MS antispyware not catching QoolAid

A

anonymous

I was surfing the net when I came across a webpage that
seemed like it took a long time to load then Antispyware
alerted me of about 5 or 6 spyware and trojans. I
proceeded to delete them. All of them are gone now but 3
remain. Antispyware catches rpki.exe and blocks it but it
keeps coming up. Also, I tried to search for ixfyds.exe,
impkkn.exe, rpki.exe, and shirrgh.dll, but they are not in
the folder where the program is supposedly running. The
adware is called QoolAid
 
R

Ron Kinner

C:\Windows\TEMP\wtmp.exe
and
C:\Windows\System32\sccmgr.exe

are supposed to be the main components of QoolAid. If
either is running when you try and remove it you will get
it back. This is one that has to be removed in Safe Mode.

The files you mention are from one of the polymorphs which
have different random file names each time. Get
HijackThis.exe from
http://tomcoyote.org/hjt/hjt199//HijackThis.exe

Save it to C:\hjt (new folder) then Open it and select
Scan and Save Log. Note where you saved the log then
send it to me as an attachment. Let's see what else you
have.

Ron Kinner
Microsoft MVP 2004 & 2005
(e-mail address removed)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ms anti spyware not catching spyware 1
AntiSpyware Quarentine 21
An the winner is... Microsoft Antispyware 0
Threats not removed on reboot 2
MS Antispyware vs Adware ++ 7
MS antispyware observations and requests 3
Bug in MS AntiSpyware 3
News: Microsoft AntiSpyware vs Messenger Plus! 13

Top