC.AE Deletion successful
C:\WINDOWS\ssk.exe TROJ_SMALL.AQC Deletion successful

Then went to Panda scan and went through similar procedures. There i received the following results:



Incident Status Location

Adware:Adware/QoolShown No disinfected C:\WINDOWS\SYSTEM32\DPKGDL.EXE
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\SYSTEM32\APD123.EXE
Virus:Trj/Qoologic.B Disinfected Operating system
Adware:Adware/QoolShown No disinfected C:\WINDOWS\System32\gsdjdsf.dll
Spyware:Spyware/SurfSideKick No disinfected C:\Program Files\SurfSideKick 3\SskBho.dll
Adware:Adware/QoolShown No disinfected C:\Documents and Settings\All Users\Start Menu\Programs\Startup\tadk.exe
Spyware:spyware/surfsidekick No disinfected C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/topspyware No disinfected C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmplayer.exe.tmp
Adware:adware/ieplugin No disinfected C:\WINDOWS\rgrt.exe
Adware:adware/ist.sidefind No disinfected C:\PROGRAM FILES\SideFind
Adware:adware/dealhelper No disinfected C:\WINDOWS\SYSTEM32\Newmsrdk
Adware:adware/consumeralertsystemNo disinfected Windows Registry
Spyware:Spyware/UrlSpy No disinfected C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20051020030624.zip[advapi32.exe]
Adware:Adware/QoolShown No disinfected C:\Documents and Settings\All Users\Start Menu\Programs\Startup\tadk.exe
Adware:Adware/ISearch No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\cmdinst.exe
Adware:Adware/QoolShown No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\f36514937.exe
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\i50.tmp
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\i7B.tmp
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\pcs_0031.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\Dan\Local Settings\Temp\ptf_0031.exe
Spyware:Spyware/SurfSideKick No disinfected C:\Program Files\SurfSideKick 3\Ssk.exe
Spyware:Spyware/SurfSideKick No disinfected C:\Program Files\SurfSideKick 3\SskBho.dll
Virus:Trj/Downloader.BYN Disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Adware:Adware/IEPlugin No disinfected C:\WINDOWS\rgrt.exe
Spyware:Spyware/UrlSpy No disinfected C:\WINDOWS\system32\adsldp27.exe
Spyware:Spyware/UrlSpy No disinfected C:\WINDOWS\system32\advapi32.to_be_deleted
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\system32\APD123.exe
Virus:Trj/Qoologic.B Disinfected C:\WINDOWS\system32\badnk.dll
Spyware:Spyware/UrlSpy No disinfected C:\WINDOWS\system32\batt5580.exe
Spyware:Spyware/SurfSideKick No disinfected C:\WINDOWS\system32\bk.exe
Adware:Adware/QoolShown No disinfected C:\WINDOWS\system32\dpkgdl.exe
Adware:Adware/QoolShown No disinfected C:\WINDOWS\system32\gsdjdsf.dll
Adware:Adware/QoolShown No disinfected C:\WINDOWS\system32\installer216.exe
Adware:Adware/QoolShown No disinfected C:\WINDOWS\system32\oacnqbd.exe
Spyware:Spyware/LinkReplacer No disinfected C:\WINDOWS\system32\PreUninstallQL.exe
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\system32\sav2.exe
Adware:Adware/QoolShown No disinfected C:\WINDOWS\system32\vuqay.dat



I then went to trojan hunter where i received the following results:

Found trojan file: C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20051020030624.zip/advapi32.exe (Adware.UrlSpy.101)
Found trojan file: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\tadk.exe (TrojanDownloader.QLogic.120)
Found trojan file: C:\Documents and Settings\Dan\Local Settings\Temp\f36514937.exe (TrojanDownloader.QLogic.120)
Found possible trojan file: C:\Documents and Settings\Dan\Local Settings\Temp\pcs_0031.exe/oK3b.exe (SDBot) (What's a possible trojan file?) (Submit for analysis...) (Add to ignore list)
Found trojan file: C:\WINDOWS\invitessk.exe/sqGNN5.exe (Adware.IEPlugin.100)
Found trojan file: C:\WINDOWS\system32\APD123.exe/dfgcT7Iu.exe (Bube.103)
Found trojan file: C:\WINDOWS\system32\dpkgdl.exe (TrojanDownloader.QLogic.120)
Found possible trojan file: C:\WINDOWS\system32\oacnqbd.exe (Suspicious: ASPack-packed file in Windows System folder) (What's a possible trojan file?) (Submit for analysis...) (Add to ignore list)
Error: Directory not found: D:\
6 trojan files found
2 possible trojan files found


Then i tryed to clean them and received the following:

Unable to clean trojan file C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20051020030624.zip/advapi32.exe because it is contained in an archive
Renamed file C:\Documents and Settings\All Users\Start Menu\Programs\Startup\tadk.exe to C:\Documents and Settings\All Users\Start Menu\Programs\Startup\tadk.exe.tcf
Renamed file C:\Documents and Settings\Dan\Local Settings\Temp\f36514937.exe to C:\Documents and Settings\Dan\Local Settings\Temp\f36514937.exe.tcf
Renamed file C:\WINDOWS\invitessk.exe to C:\WINDOWS\invitessk.exe.tcf
Renamed file C:\WINDOWS\system32\APD123.exe to C:\WINDOWS\system32\APD123.exe.tcf
Renamed file C:\WINDOWS\system32\dpkgdl.exe to C:\WINDOWS\system32\dpkgdl.exe.tcf
Trojan cleaning finished.



I would appreciate any help you can provide... I apologize if I included too much information. Thank you in advance!
  • 0

Advertisements


#2
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Hi and welcome to GeeksToGo! My name is Sam and I will be helping you. :tazz:

Please visit this page and scroll down to Step 5. Follow the instructions there to download a tool called Hijackthis and post a log here as a reply to this post.
  • 0

#3
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP