Category:Trojan,Downloader
[Kaspersky]Trojan-Clicker.Win32.BHO.i;
[Other]W32/DLoader.AIYY,Win32/QinqDL.0th!Trojan,Backdoor.TrojanQinqDL Detection :
Files:
[%WINDOWS%]\up.exe
[%PROFILE_TEMP%]\1910.exe
[%PROFILE_TEMP%]\20313.exe
[%PROFILE_TEMP%]\54699000.exe
[%PROFILE_TEMP%]\686.exe
[%PROFILE_TEMP%]\dsssvc.dat
[%PROFILE_TEMP%]\mms.exe
[%PROFILE_TEMP%]\mms_686.exe
[%PROFILE_TEMP%]\mms_837.exe
[%PROFILE_TEMP%]\mms_862\mms_862.exe
[%PROFILE_TEMP%]\scfile.exe
[%PROFILE_TEMP%]\systems.exe
[%SYSTEM%]\00002add.DAT
[%SYSTEM%]\4124ntos.dll
[%SYSTEM%]\bpxml.dll
[%SYSTEM%]\bxaxcadktfcqb.dll
[%SYSTEM%]\cl_eyv.dll
[%SYSTEM%]\drivers\00002add.SYS
[%SYSTEM%]\drivers\adpu64.sys
[%SYSTEM%]\drivers\ast.sys
[%SYSTEM%]\drivers\cl_eyv.sys
[%SYSTEM%]\drivers\kxsmp.sys
[%SYSTEM%]\drivers\ZNANBOBN.DAT
[%SYSTEM%]\dsfhw.dll
[%SYSTEM%]\dsssvc.dll
[%SYSTEM%]\ESDPDPBNYLW.CAD
[%SYSTEM%]\JXLZOCPCPDPC.EXE
[%SYSTEM%]\KXKXMZMZNZMZ.DLL
[%SYSTEM%]\LZMZPCQDRFSFT.AAB
[%SYSTEM%]\msnxk.dll
[%SYSTEM%]\popfiles.ini
[%SYSTEM%]\QERESGUHWKXJXKX.AET
[%SYSTEM%]\QFTGWKWKXKXKXKX.OKC
[%SYSTEM%]\sconfs.exe
[%SYSTEM%]\SFRES.DLL
[%SYSTEM%]\SJZNFUIVJXLYMA.INI
[%SYSTEM%]\toolset.ini
[%SYSTEM%]\UniBar.exe
[%SYSTEM%]\wbem\ksvod.dll
[%SYSTEM%]\wbem\lhatl.dll
[%SYSTEM%]\wbem\UNHBWPHZSJBTME.DLL
[%SYSTEM%]\XKWJWJVH.DLL
[%SYSTEM%]\zgtsrmmueuhcj.dll
[%SYSTEM%]\ZNAODRFS.DLL
[%WINDOWS%]\39.exe
[%WINDOWS%]\50296.exe
[%WINDOWS%]\cc123.dll
[%WINDOWS%]\cn123456.dll
[%WINDOWS%]\Help\bredsk.CNT
[%WINDOWS%]\Help\WMSDK.OEM
[%WINDOWS%]\system\20313.exe
[%WINDOWS%]\update332.exe
[%WINDOWS%]\up.exe
[%PROFILE_TEMP%]\1910.exe
[%PROFILE_TEMP%]\20313.exe
[%PROFILE_TEMP%]\54699000.exe
[%PROFILE_TEMP%]\686.exe
[%PROFILE_TEMP%]\dsssvc.dat
[%PROFILE_TEMP%]\mms.exe
[%PROFILE_TEMP%]\mms_686.exe
[%PROFILE_TEMP%]\mms_837.exe
[%PROFILE_TEMP%]\mms_862\mms_862.exe
[%PROFILE_TEMP%]\scfile.exe
[%PROFILE_TEMP%]\systems.exe
[%SYSTEM%]\00002add.DAT
[%SYSTEM%]\4124ntos.dll
[%SYSTEM%]\bpxml.dll
[%SYSTEM%]\bxaxcadktfcqb.dll
[%SYSTEM%]\cl_eyv.dll
[%SYSTEM%]\drivers\00002add.SYS
[%SYSTEM%]\drivers\adpu64.sys
[%SYSTEM%]\drivers\ast.sys
[%SYSTEM%]\drivers\cl_eyv.sys
[%SYSTEM%]\drivers\kxsmp.sys
[%SYSTEM%]\drivers\ZNANBOBN.DAT
[%SYSTEM%]\dsfhw.dll
[%SYSTEM%]\dsssvc.dll
[%SYSTEM%]\ESDPDPBNYLW.CAD
[%SYSTEM%]\JXLZOCPCPDPC.EXE
[%SYSTEM%]\KXKXMZMZNZMZ.DLL
[%SYSTEM%]\LZMZPCQDRFSFT.AAB
[%SYSTEM%]\msnxk.dll
[%SYSTEM%]\popfiles.ini
[%SYSTEM%]\QERESGUHWKXJXKX.AET
[%SYSTEM%]\QFTGWKWKXKXKXKX.OKC
[%SYSTEM%]\sconfs.exe
[%SYSTEM%]\SFRES.DLL
[%SYSTEM%]\SJZNFUIVJXLYMA.INI
[%SYSTEM%]\toolset.ini
[%SYSTEM%]\UniBar.exe
[%SYSTEM%]\wbem\ksvod.dll
[%SYSTEM%]\wbem\lhatl.dll
[%SYSTEM%]\wbem\UNHBWPHZSJBTME.DLL
[%SYSTEM%]\XKWJWJVH.DLL
[%SYSTEM%]\zgtsrmmueuhcj.dll
[%SYSTEM%]\ZNAODRFS.DLL
[%WINDOWS%]\39.exe
[%WINDOWS%]\50296.exe
[%WINDOWS%]\cc123.dll
[%WINDOWS%]\cn123456.dll
[%WINDOWS%]\Help\bredsk.CNT
[%WINDOWS%]\Help\WMSDK.OEM
[%WINDOWS%]\system\20313.exe
[%WINDOWS%]\update332.exe
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{b432d70a-e457-4dbd-823f-b88095fadb54}
HKEY_CLASSES_ROOT\clsid\{dfcb34b6-902d-426e-ae2b-1b294ae19f4f}\programmable
HKEY_CLASSES_ROOT\clsid\{f770522b-198d-4134-9d74-d30f41b3ba44}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8d618742-6ce8-4291-bf20-ca5a2da78e4c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b432d70a-e457-4dbd-823f-b88095fadb54}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{dfcb34b6-902d-426e-ae2b-1b294ae19f4f}
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\adpu64
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\network\adpu64
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_adpu64
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\adpu64
Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\explorer bars\{841b2b65-118d-4ff2-ad63-4cff44b8b68f}
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
Removing QinqDL:
you can run trial version of ExterminateIt, or remove QinqDL manually..ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.
Download ExterminateIt! to instantly get rid of QinqDL!
Also Be Aware of the Following Threats:
Remove Pigeon.AVIQ Trojan
Win32.FireCracker Trojan Cleaner
Posts
