Home > Having Problems > Having Problems With Generic Downloader.ab And QLowZones-15 (HiJackThisLog Included)

Having Problems With Generic Downloader.ab And QLowZones-15 (HiJackThisLog Included)

Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Inside the file were the setup.exe and other files I required. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\ISSCH.EXE-3AC1D446.pf currently in use. I apologize for the delay in getting to your log. his comment is here

Staff Online Now crjdriver Moderator dvk01 Moderator eddie5659 Moderator etaf Moderator valis Moderator OBP Trusted Advisor askey127 Malware Specialist Advertisement Tech Support Guy Home Forums > Operating Systems > Windows XP Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\MPFWIZARD.EXE-30362FCE.pf currently in use. If you have any files in any TEMP directory and you need to keep them, then please MOVE THEM NOW! Nothing arrives. https://forums.techguy.org/threads/having-problems-with-generic-downloader-ab-and-qlowzones-15-hijackthislog-included.484123/

Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\BTTRAY.EXE-2D55805E.pf currently in use. Back to Top View Virus Characteristics Virus Characteristics This is a Trojan File PropertiesProperty ValuesMcAfee DetectionRDN/Generic Downloader.xLength48640 bytesMD5c1411d8111c92509fb476f4e91549a1bSHA10fb7017fad8306953df02fe3e02c32e9ac517767 Other Common Detection AliasesCompany NamesDetection NamesEMSI SoftwareTrojan.Inject.IA (B)ahnlabTrojan/Win32.HDCavastWin32:DNSChanger-ZZAVG (GriSoft)Win32/DH{AyAkIg8TFw}aviraTR/Crypt.XPACK.GenBitDefenderTrojan.Inject.IADr.WebTrojan.MulDrop3.14959F-ProtNewFortiNetW32/Scar.TMP!trMicrosoftTrojanDownloader:Win32/Cutwail.BSSymantecSuspicious.Cloud.2EsetWin32/Wigon.PHnormanwin32/SB/MalwarepandaTrj/CI.ASophosMal/Emogen-Yvba32Trojan.Downloader.gen.hOther brands and Will be deleted when Windows is restarted.C:\Documents and Settings\Mine\locals~1\tempor~1\Content.IE5\index.dat currently in use. Logfile of random's system information tool 1.05 (written by random/random)Run by Owner at 2008-12-23 02:34:03Microsoft Windows XP Professional Service Pack 3System drive C: has 11 GB (5%) free of 234 GBTotal

Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - Click "No" at the Pending Operations prompt.If your computer does not restart automatically, please restart it manually.Please do an online scan with Kaspersky Online Scanner. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\SGTRAY.EXE-31581176.pf currently in use.

Methods of Infection Trojans do not self-replicate. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\RUNONCE.EXE-01CA3A2F.pf currently in use. Yes, my password is: Forgot your password? Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\OASCLNT.EXE-31E5E0AA.pf currently in use.

AVG is seeing a trojan horse: 'trojan horse backdoor generic 17.err', but cannot correct or fix it. Will be deleted when Windows is restarted.Emptied Recycle Bin on drive C:'Run MRU' list - removed from the registry.Search Assistant MRU list - removed from the registry.Explorer Open/Save MRU list - Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\BCMWLU00.EXE-1399B5D9.pf currently in use. To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys

Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\WIN21.TMP.EXE-0619616F.pf currently in use. http://threadposts.org/question/1851985/Having-problems-with-Generic-Downloader-ab-and-QLowZones-15-HiJackThisLog-included.html Do not run any other tool until instructed to do so! The SIV folder is protected by permissions that only allow the system to have access and is hidden by default unless you have reconfigured Windows to show it. Do not run any other programs or open any other w...

Music Engine\YahooMusicEngine.exe" -preload O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "C:\Program Files\McAfee.com\VSO\mcvsshld.exe" O4 - HKLM\..\Run: [OASClnt] "C:\Program Files\McAfee.com\VSO\oasclnt.exe" O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] this content Thanks.Logfile of HijackThis v1.99.1Scan saved at 16:18:11, on 2/21/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Java\j2re1.4.2_03\bin\jusched.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exeC:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeC:\Program Files\Real\RealPlayer\RealPlay.exeC:\PROGRA~1\mcafee.com\agent\mc... Read more 4 more replies Relevance 97.17% Question: Having problems with Generic Downloader.ab and QLowZones-15 (HiJackThisLog included) McAfee has found two trojans and has claimed to have deleted one of them I had to re-download the ZIP file again.

Will be deleted when Windows is restarted.C:\Documents and Settings\Mine\Local Settings\Temporary Internet Files\Content.IE5\OLMB49AZ\main[1].htm currently in use. Will be deleted when Windows is restarted.C:\Documents and Settings\Mine\Local Settings\History\History.IE5\index.dat currently in use. Read more 2 more replies Relevance 68.47% Question: infected with trojan horse backdoor generic 17.err hi,Something very odd is happening to my PC in recent days. weblink Also post a new Hijack This log.

When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Once the scan is complete it will display if your system has been infected. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue.

Because I am quite inexperienced with trojan backdoors, I don't know if the trojan generics can also be cleaned by reformatting my computer, or if there are more different trojans.Thank you

Read more Answer:QLowZones-15 Trojan and Generic DOwnloader Hi Lithium and welcome to TSF. Will be deleted when Windows is restarted.C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Loading... Now click on the Save as Text button Save the file to your desktop.

CAUTION : Please do NOT use the Issues button. Choose your usual account. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\IGFXPERS.EXE-19DA7B04.pf currently in use. check over here I also have Had Kaspersky 09 Run clean in the past few days but i still notice very poor performance since that was detected.

Press the OK button to close that box and continue. These messages keeps coming back.Here is my HJT log file=========================Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:35:34 PM, on 10/30/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot Will be deleted when Windows is restarted.C:\Documents and Settings\Mine\Local Settings\Temporary Internet Files\Content.IE5\AD0JUTIX\about[1].htm currently in use. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\MPFCONSOLE.EXE-28DB672E.pf currently in use.

Will be deleted when Windows is restarted.C:\Documents and Settings\Mine\Local Settings\Temporary Internet Files\Content.IE5\MB0DEL45\LoadAd[1].htm currently in use. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf currently in use. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\MCMNHDLR.EXE-0193D454.pf currently in use. Create Account How it Works Javascript Disabled Detected You currently have javascript disabled.

Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\IKERNEL.EXE-1ECD90CF.pf currently in use. Download Ewido Anti-Malware This is a 30 day trialInstall Ewido Anti-Malware.Double-click the icon on Desktop to launch EwidoOn the top of the main screen click ShieldClick the word active to change it's the same if i turn off AVG virus guard.Microsoft sercurity client, I was using is no longer available.I've tried to download ComboFix 13.5.20.1, same error and also DDS same error. Advertisement Recent Posts Asus Router: wrong static or...

Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf currently in use. Music Engine\YahooMusicEngine.exe" -preload O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] Same thing happened. Will be deleted when Windows is restarted.C:\WINDOWS\Prefetch\MPFSERVICE.EXE-04A4CDF2.pf currently in use.