Qdown help needed

Greetings - -

I'm running W2k with SP2. I use Norton AV and Zone Alarm Pro and have cable modem. I followed the steps through #4 in thread 35407, and also ran RAV online scan.

Yesterday Micro Trend online scan told me I had QDown.L Said it was in directory C:\WINDOWS\Downloaded Program Files/QDow_AS2.dll, however when I looked I couldn't find QDow_AS2.dll in that folder (viewing is enabled for hidden files, folders and extensions).

A web search turned up the Qdown thread on this site (http://forums.majorgeeks.com/archive/index.php/t-43607), however the solution doesn't appear to apply to this situation as in regedit I don't find syncroad.exe, winsync.exe, syncroad.a, or syncroadx.dll.

RAV found the Qdown infection too. Also, after running all the programs in steps 3 & 4 I went back to Micro Trend. This time when it found QDown (labelled as uncleanable), I impulsively stabbed the 'delete file' button. Was this dumb? Does the lack of syncroad.exe, winsync.exe, syncroad.a, and syncroadx.dll in regedit maybe mean that Qdown hadn't yet done anything?

Help is greatly appreciated. Many thanks.

 

The previous Qdown thread indicated that Qdown is not just in the program files but also in the registry - - that deleting Qdow_AS2.dll from downloaded program files does not clean it out.

The directions in the thread said to open regedit, search for syncroad.exe, winsync.exe, syncroad.a and syncroadx.dll, and delete all perameters, values and keys. I tried this but didn't find any of these files.

(Also, when I selected 'delete file' on Trend Micro it appears to have done so - - I scanned again afterwards and it no longer turned up Qdown, however I'll download ExplorerXP to double check.)

Are there other files I should be looking for in regedit?

 

1. I didn't know The Director's comments were useless, (why do you think I chose 'No Geek Me' as a user name? ). I took them at face value and thought I needed to do more than delete the Qdown file.

2. I said in my first post that Trend Micro labelled the problem 'uncleanable' and also offered the option of deleting the file, which I selected. The label 'uncleanable' and comments by The Director in the previous thread led me to believe that my Qdown problem would not disappear by letting Trend Micro delete QDOW_AS2.DLL

3. I found Trend Micro before I found MajorGeeks. It was Trend Micro that found the trojan. Because it was labelled uncleanable I did a search to find out what to do. I found Major Geeks. I followed all the instructions. When I re-visited Trend Micro it again found Qdown.l and again called it uncleanable. I hit the delete button on Trend Micro. I ran the scan again. It came up clean. I started this thread.

That's my story and I'm stickin' to it.

So does this mean there's no more problem?