Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.downloader.qoologic.at


  • Please log in to reply
1 reply to this topic

#1 guy_wild

guy_wild

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:39 AM

Posted 15 February 2006 - 01:22 PM

Hi.

I just ran BitDefender online scan and something strange appeared. This is from the log:

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ozph.exe
Infected with: Trojan.Downloader.Qoologic.AT

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ozph.exe
Disinfection failed

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ozph.exe
Delete failed

Ok, so I looked in the directory - but there is NO file named ozph.exe, and yes, I can see hidden and system files. There is no file like that on my entire HDD! Nor is there anything resembling Qoologic (searched for *qoologic*.*). Likeweise is there nothing to be found in the Registry.

So what gives? Anyone?

Sincerely
guy_wild

BC AdBot (Login to Remove)

 


m

#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:09:39 AM

Posted 15 February 2006 - 01:44 PM

Hi guy_wild

I have read your post and I think it would be wise for you to post a HijackThis log for an expert to review. You have a possible qoologic infection which can be a pain to remove. You won't find an files named qoologic on your system - they are randomly named.

I recommend you follow the HijackThis preparation guide which can be found here. It is important that you follow the guide closely. A number of scans will be run which may well fix your problem.

As the guide says, after you have completed the scans that are recommended, please post your "HijackThis" log in a new topic in the forum found here. Please add your system infomation and also what problems you are having. Please be patient, and a HJT team member will help you to clean up your system

David




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users