HELP SecurityRisk.Downldr problems!

Discussion in 'other security issues & news' started by Ace56, Oct 2, 2005.

Thread Status:
Not open for further replies.
  1. Ace56

    Ace56 Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    3
    Hi! I've been spending the good part of my weekend trying to figure out how to delete 4 securityrisk.downldr files. I have Norton Anti-virus and it detects the bugs but does not delete them and cannot find them when I do a full system search. I've tried to manually delete the files but they are hidden. I have tried spyware doctor, ad-aware, microsoft anti-virus and a whole slew of programs recommended by another website. I know it's still in my computer because my internet connection is slow and my computer is still overall slow. Can someone please help me with this?
     
  2. Ace56

    Ace56 Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    3
    Oh and when I press control + alt + delete, nothing pops up, if that helps.
     
  3. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Hi Ace56,

    Update NAV, then show hidden files - xxxx://www.xtra.co.nz/help/0,,4155-1916458,00.html

    If NAV itself won't delete the files, find them with explorer ....

    xxxx://securityresponse.symantec.com/avcenter/venc/data/securityrisk.downldr.html

    xxxx://securityresponse.symantec.com/avcenter/venc/data/adware.cashsaver.html

    Substitute http in place of the x's. ;)
    Forward your OS and keep us posted.


    GF
     
  4. Ace56

    Ace56 Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    3
    I adjusted the settings so that it shows the hidden files, so I was able to remove the 3 gb of stuff the virus loaded into my computer, but I still can't find the virus itself even though I told the computer to show hidden files. I know where it is too, because of the file path that symantec tells me, but I follow the path and the folder (Temporary Internet Files) is empty. I know it's in there too because Symantec pops up a warning window every time I plug in my ethernet cable.
     
  5. You should be able to see it from DOS. Please, the Operating System?

    GF
     
  6. go to Start/run/"msconfig"/startup tab/ uncheck anything usually not present (in my case, it was winlog.exe and winsupdater.exe). then, save and restart your computer. this wlil prevent the bug from connecting to the internet and downloading more files. then, do not try to find the file maually. you will not be able to find it where NAV says that it is. Rather, search for the file with your "search" feature of windows. then delete the file from your computer. you can find the file name in NAV by clicking on "areas affected" after the search has found the bugs. it will tell you what the file names are and where they are located. However, in my case, the files were not where NAV said they would be. in my situation, they were mc-o_O-??-000014??.exe(i don't remember the exact name) and to.exe.
     
  7. Spooky1dog

    Spooky1dog Registered Member

    Joined:
    Oct 9, 2005
    Posts:
    2
    Location:
    Perth WA
    :D Hi Ace56,

    Like you, I have just spent several frustrating days trying to get rid of the downldr virus, but I am pleased to report I managed to do it!!

    Also like you I had tried various suggestions, the most useless being my Symantec assistance which is a bit annoying since I spent over $100 a year on it and when I get something like this I can't get the assistance I need. It was able to tell me what I had, where it was and what it may do to my PC but couldn't tell me how to get rid of it. Thanks very much Norton:mad: .

    Anyway I did get rid of it in two steps as follows:

    Firstly, yes, like you I changed the setting to show all hidden folders which did show me the folder that the virus created to store the some 2000 .zip files it had dowloaded at Local Settings/Complete. I was then able to easily delete this folder.

    The second problem was, again like you, I could not see the hidden folder that the virus was in, although I could when I used the search facility.

    The problem then was that I could not expand this folder because the virus had hidden all folders within it and they could not be seen.

    I also could not delete it as a whole because the folder (Temporary Internet Folder/Content.IE5 has a index.dat file in it that cannot be deleted or moved.

    So what I did was I right clicked to properties on Temporary Internet Files (TIF, selected Advanced then chose 'Compress files to save disk space'.

    When I did this, all the previously hidden files in TIF were then to my surprise displayed and I was easily able to delete the offending folder - N75FR9SW which contained the files a[1].exe and a[2].exe.

    That was it. Problem solved.

    I don't know if it will work for you, I don't know why it worked for me as I am a bit technologically challenged!! but it did.

    All the best, hope it solves your problem,

    Adam :)
     
    Last edited: Oct 9, 2005
Loading...
Thread Status:
Not open for further replies.