Arcade File Downloads UsenetGeeks
Email
Confirm email
Articles Spyware Removal File Help Startup DB Tips Service DB News Hijack This! Analyzer

 

DownloadWare Removal
NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Overview:
DownloadWare is scum of nearly every variety! It's adware, downloader, toolbar, search hijacker AND a trojan all rolled into one. This is installed using ActiveX by a number of questionable sites. It will download and install a number of various applications from its advertisers which will further mess up your system. There is truly no reason why you'll ever want to leave this trash on your system. Remove it NOW!

Some of the well known items it installs are PAgent, Vegas Palms Casino, KFH, Medialoads and WINEME.

Aliases:
ClipGenie
MediaLoads
TrojanDownloader.Win32.BHO
TrojanDownloader.Win32.Realtens.e
TrojanDownloader.Win32.VB.ah
Win32/TrojanDownloader.Realtens.E trojan

Destroy Autorun:
Delete the following keys
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\downloadware
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\downloadware engine
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\medialoads installer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\pagent

Reboot your system then:

Make sure you click start --> Run and type in msconfig. Then select the startup tab. Any references to the processes below should be deleted

End Processes (may or may not exist):
ad-aware.exe
alp2plib.exe
astart.exe
autoupdate.exe
auto_update_install.exe
bpc.exe
bw.exe
cg.exe
counter.exe
dw.exe
dwcg2.exe
dwe.exe
fsg.exe
fsg_4104.exe
getkey.exe
idhost.exe
install.exe
instal~1.exe
logonui.exe
monpop.exe
popsrv184.exe
rh.exe
scbar.exe
webinstall.exe

Unregister DLLs:
Tip: this is only a list of known files/locations. You will want to do a search by the name of the file to see if they're on your system.
A while back I wrote a guide to Register/remove DLL or AX files which you will need if you don't know how to unregister these files.

Each file is in several locations so you'll need to search for them and unregister + delete them in every location you find.

activeinstall2.dll
rh.dll
btiein.dll
cd_clint.dll
gr03.dll
gr0ck03.dll
im64.dll

Remove Directories:
%program files%\downloadware
%program files%\downloadware engine
%program files%\movienetworks
%program files%\popcorn.net
%program files%\real-tens
%program files%\recommended hotfix - 421701d

Clean your Registry:

You should be back to normal IF this was your only problem. I suggest you post in our HJT forum since its not likely that this is your only bug. Read this first

Printer Friendly

Article Index:
Talk About it! -->
Copyright 2005 I Am Not A Geek Inc.