Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help!Win32:Qoologic-B & winup2date.dll


  • Please log in to reply
6 replies to this topic

#1 Lyn

Lyn

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Location:Sleepless in NY
  • Local time:11:50 AM

Posted 20 April 2005 - 06:20 AM

:thumbsup: I have Avast, I click to store these trojans in a folder but they keep reappearing.
The Path is:
NAME--Win32:Qoologic-B
VPS version 0516-2, 04/19/2005
path cuddles\local settings\Temporary internet
C;\DOCUME~1Cuddles\LOCALS~1\Temp\tp7453.exe

And the other is;
FILE winup2date.dll
Path C:Windows\System32
Infection; Spyware.Small.et

I click on NOT TO run, then..Clean. My Avast setting does not give me the option to delete it. And I am not familar what to do with trojans.

Lyn

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:10:50 AM

Posted 20 April 2005 - 08:41 AM

Run Avast in safe mode and see if it can fix them.
How to start Windows in Safe Mode
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:50 AM

Posted 20 April 2005 - 09:28 AM

The Path is:
NAME--Win32:Qoologic-B
VPS version 0516-2, 04/19/2005
path cuddles\local settings\Temporary internet
C;\DOCUME~1Cuddles\LOCALS~1\Temp\tp7453.exe


Both of those are in temp folders which occurs quite often. Download and run CCleaner. Its a small utility that wil clean all the junk files in the temp folders from your computer.


You can go to Start>Search and do a search for winup2date.dll. When it comes up just right click and delete. If the search doesn't find it you will need to show hidden files in Windows.

After you do that, you must turn off System Restore and then turn it back on again. This will create an uninfected Restore Point.

Windows XP System Restore Guide

Edited by Leurgy, 20 April 2005 - 09:31 AM.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#4 Lyn

Lyn
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Location:Sleepless in NY
  • Local time:11:50 AM

Posted 21 April 2005 - 08:31 PM

Hi TG,
Yes I do know how to run in safe mode. However, if you are saying its safe to delete both, can you explain
How do I open Avast's " vault"?

Que how do I safely remove each trojan?
How to I completely clean it out of my system
without coming back or contaminating some other application?

In very unfamilar territory,
Lyn

#5 Lyn

Lyn
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Location:Sleepless in NY
  • Local time:11:50 AM

Posted 21 April 2005 - 08:36 PM

[SIZE=14]To delete or clean is my question?

#6 Lyn

Lyn
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Location:Sleepless in NY
  • Local time:11:50 AM

Posted 21 April 2005 - 10:34 PM

Hi Leurgy,
All my files files are open and my "Restore Point" is off.
I had evertything check in CCleaner under Applications, and ran CCleaner.
I also clicked on the "tab--issues" and clicked on "Fix Issues"
Im not sure this deleted my trojans?

My mail doesnt say scanned with Avast. If you are familar with its setup in the mail section, will you please tell me how to setup Avast for Yahoo and Hotmail.

Much appreciation,
Lyn

#7 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:50 AM

Posted 22 April 2005 - 07:19 AM

CCleaner would have deleted the viruses in your temp files and with your System Restore turned off they should be gone now. Make sure you turn SR back on. Anytime you find a virus you need to turn off SR (which deletes the restore points which can't be cleaned) and then you turn it back on to create a clean restore point. If you haven't been doing that then this is why those trojans kept coming back. To get to the viruses in the Avast "vault" do a search for *.vir and delete any files that come up with that file extension.

To get a "second Opinion" download and run a-squared Personal. This is a 30 day trial of the full version. If you don't want to buy it, after it expires get a-squared free. You can also try WindowSecurity online trojan scan.

Avast wont scan Hotmail or Yahoo mail that you look at on a webpage unless something that is in it tries to enter your computer or you try to download an attachment. The email scanner checks email that you receive through a client like Outlook Express. Avast scans anything entering your computer only.

Edited by Leurgy, 22 April 2005 - 07:21 AM.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users