Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Files Downloaded After Installing Download Accelerator Plus


  • Please log in to reply
3 replies to this topic

#1 devsun

devsun

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 04 October 2008 - 05:19 AM

Hi ! I am new to this forum. I am here because I desperately want some advice.
I installed Download Accelerator Plus (DAP) free version 5 days back
After the very first time I used (DAP) and rebooted I found myself to be infected by virus W32/Almanahe.B
I used Avira in safe mode and with system restore turned off. Now Avira scan has no detections
I find these three files in C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Offers
1. mailinfo30.exe
2. spo3.exe
3. VA22_DAPSO.exe
I have never asked these files to be downloaded. Dont know how they got there. Are these viruses ?
I have Toshiba Satellite. Windows XP Home SP3. Intel Core2 Duo 1.8Ghz and RAM, WiFi Internet connection
Anti Virus: Avira Personal edition
Anitmalware: windows defender, Spybot S &D, a-squared

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:59 AM

Posted 04 October 2008 - 02:27 PM

Sometimes programs like DAP come bundled with other software that users may not know about. For example spo3.exe appears to be related to SpeedOptimizer.

Anytime you come across a suspicious file or one that you do not recognize, search the name using Google or the following links:
BC's File Database
BC's Startup Programs Database
ProcessLibrary.com
ThreatExpert Malware Search
File Research Center

Anytime you come across a suspicious file which you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
-- Then post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 devsun

devsun
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 04 October 2008 - 10:10 PM

Thanks a lot.

I did Google for VA22_DAPSO.exe and it is listed as a virus with methods to remove them.
Googling is what brought me to this forum, for there is a link to my particlular file C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Offers\VA22_DAPSO.exe on the forum thread http://www.bleepingcomputer.com/forums/topic162079-30.html. Though I understood precious little from that thread about the problem, I appreciated the fact that people in this forum take considerable effort (and time) to help.

Unfortunately I have done something in a hurry which I am not sure you will approve. I used a prog called East-Tec Eraser 2008 and subjected the whole folder C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Offers to "erase beyond recovery". So on-line analysis of these files are not possible. But before I threw these files out I had them analyzed with avira and the result was "no detection"

Edited by devsun, 04 October 2008 - 10:20 PM.


#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:59 AM

Posted 05 October 2008 - 06:15 AM

VA22_DAPSO.exe is not a virus, looks like adware

C:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Offers\VA22_DAPSO.exe//WiseSFXDropper archive WiseSFX


the problem is did you really need DAP from speedbit? I used DAP without adware when I was on dialup, it was of neglible use then

ok, wisesfxdropper is not a program name, it's a packer used. it's actually WISe instalaltion wizard self extracting dropper, it can be a install kit for any kind of program.


Edited by DaChew, 05 October 2008 - 06:22 AM.

Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users