Trojan horse: Downloader.Generic.AMM

Posted 7/28/2005 5:19 AM
#18013
User avatar

KiiroiZen Member

Date Joined Nov 2016
Total Posts: 2
Hi all,



just yesterday my AVG 7 Free Antivirus warned me about having Downloader.Generic.AMM trojan horse.

I haven't found any information about this virus through google, thus I think it is something new.



It creates files

C:/all.exe

and also all[1].exe in the IE temporary internet files folder.



It cannot be healed, however, all[1].exe can be deleted by AVG, and all.exe can be deleted manually (AVG cannot delete it).



Nevertheless, even I deleted it during being disconnected from internet, then run AVG again, Spybot and also Ad-aware, after reconnection to the internet the AVG resident shield detected the same files (and virus) again in a few minutes!



Probably the reason and source must be hidden somewhere, I do not know.

Could it be caused by using Internet Explorer? Would it help if I use only FireFox?



Please help... :confused:



Thanks



KiiroiZen



[maybe I could post also the hijackthis.de log file, but may I also in this thread?]
Posted 8/5/2005 9:14 PM
#18212
User avatar

khaiptah Member

Date Joined Nov 2016
Total Posts: 1
I had the same virus. AVG would ot get rid of it.


In the end i deleted any files I had downloaded recently and did a system restore to 5 days previously. So far so good it seems to be gone.

hope this helps



Mike
Posted 8/8/2005 6:49 AM
#18292
User avatar

KiiroiZen Member

Date Joined Nov 2016
Total Posts: 2
Thanks knaiptah,

I've solved it in a different way - I installed www.ewido.net software and found that I had three additional trojan horses in Java folder which were not found by Ad-aware nor Spybot S&D.

One of them was doing nothing else as continously decreasing my internet security settings and probably downloading also the other trojans.

Thus, I removed these additional trojans and set the internet security setting to high level, and it is now OK!
No new trojans appear!

The conclusion is - try www.ewido.net antispyware soft, it seems to be really good!
(and except the real time protection and some other features it is free).

Regards

KiiroiZen
Posted 8/16/2005 5:26 PM
#18739
User avatar

laney666 Member

Date Joined Nov 2016
Total Posts: 1
heeeya ppl ! my AVG free edition anti-virus found this trojan horse downloader.generic viruse ... :skull: what the hell is it ? :freaked: how can i get rid of it ? please help ! bi bi x x xluv laney666
Posted 8/21/2005 10:32 PM
#18974
User avatar

redking Member

Date Joined Nov 2016
Total Posts: 2
:cool:
Hi, I looked all over for a solution before I found the lead on this site. Thanks!

PROBLEM:
I have been getting virus-warnings for about two weeks with the DOWNLOAD.GENERIC.TROJAN.AJW (or was it AWJ? - not certain of the full name as I deleted all files after the problem was solved). Anyway, AVG anti-virus kept finding the viruses everyday and I deleted them, but the next day they were back.

I tried SpyBot, SpyBlaster, CounterSpy, AdAware, ZoneAlarm, AVG and still I got this trojan alert from AVG everyday after everything else turned up clean.

SOLUTION:
Downloaded EWIDO ( http://www.ewido.net/en/download/ ) - full version free for 14 days - minimal version free after that. It took 2 hours to scan the whole computer (300 Mb of data) but FOUND 111 MALWARE files that all those other programs missed!

FIREFOX WARNING:
Many of these malware files were in the firefox program folder - including infection of weather.exe (the browser weather update plug-in). Others were found in YAHOO MESSENGER folder. A few others were found elsewhere. Why is there almost nothing on this trojan on Google? Perhaps it is so new. It must be very sneaky as it was very hard to catch and all those other programs missed it.

Now I love EWIDO!
(See attached 2 screenshots of EWIDO's findings)
Post attachments:
2-Infected Object Found - 111 OF THEM.jpg2-Infected Object Found - 111 OF THEM.jpg
Posted 8/21/2005 10:40 PM
#18975
User avatar

redking Member

Date Joined Nov 2016
Total Posts: 2
RE: my above post. The correct name of the trojan should be "Downloader.Generic.AJW" (or AWJ). That's as close as I remember it.

See two more attached screenshots of EWIDO findings on this trojan.
Post attachments:
4-Infected Object Found - TrojanDownloader.Centim.ch.jpg3-Infected Object Found - Slyware Cookie.jpg
Posted 10/2/2006 9:47 PM
#37244
User avatar

Death12 Member

Date Joined Nov 2016
Total Posts: 1
i seem to have some sort of downloader virus (generic 2) and AVG will heal it, but it just comes back. i think i got a worm on MSN messinger that is downlonding it, but im not sure i am also gettin adware repeatedly downloaded on to my computer. Also when im on MSN messiger a link is sent out to every one onle which is a link to download a virus of some sort, it could be the worm or possibly the Generic 2...
could u give me a hand in telling me what to do, cos i've tryed more or less everything i know how to do. also i can find very little information on this generic 2...

Thanks,

Death12
Posted 4/3/2010 1:32 PM
#84495
User avatar

Venomous Member

Date Joined Nov 2016
Total Posts: 1
My AVG ALERTED ME of trojan horse downloader.Generic_c.ACM when i was on this particular website. It happend every single time I went there, As far as I know AVG (full version) did block it.But now that I read all the posts here IM WOndering DID IT REALLY BLOCK IT?? So i guess i should download that ewido stuff to be sure... UGHHH and that caus of a stupid FRAUD site...
Posted 4/4/2010 12:54 AM
#84506
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello Venomous and welcome.





You know it´s an 5 year old topic you´ve found here, and Ewido don´t exist anymore ;-)





I´ll therefore suggest you ->





Follow this guide:


[color=#000000]Before-posting-a-log[/color]


Follow the instructions and copy the logs here, in this Topic.




[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, July 28, 2017, 8:44 AM (GMT +2)
There are a total of 61,310 posts in 13,483 threads.
In the last 3 days there were 1 new threads and 5 reply posts.

Who's online

This forum has 38,066 registered members. Please welcome our newest member, MaxSlo.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.