Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Downloader Qqhelper


  • Please log in to reply
6 replies to this topic

#1 Shortey364

Shortey364

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:03:34 PM

Posted 20 September 2008 - 01:07 PM

This is what Spyware Doctor (most recent version) has found on my computer:

Trojan Downloader QQHelper
-C:\MATLAB701\toolbox\datafeed\datafeed\bbmonitor.dll
-C:\MATLAB701\toolbox\images\images\private\cq.dll

I'm not sure if Spyware Doctor is giving me false warnings. I installed Matlab 2 years ago and no such infection came up during that time. Should I post a Hijackthis scan?

Thanks!

Cheers.

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 PM

Posted 20 September 2008 - 06:40 PM

Get a second opinion. Go to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis.
-- Post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Shortey364

Shortey364
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:03:34 PM

Posted 20 September 2008 - 11:35 PM

Thanks. Will do.

Cheers!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 PM

Posted 21 September 2008 - 06:08 AM

You're welcome. Let us know the results.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Shortey364

Shortey364
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:03:34 PM

Posted 22 September 2008 - 03:09 PM

The files seem to have disappeared. Hmm...

We'll update as soon as I find out what happened.

Thanks!

#6 Jonny Walker

Jonny Walker

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Utopia
  • Local time:03:34 PM

Posted 22 September 2008 - 03:13 PM

The files seem to have disappeared. Hmm...

We'll update as soon as I find out what happened.

Thanks!



probably because Spyware Doctor deleted them?

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:34 PM

Posted 23 September 2008 - 07:07 AM

Report the detection and action taken to Spyware Doctor support. Having the results from jotti would have been helpful but even if the files were removed they should still be able to investigate if the detection was a false positive.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users