Author Topic: Win32:Trojano-180 [Trj]  (Read 5589 times)

0 Members and 1 Guest are viewing this topic.

Offline madrith

  • Newbie
  • *
  • Posts: 3
  • Go Beach!
Win32:Trojano-180 [Trj]
« on: July 03, 2004, 04:32:33 AM »
Help!  Using Avast! Resident Protection I get a warning of this virus located in diffrent files poping up about every 5 min.  I choose to delete and it delets it, but pops up again in about 5 min.  How can I get rid of this!  Below is a copy of the log.  I tried doing a boot time scan, but it found nothing.

*
* Task stopped: Tuesday, June 29, 2004 7:04:31 AM
* Run-time was 1 day(s), 11 hour(s), 37 minute(s), 25 second(s)
*

*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Tuesday, June 29, 2004 7:05:41 AM
* VPS: 0426-1, 06/25/2004
*

C:\WINDOWS\ntgc.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\msfp32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\appvq32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\atldq32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\winln32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\systn.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\System32\bemej.dll [L] Win32:Trojano-191 [Trj] (0)
*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Tuesday, June 29, 2004 8:47:41 PM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\system32\d3sc32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\javami.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\apiyp32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\sdkvg.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\mfcsf.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\syspo32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...

*
* Task stopped: Tuesday, June 29, 2004 9:38:03 PM
* Run-time was 50 minute(s), 22 second(s)
*

*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Wednesday, June 30, 2004 6:33:27 AM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\system32\sdkwh.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\msup.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\appac32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\apigk32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\addgj32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\apifx.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...

*
* Task stopped: Wednesday, June 30, 2004 7:34:00 AM
* Run-time was 1 hour(s), 33 second(s)
*

*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Wednesday, June 30, 2004 2:05:48 PM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\system32\iejb32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\javazl.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\netoh32.exe [L] Win32:Trojano-180 [Trj] (0)
*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Thursday, July 01, 2004 7:03:50 AM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\d3kp.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\System32\apils32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\msuq.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\javajg.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\mfchz32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...

*
* Task stopped: Thursday, July 01, 2004 7:18:28 AM
* Run-time was 14 minute(s), 38 second(s)
*

*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Friday, July 02, 2004 7:00:09 AM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\system32\d3pm.exe [L] Win32:Trojano-180 [Trj] (0)
C:\WINDOWS\system32\d3pm.exe [L] Win32:Trojano-180 [Trj] (0)
C:\WINDOWS\ipno32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\javapj.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\addju.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\addwn32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\mfcis.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...

*
* Task stopped: Friday, July 02, 2004 7:26:56 AM
* Run-time was 26 minute(s), 47 second(s)
*

*
* avast! Report
* This file is generated automatically
*
* Task 'Resident protection' used
* Started on Friday, July 02, 2004 7:46:25 AM
* VPS: 0427-0, 06/29/2004
*

C:\WINDOWS\system32\d3rf32.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\windows\msopt.dll [L] Win32:Trojano-210 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\appqe.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...
C:\WINDOWS\system32\crpi.exe [L] Win32:Trojano-180 [Trj] (0)
File was successfully deleted...
File was successfully deleted...

Offline Datagg

  • Sr. Member
  • ****
  • Posts: 219
  • Perceive things that you cant see
    • Girlfriends Lingerie
Re:Win32:Trojano-180 [Trj]
« Reply #1 on: July 03, 2004, 07:34:09 AM »
Oh man looks like some of the crap i had go ont h other day
http://forum.avast.com/index.php?board=2;action=display;threadid=5655

Good luck bro........
X64
GA-K8N-SLI
AMD 64 3500+
Nvidia Nforce4
e-Geforce 6800GT - PCI-E 256M
Gig of PC3200 DDR2

Offline madrith

  • Newbie
  • *
  • Posts: 3
  • Go Beach!
Re:Win32:Trojano-180 [Trj]
« Reply #2 on: July 03, 2004, 04:00:16 PM »
Man, that is just evil!  So far nothing has stopped functioning, but who knows!  I think my task for the day is to back up, and reformat!  Thanks for the well wishes, I think I'll need it!

Offline Max M.Wachtel III

  • Sr. Member
  • ****
  • Posts: 326
  • Long Live Freeware
    • Keeping Windows Clean
Re:Win32:Trojano-180 [Trj]
« Reply #3 on: July 03, 2004, 06:40:11 PM »
madrith-
Try some of the programs listed on my site.
Since you are ready to format anyway,it wouldn't hurt to try some of tips and programs listed.
This will be a good learning experience for you.
Take advantage of it. Perhaps you can clean up the mess
and learn how to prevent it in the future.
-max
When I stop learning I stop living-max
Virus Removal Instructions
http://home.neo.rr.com/manna4u/

Offline lee20

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2326
  • The only true failure is when you give up
Re:Win32:Trojano-180 [Trj]
« Reply #4 on: July 03, 2004, 06:43:34 PM »
If your going to format just try some online scanner (rav), then send the virus(s) into avast for testing ;) , as madmax said "it can't hurt"  :)
« Last Edit: July 03, 2004, 06:44:08 PM by lee16 »

"Anyone who has never made a mistake has never tried anything new."-Albert Einstein

Comodo Firewall, Avast 4.8, SpywareBlaster, Spybot + superantispyware, PeerGuardian and ALL software patched!

Offline Datagg

  • Sr. Member
  • ****
  • Posts: 219
  • Perceive things that you cant see
    • Girlfriends Lingerie
Re:Win32:Trojano-180 [Trj]
« Reply #5 on: July 03, 2004, 07:04:22 PM »
Yes for sure do that. I spent many hours trying to eradicate the damages that happend.  It wasnt till all avenues were exausted did i do a  format.    
X64
GA-K8N-SLI
AMD 64 3500+
Nvidia Nforce4
e-Geforce 6800GT - PCI-E 256M
Gig of PC3200 DDR2

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 45279
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32:Trojano-180 [Trj]
« Reply #6 on: July 03, 2004, 07:53:01 PM »
Datagg
Any idea where you picked this bugger up????
I'd like not to go there.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Datagg

  • Sr. Member
  • ****
  • Posts: 219
  • Perceive things that you cant see
    • Girlfriends Lingerie
Re:Win32:Trojano-180 [Trj]
« Reply #7 on: July 03, 2004, 08:05:38 PM »
Datagg
Any idea where you picked this bugger up????
I'd like not to go there.

I was surfing the net looking at compition Lingerie sites.  I clicked on one, it was on google, the ones to the right side, the ones who pay to get listed there.  I dont recall the name of it,  but it was as of thursday in the top 3 pages.  When I hit that sucker,  avast lit up, browser went nuts, outpost shut off, avast died, i quickly disconnected modem at that point, i thought I was in a war zone.  So thru all of that, I just cant remember the name of that site.  i did write to google though, and told them that someone has this haxdoor, and is deleivering it thru some kind of pop up jave redirect or something.  Havent heard back from them, not really counting on it either.  

But, im sure if avast didnt shut off, and outpost also along with it, I woulda been ok.  But obviously that didnt happen.  So now, I  bought the paid version of Process Guard and am protecting these programs tighter than a drum so no more tampering can be done to them.   Hopefully, I can suggest in all sincerity that you all consider if you havent allready, to purchase PG, or at least get the free version so you can protect one program.   I thought, till then , that I was really secure, times change though, and these new viruses, trojan combos bring up a whole new level of awareness.  Basicaly,in a nutshell, your protecting programs need protection too.

Have a great 4th yall, be safe and bless you all.....
X64
GA-K8N-SLI
AMD 64 3500+
Nvidia Nforce4
e-Geforce 6800GT - PCI-E 256M
Gig of PC3200 DDR2

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 45279
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32:Trojano-180 [Trj]
« Reply #8 on: July 03, 2004, 08:41:37 PM »
Thanks for the quick come back Datagg
I use WinPatrol, Ad-watch Monitoring, Webroot SpySweeper,Outpost fire wall and of couse, Avast! Between all of them. I have been well protected.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline madrith

  • Newbie
  • *
  • Posts: 3
  • Go Beach!
Re:Win32:Trojano-180 [Trj]
« Reply #9 on: July 03, 2004, 10:00:29 PM »
OK, though I'd give you all an update.  I was going to reformat and reinstall, but though I'd dig a little and see what I could find.  Searched though the windows directory and notcied a file that looked suspicious.  Went to MadMax's site and went to Kaspersky and had the file scaned.  This is what it found:

Scanned file:   sdksl32.exe
 
sdksl32.exe - packed with UPX
sdksl32.exe - infected by TrojanDownloader.Win32.Agent.aq  

Gee, wonder why I got so many trojans...  Anyway, just deleted the file so I'll see how it goes now.... after I check my other computer on the network!  Thanx again all!

Offline Gillie2tat

  • Full Member
  • ***
  • Posts: 171
  • In a hole in the ground there lived a hobbit.
    • Tatting at Bella Online
Re:Win32:Trojano-180 [Trj]
« Reply #10 on: July 04, 2004, 11:17:32 AM »
Wow!  I occasionally click on these Google ads - will never do so again after reading about what happened to you!

So sorry you've had so much trouble.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 45279
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Win32:Trojano-180 [Trj]
« Reply #11 on: July 04, 2004, 02:32:22 PM »
madrith
Your Avatar is much to big.  Please change it or shrink it...     Thanks
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq