OK, so a little while ago avast found a Trojan on my computer, but when I tried to delete/move/rename/no action or anything like that it just kept popping up. and then like 7 others kept popping up!!!

I researched it and it’s a backdoor Trojan called Trojan.DownLoader.8933 and it lets other viruses into your comp!!! Please help because Avast wont get rid of the virus!!! ;__; :‘( :’( :‘( :’(

I’m afraid my comp is gonna be toast soon

Also, This virus had many many aliases, and here they are (got it from the Stop Sign website)

TR/Dldr.Agent.agw

W32/Downloader.SIX

Win32:Qoologic-AH

Downloader.Agent.CYT

Trojan.Downloader.Qoologic.BC

TrojanDownloader.Agent.agw

Win32/Qoologic.127488!DLL!Trojan

Win32/Qoologic.AB

Downloader.Agent.agw

W32/Agent.AGW!tr.dldr

W32/Downloader.SIX

Trojan-Downloader.Win32.Agent.AGW

Qoolaid

Trojan.winsync

Win32/TrojanDownloader.Qoologic.P

W32/Agent.XCE

Adware/QoolAid

Troj/Qoolaid-AM

Trojan/Downloader.Agent.agw

Trojan.DL.Agent.CEA

What is your OS ?
What is your firewall (as this should stop unauthorised internet access, required by downloaders) ?
What was the file name, where was it found example (C:\windows\system32\infected-file-name.xxx) ?
Why could avast not move/delete, etc. what error messages ?

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode. Ewido anti-spyware If using winXP. or a-Squared free if using win98/ME.

Hi kaiiriin,

Here is a technical description of what the virus does.

http://www.xblock.com/product_show.php?id=1179

Download dotomyco from here: http://www.niksoft.at/php/dl.php?f=dotomyco.zip and run this tool. after you run it post a hjt log.

If the above method does not give the required result, you download Qooofix from here : http://www.softpedia.com/progDownload/Qoofix-Download-44032.html
Put Qoofix in C:, close all browser and explorer folders, choose option Qooofix and autofix. Please wait the 5 min for the procedure to be run.

polonus

thanks ^^

DavidR-

Os: WinXP
Firewall: I don’t know if i have one
Fil Name: C:\WINDOWS\system32\qaqmshb.dll

There was no error message, it simply kept popping up again and again even after i “moved” or “deleted” it

Ho kaiiriin,

Try to remove the file, using killbox from here: http://www.softpedia.com/progDownload/Pocket-KillBox-Download-27315.html

polonus

Polonus!!! ;D ;D ;D

Yay the Qoofix worked perfect!!! Thank you so so so so much!!! Now I have my computer back Thanks also, DavidR fro your help too ^^

Well I am glad, this worked for you. You’re welcome.

Stay malware free, welcome to the forum,

polonus

Glad that we could help and you really need a firewall.

Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.

Zone Alarm free http://www.zonelabs.com works fine with avast and has a reasonably friendly user interface. There are others, Jetico, Sunbelt Kerio, etc.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php. Also see http://www.thefreecountry.com/security/firewalls.shtml
Also Home PC Firewall Guide