Home > General > Downloader.Qoologic.bj


Files In Winlogon shell and userinitListed here as a Doublecheck for the locate com results shell REG_SZ Explorer.exe, C:\WINDOWS\system32\rawri.exe userinit REG_SZ C:\WINDOWS\system32\userinit.exe,cvevsbk.exe... I ended up also running the Look2Me Destroyer, which got rid of some more stuff. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Source

If you see any other entries in the right pane, move them back to the "Keep" pane & post the filenames to inform me. Volume Serial Number is CCC6-E2E4 Directory of C:\WINDOWS\System32 10/10/2006 13:48

dllcache 10/10/2006 09:00 234,176 p6n8lg5u16.dll 31/07/2005 14:56 Microsoft 1 File(s) 234,176 bytes 2 Dir(s) 36,499,963,904 bytes free Back to I have an HP computer, so it COULD be legit, but the frequency and the lack of "quit bothering me" button makes me suspicious.Here is my Ewido log---------------------------------------------------------ewido anti-spyware - Scan Start the Brute Force Uninstaller by doubleclicking BFU.exe Doubleclick qooFix.bat, Close all browsers and explorer folders. https://forums.spybot.info/showthread.php?3497-Downloader-Qoologic-bj

Then try Killbox again.Reboot into Safe Mode.open c:\WinPFind and double-click on WinPFind.exe. Advertisement Recent Posts 4 Word Story continued (#6) cwwozniak replied Jan 16, 2017 at 10:10 AM Word List Game #14 cwwozniak replied Jan 16, 2017 at 10:09 AM Make Four Words Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} (SpdTCtl Class) - http://speedtest.adelphia.net/custom...ESTACTIVEX.CAB O18 - Protocol: After the PC has restarted please run an online scan at Panda: --------------------------- Perform an online scan using Internet Explorer with Panda ActiveScan ** click on "Free use ActiveScan" located on

W i n F i x e r . t x t - > T r a c k i n g C o o k i e . 2 o 7 : C l e a n e d If you check your Hijack log you will see that you have it running as well "O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1" I ended the b u r s t n e t [ 1 ] .

j : C l e a n e d w i t h b a c k u p ( q u a r a n t i n e d Downloader.Qoologic.bj? After a reboot, your desktop and icons will appear, then disappear (this is normal). original site C : \ D o c u m e n t s a n d S e t t i n g s \ O w n e r \ C

or read our Welcome Guide to learn how to use this site. I E 5 \ 6 N W 7 4 L Y 3 \ S y s t e m D o c t o r 2 0 0 6 F r Please re-enable javascript to access full functionality. Stay logged in Sign up now!

Hope this helps Just_a_Geek, Jun 16, 2006 #4 This thread has been Locked and is not open to further replies. https://forums.techguy.org/threads/downloader-qoologic-bj-please-help.535223/ t x t - > T r a c k i n g C o o k i e . b e s t o f f e r s n e t w o r k s [ 2 ] . Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter.

It is a motherboard monitor program that came with my Asus board. http://iversoncreative.com/general/trojan-downloader-ruin.html Select: Delete on Reboot then Click on the All Files button.Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after When finished, it will produce a log for you. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2,valueC= sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders and select the KeyName2 key to display the valueC value in Download L2mfix from one of these two locations:http://www.atribune.org/downloads/l2mfix.exehttp://www.downloads.subratam.org/l2mfix.exeSave the file to your desktop and double click l2mfix.exe. every few seconds an IE window would pop open with some lame ad in it. http://iversoncreative.com/general/downloader-delf-12-an.html All rights reserved.

Popups by the second. Valerie Win32.Qoologic.bjAliases of Win32.Qoologic.bj (AKA):[Kaspersky]Trojan-Downloader.Win32.Qoologic.bj[McAfee]Qoolaid[Other]Adware.QoolAidHow to Remove Win32.Qoologic.bj from Your Computer^To completely purge Win32.Qoologic.bj from your computer, you need to delete the files, folders, Windows registry keys and registry values associated Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 Buckeye_Sam Buckeye_Sam Malware Expert Members 17,382 posts OFFLINE Gender:Male Location:Pickerington, Ohio Local time:10:19 AM Posted

l : C l e a n e d w i t h b a c k u p ( q u a r a n t i n e d

I ran Spybot Search and Destroy, which took about 45 minutes to scan my system... It is essential that you follow these steps or certain important features of the program will not function correctly.Please download ComboFix and save it to your desktop.Double click combofix.exe and follow Logfile of HijackThis v1.99.1 Scan saved at 3:08:44 PM, on 5/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe I figured that was a bad sign, but I decided to plug my cable in and run Kaspersky.

I rebooted into Safe Mode and ran both again. Ok I did that stuff and have my shiny new HijackThis log:Logfile of HijackThis v1.99.1Scan saved at 1:21:45 PM, on 5/12/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running Thread Status: Not open for further replies. Check This Out ran CleanUp!, Ad-Aware again, CWShredder, SpybotS&D again, Ewido, and Trend Housecall (which wasn't able to run on my system for some reason.

Please thank your helpers and there will always be help here when you need it!======================================================== Back to top #3 Buckeye_Sam Buckeye_Sam Malware Expert Members 17,382 posts OFFLINE Gender:Male Location:Pickerington, Ohio As long as the hard disk light is flashing, the program is still working properly.»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Check the boxes next to all the entries listed below.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =R3 - Default URLSearchHook is missingO2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfg32p.dllO2 - BHO: CFG32S Adding Administrative privleges.

j : C l e a n e d w i t h b a c k u p ( q u a r a n t i n e d Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out these instructions. Please