Adstatus remote access trojan

Discussion in 'malware problems & news' started by AnthonyG, Apr 11, 2005.

Thread Status:
Not open for further replies.
  1. AnthonyG

    AnthonyG Registered Member

    Aug 3, 2004
    Today when removing some software via add remove programs i saw a windows adstatus installed. I tried uninstalling it but it said this program has already been uninstalled and it said would you like to remove its name from the list.

    Tonight when doing my weekly Full System scan with MSAS it has found this and said it is a trojan that sends my passwords to people.

    I am now panicking in the extreme, what does this mean, how does it do it, what has it done.

    I have today and yesterday logged onto paypal via firefox with my username and password. Is that now compromised. If so what else can be compromised.

    I need some advice for this please.

    Attached Files:

    • adst.JPG
      File size:
      37.6 KB
  2. Sweetie(*)(*)

    Sweetie(*)(*) Registered Member

    Aug 10, 2004
    The file winstatcomm.dll is from ADW_ADSTAT.A see HERE

    The main problem is this Trojan installs other Malware, don't panic though, it is un-lightly that your passwords etc have been compromised yet.

    Removal recommendations

    1. Remove the folder C:\Program Files\Windows AdStatus

    2. Update an run your Antivirus

    3. Download a second Antispyware program ( I reccomend Adaware, Spybot, CounterSpy or SpySweeper )

    4. Configure the AntiSpyware program for a full scan, update and run.

    Hopefully that will fix your problem, if not post back and we can try some more advanced options.
Thread Status:
Not open for further replies.