Computer Support Forum

Solved: Bulk Image Downloader?

Question: Solved: Bulk Image Downloader?

I'm working on a project right now but I've run into a problem. I have a CSV list of URLs for around 700 images and I need to download, resize, and rename them all. Manually this will take way too long for the project to be practical in any way by downloading each URL one at a time.

Is there a program out there that can take a list of image URLs and auto download them all? Would be a huge help if anyone knows of one. I've tried searching for one but all the one's I've found only work one URL at a time.

I'm new to these forums so if this is in the wrong forum let me know.

Relevance 100%
Preferred Solution: Solved: Bulk Image Downloader?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Solved: Bulk Image Downloader?

7 more replies
Relevance 86.92%

Hey guys, I recently wrote a bulk image downloader that scans pages and lets you save images.
so faraf.milpexels.comwallhaven.ccwall.alphacoders.com
are supported.
 

 
Unzip and run Floader.exe
 
https://mega.nz/#!rloUWZqS!hcYevvLwSSlSbWbHNsfs0DmjupNUXZoNnTceNEg qtRA

Answer:Bulk Image Downloader

To all interested in this application -
 
Be warned that you download and use this application at your own risk.
 
BC does not support or endorse this software.
 
Chris Cosgrove

1 more replies
Relevance 86.1%

Hi!

I am looking for a FREE bulk image downloader program or chrome extension that will not crash my browser.

I want to use the program/extension to quickly download the pics I've shared on Facebook and Tumblr. Because it would take HOURS to go through and download each one by one.

I've tried a few extensions already, but each of them crashed chrome because they tried to save them by opening a "save as" window for each. So I need a program that allows you to save them into a folder or into compressed file/folder so that it doesn't crash my browser or my computer.

Any ideas??
 

Answer:Looking for a free Bulk Image Downloader

Most of these sites have protected the images from be downloaded in the manner you wish.

Have tried contacting "Support" of these sites and see what they have to say?
 

1 more replies
Relevance 61.09%

Hey, I'm in search for a program that can download all the images from a specified thread on a forum including all of the pages withing that thread. Possibly some program out there than can search within thread ID's? It would need to be able to download picture embeds. I've tried a few programs with little success(webripper-crashes or randomly goes off to different pages/threads and only detects maybe 1 or 2 pages. Imageripper-just doesnt work with threads, download them all addon doesnt work either).

Anyone know of a good program that can achieve this task for me? Thanks
 

Answer:Solved: Thread Image Downloader

11 more replies
Relevance 59.86%

I've got a little problem.....i have a folder with a LOT of images (.jpgs).

I need to resize them ALL. The only way I can figure out doing this is opening them one by one in my image editor, resizing, saving, going to the next one.

With several hundred images, I would love to be able to do this in bulk. They all will be the same size when I am done with them.

Can this be done?

Answer:Image Resize (in bulk)

http://www.faststone.org/

Check out the Image Resizer, it has a batch mode that is pretty awesome, yay for freeware.

3 more replies
Relevance 59.45%

I've found quite a few programs that will resize images in bulk, but none of them will quite do what I'm looking for.

I need to convert a number of images with various sizes (175x25, 140x100, 110x50, etc.) into 250x250. However, I don't want to stretch the original image, just add white trim around the outside of the image to make it 250x250. Any software I've found will only stretch the image. I can't do each image individually, because I have over 30,000 of them to go through. Does anyone know software that would do that in bulk?
 

Answer:Bulk Image Resizing Software

How about this Microsoft power toy?
http://download.microsoft.com/download/whistler/Install/2/WXP/EN-US/ImageResizerPowertoySetup.exe

Just select the images you want then right click resize.
 

6 more replies
Relevance 58.63%

I'm looking for a program that can add a watermark to images in bulk. This isn't the standard watermark where it is overlayed onto the existing image. I want to be able to add, say, 50px to the bottom of the image canvas and write the watermark there on the new white space.Freeware would be nice but anything will do.

Answer:Good program to add a watermark to image in bulk?

I haven't used this or any watermark programs, but this one surely warrants a look: http://www.watermarkfactory.com/

5 more replies
Relevance 58.63%

Does anyone know of an app in which you can automatically reduce the file size of, say, 30 images all in one go rather than having to reduce each one separately?I've quite a few images which I want to put into a photo gallery. The first one I looked at was over 1 MB which I'm sure is too big for a web page!

Answer:Bulk reduction of jpg image file size

Ifanview click here

2 more replies
Relevance 58.63%

I have a ton of BMP's I want to change to JPEG's.

I searched and found a few different programs but I thought I would check here for some suggestions. I don't really need anything with a lot of bells and whistles, just something that's good quality, easy to use, and free.
 

Answer:Mass/Bulk Image Converter Program

Blown Cap said:


I have a ton of BMP's I want to change to JPEG's.

I searched and found a few different programs but I thought I would check here for some suggestions. I don't really need anything with a lot of bells and whistles, just something that's good quality, easy to use, and free.Click to expand...

ImageMagick makes it very easy from command line, and being command line there are no bells and whistles.

When installed and the DLL is registered you have all the commands available from command line, no need to start any programs to do graphics manipulations, tons of options if you read up on it on ImageMagick.org.

What you want would be as simple as opening a command prompt, go to the Dir with your pics, and type...
Code:
mogrify -format jpg *.bmp
...and that's all.

But as said, it can do MANY other things, if you read up on it.
 

7 more replies
Relevance 58.22%

Apologies - the Urgent in this is only because I'm unsure whether any action may need to be done before I close down in about 6 hours or so.

Basically my problem began in Picasa 3 where I watched a short vid then decided to change the filename. That done I closed the preview & went back to the main program where I discovered that Picasa had somehow decided I wanted the entire folder of images renamed so it has worked through the 500+ images and renamed each one as Filename001, Filename002, Filename003 and so on which as you can appreciate is now causing somewhat of a major headache for me. It would take me a good few hours I would rarely have to go through and rename each one manually, so my question basically is - is there any method or program that can undo the action as I can't find any means of doing so from within Picasa. All other options I've found in my searches are mainly to achieve pretty much the same i.e. bulk rename as Name1, Name2 etc so are of little help.

Anyone any suggestions what else I could try?

Answer:Urgent help needed - how to revert a bulk image name process?

I assume you don't have a Backup to fall back on. I use these two bulk renaming tools. You can see if they help. This is drop dead simple to use - http://www.fauland.com/af5.htm
This one has a more complicated interface but a couple other options - http://www.joejoesoft.com/vcms/108/

3 more replies
Relevance 55.76%

There is a case, where i have bulk of user names and bulk of flat files(.txt files). I have to search each and every user name in all the flat files and if the user found it should picked up. I have to repeat this for all the user names. Is there any possibility of doing this in an easier way.. Please help..

More replies
Relevance 50.43%

First of all would like to say hi to everyone at TSG!

Have been referred to this while using McAfeeHelp, my system is infected with New Malware.j / Generic Downloader.f & Downloader-AYL.

Every time i start my browser, McAfee pops with messages of files infected by the above. It is able to delete files infected by Generic Downloader.f & Downloader-AYL but no the ones by New Malware.j. My system's 'TASK MANAGER' is not working. I get a message that 'Task Manager has been disabled by your administrator'.

Have tried scanning with Spyware Doctor 2.0.1.143 & Ad-Aware SE Personal but of no help. Reading the previous threads, have downloaded HijackThis. Kindly assist, find below the log file of HijackThis.

Logfile of HijackThis v1.99.1Scan saved at 2:35:07 PM, on 1/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\s... Read more

Answer:Solved: Help Removing Trojans : New Malware.j / Generic Downloader.f / Downloader-AYL

13 more replies
Relevance 50.43%

hi my friend is with bt​ broadband and he receives​ about 100 spam emails a day but bt​ put them into a bulk folder he does not open them just deletes​ them but what can he do to stop receiving​ them at all
 

Answer:Solved: bulk & spam

There are many tools and programs that will attempt to stop spam, there are also services you can sign up that filter your email before it hits your email server.

However they cost and there is no real need if it is already being filtered off in to a junk folder.

Why is it that he doesnt want them in the bulk/junk folder?
 

2 more replies
Relevance 50.02%
Question: Image Downloader

Is there an easy way to download all the images on a Photobucket-like page? I've tried "DownThemAll," but that only brings back the thumbnails, which are of little use to me.

Thanks.
 

Answer:Image Downloader

Are you using Firefox as your browser or something else?

Peace...
 

3 more replies
Relevance 50.02%
Question: Image Downloader

Does anyone know of software that will crawl through a webpage and/or web site and download all images on the pages? I am trying to save multiple pages worth of pictures for a scrapbook I am keeping, this would save me LOTS of time (hopefully). Any suggestions?

Thanks!
 

Answer:Image Downloader

caniac,

You know I don't know if there is or not.

If you want the images you can go to each site and right click to save them or go to the cache folder and get them from there.
 

3 more replies
Relevance 50.02%
Question: Image downloader?

It's very tedious to download each image by itself if I find an interesting web gallery. But I have yet to find a good prog that does the job. Tried Image Downloader, Black Widow (?) and a couple of others. Any tips? Preferably freeware, but if it's a good prog I'm even willing to pay for it...
 

Answer:Image downloader?

I know of some offline browsing software that can d/l all types of files (not only image files). Hope you find them useful:

Teleport Pro (http://www.tenmax.com/teleport/pro/home.htm) -
This one's commercial.

wget (http://unxutils.sourceforge.net/) - This is actually a tool written for Linux/UNIX platform but it's ported to Win32. Freeware of course. But lacks a nice GUI for you to use.

Not sure if that's what you're looking for.
 

5 more replies
Relevance 49.61%

Hiya

Im thinking of adding a field in my database which will have the customers email addresses. I was wondering if theres a shortcut/easy way to send a bulk email using this data i would have on the database. I dont want to spend ages going back through the 100 + orders ive already entered adding their email if im going to have to copy and paste each one into a new email message.

I know i can add them to outlook into a group quite easily which is what i will probably end up doing but is there a way to do it using access?

thanks in advance
Arron
 

Answer:Solved: Access Help - Bulk Email

14 more replies
Relevance 49.61%

My ISP has notified me twice that bulk emails are being sent via my modem. They said if it happens again my internet will be shut off until I have proof of my computer being cleaned by a professional. I'd rather avoid that and take care of it myself. I ran Spybot and found various malware/spyware. Then I ran PC Tools Antivirus. It found over 100 infections, most of which were worm.P2P.BThree.B.Gen. I ran PC Tools Antivirus again today and it found about 10 infections by the same name. I have included my HJT log file below. Thanks for any help you can offer!!
-L

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:00:42 AM, on 8/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\3ware\3DM\3dmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Cursors\aolspy.exe
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Prevx2\PXConsole.exe
C:\Program Files\PC Tools AntiVirus\PCTA... Read more

Answer:Solved: Bulk email being sent via my modem

14 more replies
Relevance 49.2%

My ISP (rogers) joined with Yahoo so instead of checking my email online through webmail I now have to use Yahoo.

I normally use Outlook Express though and I was wondering if there is any way to block the bulk folder from downloading onto my computer. I only want the contents of the inbox.

I looked on the yahoo site and couldn't find anything and there is no point calling my ISP, they're mostly idiots there anyway.

If anyone knows that would be great. Thanks.
 

Answer:Solved: Yahoo email bulk folder

9 more replies
Relevance 49.2%

Greetings all,

I have a bulk send email software that keeps stalling at about 100 or so. I have goten back with the vender but they are slow to reply.

Here is my question. When I turn on the computer I get alot of error messages that say This function has performed an illegal operation and will be shut down.

I exit each one of those to get to where I can flow online.

then when I am using the bulk email software, and I have two different kinds they stop mid way and read as follows.

Is it the software or the computer. I use windows 98

DS2000 caused an invalid page fault in
module WSOCK32.DLL at 0167:75fa9c2f.
Registers:
EAX=75fa9b55 CS=0167 EIP=75fa9c2f EFLGS=00010246
EBX=75fa9aba SS=016f ESP=006e0000 EBP=75ba802d
ECX=00000000 DS=016f ESI=75fa9b5f FS=0dff
EDX=0129c014 ES=016f EDI=0129c01e GS=0000
Bytes at CS:EIP:
e8 fb ff ff ff cc 20 01 00 43 3a 5c 57 49 4e 44
Stack dump:
75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34 75fa9c34
What should I do ?

GlobalExportN
 

Answer:[SOLVED] Bulk Email Utility software

15 more replies
Relevance 48.79%

Can someone recommend a good free program that will batch download images? I'd like to be able to get wallpapers from sites w/o having to click on each thumbnail and then saving the images individually. I've tried a couple of programs but they didn't work very well. Thanks!

Answer:Free Batch Image Downloader?

A lot of websites prohibit the use of such tools because of bandwidth concerns. What website are you wanting to get the files from?

8 more replies
Relevance 48.79%

I am creating a new website for my photography business. It is only a hobby so I don't want to spend a fortune on it. The last step for me is to copyright my images. I need to create coyright watermarks on all images. I've only seen free wtermark software that does one picture at a time. I have thousands of images so need a batch or bulk watermark software. I prefer to download it as well. Not go through some watermark website each time I do watermarks.
 

Answer:Solved: Free Bulk Watermark Software? Does it exist?

12 more replies
Relevance 47.56%

Dear Friends,
I am getting atleast 50 delivery failed messages daily in my yahoo account.The recipient remains same but the attatchment name changes.I have attatched a file to describe the contents.
Request Help. Regards, Shrikant
 

Answer:Solved: Receiving Bulk Mail in Yahoo with subject Delivery Failed

hi there, ignore these messages, don't open them just kepp deleting them until they stop!
 

2 more replies
Relevance 47.56%

I found an answer to this question at Yahoo Answers. But the answer was given in 2010 and the answer no longer works-options listed in response do not exist. I assume yahoo updated their software and now there is a different way to save the emails in bulk.

So do any of you techies know how to save yahoo emails in bulk to a PC hard drive with the current yahoo software?
 

Answer:Solved: Is there a simple way to save my yahoo emails IN BULK to my PC hard drive?

Got my answer from another website. For those of you asking the same question here is where I found my answer. http://www.brighthub.com/computing/windows-platform/articles/70977.aspx
 

1 more replies
Relevance 47.56%

Norton picks these up as viruses. It appears to delete them. When i go to yahoo mail, it has problems opening up mail, and then tells me that my computer may be infected. It wants me to run some type of scan program. How do I remedy all of this. My virus defs are up to date. This particular time it wants to run "winxdefender". HELP!!
 

Answer:Solved: Downloader and Downloader.MisleadApp

16 more replies
Relevance 43.05%

I have Corel Photo House and Photoshop 4 photo editing software. I don't really use them a lot, and admit that I'm not very good at doing most things. One thing I've had occasion to do lately is to take a person from one image and copy it to a second image. The problem is that it takes a really steady hand, and patience, to trace around the outline of what I want to copy. I try to facilitate this by slowing my cursor to crawl speed, but I still have trouble accurately following the subject's outline.

Is there software -- preferably freeware -- that has an easy way of transposing/copying portions of an image?
 

Answer:Solved: How to copy portions of an image and paste in a second image?

9 more replies
Relevance 40.59%

I think i got some kind of virus. My AVG has this virus in the vault i cant remove or heal and i dont know what to do to get rid of it. JS Downloader.Agent When i click to heal it i get an error message sayin Action failed error while handling file C:\users\biganthony\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\57woldmk\search[4].htm So if anyone knows what to do please help me. I got windows vista home basic 32 bit version with AVG 7.5 free version i got Zonealarm and superanti-spyware and spybot and windows defender. I also ran ccleaner and on internet deleted everything temp files cookies addons history saved forms everything.
 

Answer:Solved: Solved: I think im infected,JS Downloader.Agent, Please Help!!!!!

14 more replies
Relevance 40.18%

Hello,
I am aware many people have this trojan. I must've gotten it while surfing the web. Panda Active scan detected Trj/Downlaoder.gk on my computer but doesn't give the option to delete it. The trojan seems to have disabled me from viewing "My computer, My documents" or anything involving windows explorer, I recieve :"Window's explorer has encountered a problem and needs to close." I have read old posts and have d/led hijack this and copied the log below. Please provide advice on how to get rid of this trojan. Thanks alot in advance, it is very much appreciated

Logfile of HijackThis v1.98.2
Scan saved at 1:49:39 PM, on 10/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\System32\tjnlwi.exe
C:\Documents and Settings\Chris\Application Data\ttuh.exe
C:\Program Files\Mes... Read more

Answer:[solved]TRJ/Downloader.GK Please Help!

14 more replies
Relevance 40.18%

Hi,

My AVG anti-spyware kept detecting Downloader.aqm the last few days.. I deleted it thru avg but it keeps showing up.. how do I get rid of this spyware/virus?? Below is the hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 12:28:29 p.m., on 6/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svcho... Read more

Answer:Solved: Can't seem to get rid of downloader.aqm.. please help

16 more replies
Relevance 40.18%

Hi there. I came across these forums while doing a search for a fix!

I read a thread from awhile back that said to download "Hijackthis". I have done that and have the log saved.

Panda found this nice little trojan hiding in my puter this morning and of course can't get rid of it. I have no idea what to do so here is my log:

Logfile of HijackThis v1.98.2
Scan saved at 11:39:02 AM, on 10/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\zvnmqs.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http... Read more

More replies
Relevance 40.18%

I'm looking for a downloader that is faster and resumable.
My friend suggested Download Accelarator Plus to check out but
this **** brings lotta ADs with it and slows down the download.

Any download that overcomes these problems?
 

Answer:Solved: Looking for a best downloader

10 more replies
Relevance 40.18%
Question: Solved: downloader

Hi Guys i wonder if anyone could help.My daughter who lives in Australia myself, i live in the UK has a problem, a couple of trojans. Generic zlob.AENH and zlob.AENF.Oh and fraudload.AS. Ive told her to do a scan with malwarebytes.Just wondered if anyone knew anything about them.And if ther's anything else i should tell her.Thanks Guys.
 

Answer:Solved: downloader

This is a known infection where fake security alerts appear in your taskbar stating that you are infected. These alerts tend to be accompanied by a rogue anti-spyware program installed on your computer without your consent. Clicking on one of these fake security alerts will either bring you to a home page where you can purchase other fraudulent software or will install automatically, without your permission, one of these software.

Are you still having problems with the infection?
 

3 more replies
Relevance 40.18%

Please help with purging Downloader-YK, McAfee keeps finding virus files when opening internet pages. After deleting they keep coming back. Have Adaware and Spybot also.

Logfile of HijackThis v1.99.1
Scan saved at 3:38:12 PM, on 03/05/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\hpoopm07.exe
C:\WINNT\system32\ezSP_Px.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:... Read more

Answer:Solved: Help with Downloader-YK

11 more replies
Relevance 40.18%

I have been trying to get rid of the downloader_ASI for months now to now avail. I have Mcafee virus scan, but I keep getting the "virus found" pop up and it keeps deleting it (and then it reappears later). My windows explorer also keeps crashing. I have tried running my virus scan in safe mode but get nothing. All I know is it keeps finding it in the registry. When I turn off system restore it doesnt appear. I went to the Mcafee site and nothing worked. They recommended using hijackthis and posting it here. I have attacked some pics of the virus mssgs. I have tried searching the post but couldnt find anything with downloader ASI, but a million things with downloader. here is my hijackthis log
Thanks in advance

Logfile of HijackThis v1.99.1
Scan saved at 5:52:53 PM, on 8/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
... Read more

Answer:Solved: Downloader ASI - cannot get rid of

13 more replies
Relevance 40.18%

Hello flrman1

I have run into the same problem with this Downloader GK Trojan. Picked it up last night surfing , of all things, "Canadian Navy sites"

Would you take a look at my logs and let me know if the above suggestions would be the solution for me also.

I have tried to do a system restore to 2 weeks ago and then purged system restore all to no avail. AVG does not find this virus, But Panda online scan does and will not clean it.
 

Answer:Solved: Downloader.GK

11 more replies
Relevance 40.18%

I have these popups that will not go away I have sybot S&D and NoAdware on my pc they do nothing for this . I also have been reading on this forum about downloader.GK the post i seen said to run safe mode then run Hijackthis.exe show all hidden files and folders and empty all temp files and to look for these things in Hijackthis.

Run HJT again and put a check in the following:

O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
-------------------------------------------------
But none of these are there so here is my log file. will someone please tell me what i need to take out
------------------------------------
Logfile of HijackThis v1.97.7
Scan saved at 1:24:30 AM, on 8/14/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program ... Read more

Answer:[Solved] downloader.GK help

7 more replies
Relevance 40.18%

Hi,

I got some trojans and junk on my computer and I think that I have removed the bulk of them, but I still get some (broken) pop-ups and McAfee keeps detecting Downloader-RK associated with two files but it can only delete one of them. I have run many anti-virus programs in addition to McAfee, Ad-Aware, Spybot S&D, and I have had no luck removing these remaining annoyances. Version 1.99 of HijackThis gives me an "encountered a problem..." error before it finishes scanning that I understand so far is not fixed, so the following log is from the previous version and I would appreciate if anyone could interpret it.

Logfile of HijackThis v1.98.2
Scan saved at 9:56:12 PM, on 2/5/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\niSvcLoc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nipalsm.exe
C:\WINDOWS\system32\nipalsm.exe
C:... Read more

Answer:Solved: downloader-rk, pop-ups

12 more replies
Relevance 39.77%

Orbit told me I should update their software so I did. Afterwards the "oneclick youtube downloader" was missing from firefox, which is fairly useful when downloading videos etc. I can't find it in the addons at firefox.com. Any ideas?

Thanks.

More replies
Relevance 39.77%

I appreciate all the help anyone can provide me in cleaning up my computer!I'm running WinXP SP2 with AVG Anti-Virus. With-in AVG's Vault I currently have 22 various Trojan Horse viruses, of three types:Trojan Horse Clicker.SXT with Path = C:\WINDOWS\system32\23lbM227.dllTrojan Horse Downloader.Generic8.ENX with Path = D:\DOCUME~1\Elliot\LOCALS~1\Temp\<-8 random letters->.exeTrojan Horse Downloader.Zlob.AGWB with Path = D:\DOCUME~1\Elliot\LOCALS~1\Temp\<-8 random letters->.exeLogfile of random's system information tool 1.04 (written by random/random)Run by Elliot at 2008-11-28 10:37:56Microsoft Windows XP Professional Service Pack 2System drive C: has 5 GB (5%) free of 95 GBTotal RAM: 511 MB (14% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:38:06 AM, on 28/11/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\PROGRA~1\AVG�... Read more

Answer:Infected with Trojan Horse Clicker.SXT, Downloader.Generic8.ENX and Downloader.Zlob.AGWB

Hi,* Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPost the log from ComboFix when you've accomplished that, along with a new HijackThis log.

8 more replies
Relevance 39.77%

Hi, I have just rebooted my computer and avg is picking up the trojan mentioned in the title, when it is removed there is a second one that comes from the recyclers folder, it is called dropper.Generic.bygt.dropper. They bsre one has just returned from the system volume information folder so I'm kind of worried they are not being cleared properly by avg. Thanks for any help you can give with this.



DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 20:35:44.85 on Tue 06/08/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.83 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Progra... Read more

Answer:Recently rebooted computer finds Trojan horse downloader downloader.generic9.bsre

BUMP please

10 more replies
Relevance 39.77%

Hi there,

I'm in the process of trying to sort out a few hassles on my sons' 2 computers. The first one (running Vista) has a Downloader.Oberfuskated trojan as discovered by AVG, that keeps popping up. Also, these 2 file names were mentioned in error messages at one point - but I can't remember the context coz they haven't appeared for a while (or so my son tells me): ljJBuroo.dll and jkklIArq.dll

Don't know exactly why, but I think a program called SweetIM from Macrogaming might have had something to do with things, though I think (hope) I may have removed it totally.

Here's the Hijack This log. I'll post another thread for the other computer. Any help greatly appreciated!!

Thanks!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:45:38 PM, on 22/04/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Nero\Nero 7\InCD\InCD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh... Read more

Answer:Solved: Downloader.Oberfuskated help?

11 more replies
Relevance 39.77%

please help....

i have xp and i ran nortons and it showed up with 2 virus name esfzpzex.dll and hxpqzotx.dll... they both show a path to
c:documents and settings\owner\local settings\temporary internet
files\content,ie5\5ea3gg6b\esfzpzex[1].cab
and...

.c:documents and settings\owner\local settings\temporary internet
files\content,ie5\5ea3gg6b\hxpgzotx[1].cab..
but i cant get to the path using DOS ( im not that good at dos) I have ran hijack and deleted alot of crap.. this is from highjack :

Logfile of HijackThis v1.97.7
Scan saved at 4:13:29 PM, on 3/6/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Personal Firewall\NISSERV.EXE
C:\Program Files\Norton... Read more

Answer:[Solved] help with downloader.mscache

12 more replies
Relevance 39.77%

First of all thanks for this site!

I have the downloader.misleadapp on my computer. I run Windows XP, I have Norton Internet Security, AVG 7.5, AVG RootKit, Ad-aware 2007, Windows Defender and SypBot Search & Destroy and Hijack. (With all that I still have not been able to get rid of the trojan!)

I am getting popups out the wazooooo!

I see that you assist in the removal with Hijack. Could you please direct me to instructions if you have them.

Thank you so much ... in advance!

Answer:[SOLVED] Trojan downloader help

Please follow MicroBell's 5 Step process - http://www.techsupportforum.com/secu...sting-log.html.

You shall have a proper set of logs for us after that. Someone will be along shortly

12 more replies
Relevance 39.77%

Hi,

My PC has been infected with the ucleaner popup problem. I tried to fix the problem by using the instruction in some of these posts and think i got it off BUT I havent been able to rid my PC of the downloader (?) (red screen with a re-direct to the softwarereferral site on IE). It seemed some of the instructions were specific to each case and i'm hoping somone can help diagnose where I've gone wrong or let me know what i need to do to fix my PC.

I'm running windows XP.

Any help is greatly appreciated!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:19 PM, on 13/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundl... Read more

Answer:Solved: Ucleaner and Downloader

14 more replies
Relevance 39.77%

A friend told me he had alot of fragmented files, and wanted help fixing this. While searching around I did a virus scan with AVG and it found three trojan downloaders, but it will not heal or delete the files. I have tried in safe mode but still no luck. Heres his HJT log
Logfile of HijackThis v1.99.1
Scan saved at 1:37:27 PM, on 9/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\Sy... Read more

Answer:Solved: Trojan downloader please help

13 more replies
Relevance 39.77%

To the best of my patience and ability I am helping my parents with this issue. They have a Windows XP machine and keep getting the red screen mentioned by others and a re-direct to the softwarereferral site on IE (as you can see below). Norton quarantined UCleaner and Downloader but they have not deleted them. I walked them through the HJT log process with the results below. I am trying to do as much as I can remotely before having to make a trip to help on-site. I have asked them to not touch this system until we finish the evaluation of the problem. Thanks in advance for the help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:13 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage ... Read more

Answer:Solved: HJT Log - UCleaner and Downloader (maybe others)

10 more replies
Relevance 39.77%

About every other day or so, I get a notice from AVG that I have this trojan, and to run a scan. Which I do. And it never comes back showing that I have this, it always comes back clean. It doesn't appear on Norton, either.
What could be causing this?
 

Answer:[Solved] Downloader.Keenval.B

11 more replies
Relevance 39.77%

Thank god I found this site. Hopefully someone here will be able to help me get rid of these. I have already downloaded and run the HiJackThis latest version so I will post that log to start off. Please let me know what to do next.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:45 PM, on 7/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSI... Read more

Answer:Solved: Vundo and Downloader.....I have them too! Help!

11 more replies
Relevance 39.77%

Norton antivirus has switched off Autoprotect and e-mail scanning and despite all my efforts will not let me turn them on, on checking the ' virus reports ' it says that Downloader.MisleadApp was detected and removed at about the same time, when I do a full system scan no virus are found. Can anyone tell me if this virus could have altered the settings and if so what can i do to remedy the situation ?
 

Answer:Solved: Downloader.MisleadApp

16 more replies
Relevance 39.77%

i have clean this computer from this before from help i got from the site but for some reason its back!! i dont visit porn sites or anything else that could have things attached to web sites. please help here is my HJT log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:42:55 PM, on 10/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\security\aim6.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program ... Read more

Answer:Solved: Cant get rid of trojan downloader!!!

16 more replies
Relevance 39.77%

Norton found Downloader, Trojan but cannot remove it...
Here is my HIjack Log:

Logfile of HijackThis v1.99.1
Scan saved at 7:08:13 PM, on 8/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O... Read more

Answer:Solved: Downloader, Trojan

7 more replies
Relevance 39.77%

I'm having some problems with a downloader. Norton keeps detecting either a generic downloader or downloader.Mislead.App, with a trojan thrown in every now and then (I usually catch and execute the trojans pretty quickly). I've tried alternating multiple scans with runs of Spybot and Ad-Aware, and I can get it to where norton says there are no threats, but they come right back the second I open up the net. I've tried knocking out suspicious registry keys, but I'm obviously missing something. ANy ideas?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:16:58 PM, on 9/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Shell\WinShellEx\WinShellEx.exe
C:\Shell\GeoShell\geoShell.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUp... Read more

Answer:Solved: Problems with a downloader

13 more replies
Relevance 39.77%

Hi I was on the web one day and my norton anti virus message popped up that the downloader.trojan was detected and it was trying to remove it but it couldn't. Norton tried a second time and failed again. I have ran TheCleaner which removed a trojan i have before but it did not detect downloader.trojan which was strange to me. I ran two virus checks with norton as well and for some reason it did not show any signs of the trojan. I am pretty sure that this trojan is still on my computer and i would appreciate it if anyone could help me out on where I can find it and how i can remove it. Thanks it advance
 

Answer:Solved: Help with Downloader.trojan

10 more replies
Relevance 39.77%

I have norton antivirus 2004, and i recently scanned for viruses. It found a file called hxpqzotx.dll, so I checked it out on the norton website. They told me that it was the downloader.mscache virus, and gave me instructions to remove it. I did everything they said. I disabled system restore, updated the virus definitions, disconnected from the internet (i have a broadband) restarted the computer in safe mode, but here's where I had trouble. It told me to unregister the browser helper object, and when i tried to do that, i kept getting an error message saying that the file was not found ( I fixed that ) but then when i got the file name right, it told me that "the browser helper object could not be opened or modified" or something. So I kind of ignored it, and moved on. Next the symantec website told me to run a full system scan and delete any files called downloader.mscache. I did that, and since i found the virus in the temporary internet files folder, i cleared that. I then restarted the computer in normal mode, and noticed that my cpu usage is still about 25%, even when i'm not doing anything. I don't think i got rid of the virus becuase my cpu usage is still so high. Anyone else have a take on this? Also, i am running windows xp, and norton antivirus 2004.
-Luke
 

Answer:[Solved] Downloader.MScache

11 more replies
Relevance 39.77%

I just tried to open a website that I use all the while.
The website is TalkAwhile.co.uk

I took a screen dump and have uploaded two files for you to look at.

I got a screen with a hijack message (see attachment)
The resident sheild cam eup with a virus alert so I put it in the vault (see attachment).

Is this a problem on my machine or a problem with the website that I am trying to access. Its a folk music forum website.

Thanks for any help you can provide.

Running Vista, with AVG8, Spyware Doctor, NoAdware plus have firewaal and a firewall on the modem/router.
 

Answer:Solved: JS/Downloader Virus - help please

From what I understand now, the website has been hacked. But how and why does it seem to be affecting me?
 

2 more replies
Relevance 39.77%

Hi,

The last couple of days pop-ups started showing up on the screen and all sorts of spyware removal ads. I don't know where they come from, but Windows Defender recognized it as Trojan.Conhook. Anyway, I tried using Spyware Doctor, which didn't find the trojan that Windows Defender claims is there, but instead found to low risk adware and one other high risk malware. I also had problems with my windows bar closing suddenly after an error from rundll32.exe. Here is the hijack log. I am actually worried about these entries in my task manager, because they were not there before:

O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\RB\AppData\Local\Temp\rQhEWNeD.dll,c
O4 - HKCU\..\Run: [BM87a06ab9] Rundll32.exe "C:\Users\RB\AppData\Local\Temp\fsyrepjb.dll",s
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:21 PM, on 4/24/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\... Read more

Answer:Solved: Trojan downloader

6 more replies
Relevance 39.77%

I have tried several down loaders for videos and have not been able to save a video on the web from Yahoo. Is there a special one for these videos? http://autos.yahoo.com/blogs/motora...merica-most-beautiful-roadster-224020534.html. Thank you for your input.
 

Answer:Solved: video downloader

unfortunately that would violate the Terms Of Service (TOS) for Yahoo videos, so I will have to close this thread.

thanks for understanding,

v

**it is a pretty sweet ride though**
 

1 more replies
Relevance 39.77%

My computer is infected with Downloader.MSCache. Flrmn1 told my dad (alanmd) what to do but we werent at my computer. Now i'm home and I could use some help. My operating system is windows Me.
 

Answer:[Solved] Downloader.MSCache

16 more replies
Relevance 39.77%

Hi folks,

When surfing through the Internet, my antivirus informed me that my system was infected with a downloader trojan and it could not be repaired. Is this something I should be concerned about? At any rate, I have run a HijackThis scan, and here are the results. Any advice/guidance/help is greatly appreciated. It's amazing what a volatile environment the Internet can be!

Logfile of HijackThis v1.99.1
Scan saved at 9:35:39 AM, on 10/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\C... Read more

Answer:Solved: Help with Downloader Trojan!

7 more replies
Relevance 39.77%

hello
computer is getting lots of popups and running super slow. AVG keeps finding this and deleting this but it shows back up upon restart. My Mcafee found exploit-byteverify, downloader-BHS and generic spy.j and it has quarantined them. AVG also found a trojan.agent.agv but that has not shown up since the first scan. also, anytime I try to use msconfig it tells me that there was an access denied message. when I try to open the task manager it says task manager has been disabled by my administrator. Unfortunately I hadn't set up separate accounts on my computer so it's logged on as administrator right now. Im also getting tons of errors from windows error reporting. I see something on the log already that I'm kinda wondering about but I am not 100% positive. Maybe the "antiviirus", "loczdude" or the "vczolahi". None look familiar to me. A friend of my husbands spent several hours on our computer yesterday when we weren't home and this was how we found it after he left. PLEASE HELP

Logfile of HijackThis v1.99.1
Scan saved at 5:39:35 PM, on 4/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings... Read more

Answer:Solved: downloader.small.ivo

16 more replies
Relevance 39.77%

Good Morning, Ive been playing around with trying to get rid of downloader.mscache for about a week or so. Norton identified it, but can't get rid of it and their instructions don't work. Tried downloading just about every trojan remover on the planet but no luck here.

Listed below are the two pathways where the trojans reside and my log from HijackThis. (system restore is off).

I appreciate any help. Thanks. joe
regsvr32 /u " c:\documents and settings\Angela\local settings\temporary internet files\Contents.IE5\O3HVYUJH\lpggwedb(1).cab\lpggwedb.dll"
regsvr32 /u "c: \documents and settings\Angela\Local Settings\Temporary Internet files\Content.IE5\HVFVLLSA\kyqczoce(1).cab\kyqczoce.dll"
Logfile of HijackThis v1.97.5
Scan saved at 9:15:55 AM, on 3/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\wanmpsvc.exe
C:\Pro... Read more

Answer:[Solved] downloader.MSCache

9 more replies
Relevance 39.77%

I've downloaded and scaned my pc with Hijackthis to get rid of Infamous Downloader.
The log file follows. Could you please tell me what I should delete?
thanx
Ada
Logfile of HijackThis v1.97.7
Scan saved at 4:09:49 μμ, on 8/7/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\MIXER.EXE
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\ASUS\PROBE\ASUSPROB.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\PASSWORD MANAGER\ACCTMGR.EXE
C:\WINDOWS\DESKTOP\INFAMOUS_DOWNLOADER.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\Monwow.exe
C:\WIND... Read more

Answer:[solved]Infamous Downloader

12 more replies
Relevance 39.77%

When I start my PC I get a warning notice from my McAfee Virus Checker which says " The file C:\WINDOWS\SYSTEM32\taskdir.dll was infected by the Downloader-ZQ trojan and has been deleted " It would seem that McAfee has sucessfully deleted the problem but I am still stuck with the cause (Downloader-ZQ) can anyone help.

I have run Spybot, Ad-Aware, AOL Spyware Protection, MCAfee Virus Checker but this still appears every time I start up. All my security is up to date.

I am running Windows XP Home with SP2

Please can you help ???
 

Answer:Solved: Trojan Downloader-ZQ

6 more replies
Relevance 39.77%

I have a virus named "Downloader.Trojan." I am unable to remove it.

I did a system scan and saved a log file, which is posted below. Please help me with the process of removing this virus.

Thank you.
Logfile of HijackThis v1.99.1
Scan saved at 11:06:42 PM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.ex... Read more

Answer:Solved: Downloader.Trojan

9 more replies
Relevance 39.77%

Can you tell me how to remove an embedded file that does not appear to exist where AVG finds it? Apparently, I have contracted the Downloader.OneNet.E trojan as an embedded file in my Temp/Temp Internet files. ANy suggestions for its eradication? I have tried AVG (updated), House Call, Spybot S&D, Spyware blaster, and a couple of others.
Thanks.
Steve M.
Houston, TX
 

Answer:Solved: Downloader.onenet.E Must Die!

16 more replies
Relevance 39.77%

Running Windows XP, NAV CE detects the following:

Virus Found!Virus name: Downloader in File: C:\Documents and Settings\rsub\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-3ad601a5-340bf20d.zip by: Manual scan. Action: Clean failed : Leave Alone succeeded

I cleared the Java cache through the Java console in Control Panel, deleted Temporary Internet files and files in the C:\WINDOWS\Temp folder. I also ran ATF cleaner. Norton is unable to clean/delete. I ran a Housecall scan, but it only identified cookies. Please advise. And thanks in advance for the help. Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:16:24 PM, on 12/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Mic... Read more

Answer:Solved: Another Downloader virus

6 more replies
Relevance 39.77%

Ok this is the third time I have tried to post this problem and each time I get knocked out because my computer hits a popup wanting me to download winantivirus pro 2007....

Anyway Norton has detected that I have a virus called downloader.misleadappp

I have tried to follow their instructions for removal but it won't work.... HELP!!

I have an E-Machine AMD running windows XP Home ed.

Sorry this isn't as informative as I would like to make it but I want to get it posted!!

Thanks
 

Answer:Solved: Downloader.misleadapp

9 more replies
Relevance 39.77%

Hello people , I use Windows XP Service Pack 2. I have a problem that really bothers me. My AVG Anti-Virus is detecting an Trojan Horse each time I boot my computer, the trojan complete name is : Downloader.Generic2.AHR. My AVG could'nt not solve this problem even if I put the infected file into the Vault section. I have used Ewido Anti-Spyware with Windows Safe Mode , I did'nt found anything even with Ad-Aware and Norton neither. Here is my hjt logfile in Normal Mode:

Logfile of HijackThis v1.99.1
Scan saved at 2:23:14 AM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\nahn\Application Data\?icrosoft\m?iexec.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Symantec\LiveUpdate\ALUSch... Read more

Answer:Solved: Please Help Me with Downloader.Generic2.AHR

11 more replies
Relevance 39.77%

Running Windows XP, Norton detects the following:

Virus Found!Virus name: Downloader in File: C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP401\A0029126.exe by: Manual scan. Action: Clean failed : Leave Alone succeeded :

Virus Found!Virus name: Downloader in File: C:\RECYCLER\S-1-5-21-1659004503-507921405-1957994488-9629\Dc1481.exe by: Manual scan. Action: Clean failed : Leave Alone succeeded

Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:15:17 PM, on 12/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Google\Google... Read more

Answer:Solved: Downloader virus

7 more replies
Relevance 39.77%

Don't mean to hijack this thread, but I am having the exact same problem. Should I try the same steps as Cdeuskar & post here, or open a new thread all together?

Again, apologies for disrupting the thread...
 

Answer:Solved: downloader generic2.ahr

16 more replies
Relevance 39.77%

I was searching through other posts involving downloader trojans, and I wasn't sure if it was the same process if it is a different file infected.

I keep getting a message from McAfee:

Pathname: C:\WINDOWS\system32\jgawsnw.dll
Detected As: Downloader-AWX
State: Move failed (Clean failed)

I ran a scan with Hijack This and here's what it told me:

Logfile of HijackThis v1.99.1
Scan saved at 10:21:16 AM, on 6/17/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Wzbncuo\Lpyjf.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\hpcoretech\hpcmp... Read more

Answer:Solved: Downloader Trojan

11 more replies
Relevance 39.77%

A scan with AVG came up with the JS Downloader.Agent virus. AVG was not able to "heal" the virus file, but did "quarantine" it. I have tried to manually delete the file,but no luck. I am hoping someone can head me in the right directons. Following is a HJT logfile.

Anne

Logfile of HijackThis v1.99.1
Scan saved at 4:41:50 PM, on 11/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Update\1.0.91.0\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C... Read more

Answer:Solved: JS Downloader.Agent

7 more replies
Relevance 39.77%

I'm having some trouble getting rid of a trojan downloader. This all started when I discovered an infection with Webbuying, htepo.com and Vundo. Originally the problems involved constant pop ups and multiple security alerts.

I was able to get rid of Webbuying and htepo.com, but one Vundo still exists and is resistant to VundoFix. And then of course, the trojan downloaders started showing up when I scan with SuperAntiSpyware.

I also know that the Registry, Shell and about a half a dozen .dll files were all modified or added the same day at the same time (11-6-07 at 4:16 p.m.), which coincides with when my husband said he began to have problems with the computer. Any help would be greatly appreciated.

Here's the log from that:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/10/2007 at 10:08 AM

Application Version : 3.9.1008

Core Rules Database Version : 3340
Trace Rules Database Version: 1341

Scan type : Complete Scan
Total Scan Time : 00:49:45

Memory items scanned : 481
Memory threats detected : 1
Registry items scanned : 6167
Registry threats detected : 5
File items scanned : 42190
File threats detected : 3

Unclassified.Unknown Origin/System
C:\WINDOWS\SYSTEM32\GEBYV.DLL
C:\WINDOWS\SYSTEM32\GEBYV.DLL

Trojan.WinFixer
HKLM\Software\Classes\CLSID\{359FA335-F0A1-43CD-A4B7-A1AE54792EBD}
HKCR\CLSID\{359FA335-F0A1-43CD-A4B7-A1AE54792EBD}
HKCR\CLSID\{359FA335-F0A1-43CD-A4B7-A1AE54792EBD}\InprocServer32
HKCR\CLSID\{359FA335-F0A1-43CD-A4B7-A1... Read more

Answer:Solved: Trojan.Downloader

Logfile of HijackThis v1.99.1
Scan saved at 10:29:01 AM, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LxrJD31s.exe
D:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~1.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Integrated Server\GPDBWatcher.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\program files\support.com\client\bin\tgcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\CA\eTrust EZ Armor\eTr... Read more

3 more replies
Relevance 39.77%

Hi,
can someone check this highjack log and advise me....
I am trying to assist a friend so I am posting his highjack log from another comp.
Thanks in advance
cmgnp

Logfile of HijackThis v1.99.1
Scan saved at 12:44:54 PM, on 11/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\mrofinu72.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Insider\Insider.exe
C:\Program Files\QdrModule\QdrModule9.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [... Read more

Answer:Solved: trojan downloader help

Download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
--------------------------------------------------------------------
1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
 

3 more replies
Relevance 39.77%

Hello,

I'm new in this forum and i had the time to check previous posts concerning the issue of this trojan. However i didnt have anyone to help me personaly to fix this problem.
I have McAfee and every 5 minute the antivirus indicates me that there is Downloader-AUX trojan but can't delete it nor quarantine it.
I have tried to delete the file manually but couldn't find it and also i used many programs such as Ad-aware free version, spyware doctor with always a full scan but couldn't succeed.
If someone can help me pls on this issue. It is very important for me because i'm not willing to format my computer.
Thank you in advance

Regards,

Sevag
 

Answer:Solved: Downloader-AUX Trojan

9 more replies
Relevance 39.77%

I have been reading threads in MacAfee and other forums for advice and have found quite a bit. However, my attempts to remove this Trojan from my machine is proving elusive.

MacAfee catches enough of this bug to prevent it from taking over but it's lodged in deep.
This thing turns off VirusScan and stops automatic updates.
I have gotten messages from MacAfee about "drsmartload" and "DollarRevenue" but this hasn't been enough of a clue for me to track down the bits that keep restoring this pest.
I have turned of Sytem Restore, Run various programs in safe mode, etc.

Anyway, here's some more specific details. Much thanks to all for help.

HijackThis results...
Logfile of HijackThis v1.99.1
Scan saved at 1:19:33 AM, on 6/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PurgeIE\PurgeIE_Service.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wmiapv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system3... Read more

Answer:Solved: Downloader-Fl, Can't get it out of system...

14 more replies
Relevance 39.77%

Can someone please help me? I ran some antispyware and virus software and found that I had downloader xa, lg, vg and generic downloader h. Also have multidropper ml. Mcaffe is unable to clean. I don't know how to get rid of it all and I tried to get rid of some other stuff and now when I boot up it says that there are some dlls missing. I deleted ceres.dll, farmmext.exe, buddy.exe and the program files E2G and Viewpoint. I also tried to empty out temp folders. Does anything below look messed up? What should I do? Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 11:32:34 PM, on 3/22/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\UWBRIJYD.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\WINDOWS\SYSTEM\SSOQMNCINJ.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\... Read more

Answer:Solved: downloader trojans and more

8 more replies
Relevance 39.77%

My past removal work succeeded, now today a new invader arises: downloader-PS

GADS!! Here is a HJT log: (HELP!)

Logfile of HijackThis v1.99.1
Scan saved at 12:27:32 PM, on 4/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ThinkPa... Read more

Answer:Solved: Removing Downloader-PS Help!

Run HJT again and put a check in the following:

O4 - HKLM\..\Run: [tibs3] C:\WINDOWS\System32\tibs3.exe

Close all applications and browser windows before you click "fix checked".

Restart in safe mode

Open Windows Explorer. Go to Tools, Folder Options and click on the View tab. Make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files". Now click "Apply to all folders" Click "Apply" then "OK".

Delete this file:
C:\WINDOWS\System32\tibs3.exe

Reboot.

Download Spybot http://www.safer-networking.org/en/download/index.html

Click on "Search For updates" when prompted.
Click on "Immunize" when prompted.
Scan, click on fix problems.

Download AdAware SE Personal: http://www.lavasoftusa.com/support/download/

Install the program and launch it.

On the bottom right-hand corner of the main window click on Check for updates now then click Connect and download the latest reference files.

In the main window: Click Start and under Select a scan Mode tick Perform full system scan.

Deselect Search for negligible risk entries.

To start the scan, click the Next button.

When the scan is finished mark everything for removal and get rid of it. (Right-click the window and choose select all from the drop down menu and then click Next)

Reboot and post another log.
 

1 more replies
Relevance 39.77%

PLEASE HELP. I can't get rid of this Trojan Downloader.5.e. Here is my Hijack This log. Thank you. I am running Windows XP and VERY SLOW with lots of pop ups.

Logfile of HijackThis v1.98.2
Scan saved at 5:00:39 PM, on 12/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\Program Files\2Wire\Gateway\2PortalMon.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Intuit\QuickBooks\Components\QBAgent\QBDAgent.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings... Read more

Answer:Solved: Trojan Downloader.5.e.

16 more replies
Relevance 39.77%

After a 5-month hiatus with no computer issues, I'm back and hoping you guys can help me out again.

The past couple of weeks I've been dealing with loads of pop-ups (even though I have a blocker enabled). And now the past couple of days I can't seem to get rid of CashBack, BargainBuddy, and NaviSearch. (That damn puppy dog icon is driving me insane.)

I did a virus scan with Panda ActiveScan and it turned up the Trj/Downloader.QK virus, but couldn't clean it up. (Norton didn't even detect it.) I'm assuming the virus has something to do with all the pop-ups and other garbage I'm continually getting hit with. So how do I get rid of it?

Logfile of HijackThis v1.98.2
Scan saved at 3:09:55 AM, on 12/11/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Symantec... Read more

Answer:Solved: Virus: Trj/Downloader.QK

8 more replies
Relevance 39.77%

Hi, I'm going to get and copy in the hijackthis log later when i'm back from work but last night used the panda software scan which detected 'downloader.gk' virus- 8 files infected and 5 disinfected after the panda -scan. I'm getting the 680180.net pop ups regularly and IE crashes on many websites, would be interested to know if are these two bugs are one of the same thing or seperate entities?! Windows 2000.

Back later

Al
 

Answer:[solved]680180.net/downloader.gk

12 more replies
Relevance 39.77%

Hi,

I've been getting a pop-up notice from Norton that says I have the downloader virus. I called them for help, but they wanted money to solve the problem and I'm afraid of giving credit card info over the phone to people I don't know. So I've been researching this problem about 4 hours now and found what is most commonly needed to fix the problem. I got a HJT logfile to post. Hopefully someone can help on this. Thanks in advance. JDB

Logfile of HijackThis v1.99.1
Scan saved at 8:17:35 PM, on 9/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system3... Read more

Answer:Solved: Downloader and Norton

13 more replies
Relevance 39.77%

Hi, need some help with a trojan. This one was not identified by Norton Antivirus 2006, but by AVG Free Edition. However only the resulting files in the sytem32 folder are detected but not the source code. Symptoms: installing a yellow flashing warning triangle in the task bar, attempting to change the web start page, starting IE frequently routing to http://antispylab.com/?aff=257. Not sure what else is happening. It all started with an adware server 32 infection which I was able to get rid off (I hope)

Attached please find the HJT log. Thanks for your help
 

Answer:Solved: Downloader Trojan

12 more replies
Relevance 39.77%

Went to a website and somehow this was in a popup. Closed the popup, however Norton detected a trojan and was unable to remove it.

The message: Source: C:\Documents and Settings\Kristin\Local Settings\Temporary Internet Files\Content.IE5\K9MB0D2F\adjs[1].php
Click for more information about this threat : Downloader

I cleared out all my cookies and tif's should I still be worried? I haven't noticed any changes to my computer (popups, slow downs, etc). Did I catch it in time? Or should I do something?
 

Answer:Solved: Trojan Downloader?

16 more replies
Relevance 39.77%

Hi I've been having a problem with Norton giving me a pop-up about downloader.misleadapp being on my system and that it has been deleted. It gives me an "Ok" button to push, I'll click it, and there'll be another pop-up with the same message but with a slightly different filename. This happens _over_ and _over_ until it finally stops for a little while. Any help would be greatly appreciated!

Here's my HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:29 AM, on 8/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDO... Read more

Answer:Solved: Please help with downloader.misleadapp!

8 more replies
Relevance 39.77%

I am trying to help one of my daughter's friends. Her computer is extremly slow and it seems like it never boots up. I installed AVG and ran it, it found 288 pests which I deleted. AVG also reports Downloader.TSUpdater, Downloader.Small.buy, Downloader.Presario and Trojan.small . Any help would be appreciated. I am including a HJT report.....

Thank You

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:51:54 PM, on 2/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\LEXPPS .EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\... Read more

Answer:Solved: Downloader.TSUpdater and more

14 more replies
Relevance 39.77%

Hi all,

My Symantec antivirus recently reported donwloader.trojan infection in the following jar file and also in index.htm

C:\documents and settings\prarthana\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-1b1e3831-2ad8e34b.zip

HijackThis log is below.

Any help will be highly appreciated.
Thanks.
-regards
arathore

Logfile of HijackThis v1.99.1
Scan saved at 10:42:54 PM, on 8/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google... Read more

Answer:Solved: downloader.trojan

Click Start | Settings | Control Panel
Click the Java Plugin Icon
Click the Cache tab
Click the Clear button and click OK to confirm
Note: Please repeat this procedure for each "Java Plugin" button in your Control Panel.

or

Control Panel > Java > General tab
Temporary Internet Files > Delete Files
Checkmark all 3 options and click OK.
 

3 more replies
Relevance 39.77%

can anyone help !!!
norton antivirus is picking up a virus ( c:\windows\system32\vtsqqqo.ddl )
but is unable to repair, quarantine or delete it.
hijack this picks it up to, but won't allow it to be fixed.
thanks,
mike
 

Answer:Solved: downloader virus

12 more replies
Relevance 39.77%

I am working on the Brother in laws computer.... and he has several downloader trojans which have been caught and quarentined in AVG. They are aws listed: Downloader.Small.FU, Golid.B, Downloader.Galdcas.A, Downloader.Agent.D, Dolwnloader.Small.4.l, Downloader.Benuti.C, Clicker.4.AD, Proxy.5.AT, Downloader.Generic.JL.

I have run CWShredder, Adaware, Panda activescan, trendmicros housecalland mccaffee's stinger. none have removed it, AVG was the first to detect them and quarentine them. they cannot be repaired... so how do I get rid of them? They are keeping me from accesing some pages on the net (page loads, but no content is shown, and then it says done) and I cannot get into his Hotmail account (same problem)

here is the hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 10:04:34 PM, on 6/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\iPod\Bin\iPodSrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Progr... Read more

Answer:Solved: help with downloader trojans?

7 more replies
Relevance 39.77%

To whom it may concern:
I have just detected a virus on my computer using AVG virus scan. The virus is a trojan named downloader.agent.av . I read in another post of someone with a similar problem that it takes over a web browser. In my case i believe it to be IE. i chose not to use IE for my usage, but opt for Mozilla Firefox. But since the infection i find IE popping up every few minutes with ads for virus/security softwear. Once my AVG virus scan was complete i checked the scan log and the program said that the infected file had been "healed". but this clearly hasnt resolved the problem. In the post to another user a responder suggested that they scan their comp with hijackthis, so i followed this and have saved the log like he was requested to.

Here are the results of my scan:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
... Read more

Answer:Solved: downloader.agent.av

11 more replies
Relevance 39.77%

My AVG found a trojan...Downloader.Small.12.BV. I can't seem to quarantine it. Any ideas?
 

Answer:Solved: Downloader Trojan

16 more replies