Requester.5.exe - what is it?

[J Antero]

Hi,
My firewall shows that something called Requester.5.exe keeps trying to get
out onto the internet to do something or other. Does anybody know if this is
a legitimate program or is it a virus or spyware?

Ciao

 

[Lust Detector]

Most likely it's some kind of trojan or spyware. Other people have also been
asking about this. See
http://www.cybertechhelp.com/forums/showthread.php?t=53298.

 

[Malke]

Hi,
My firewall shows that something called Requester.5.exe keeps trying
to get out onto the internet to do something or other. Does anybody
know if this is a legitimate program or is it a virus or spyware?

Ciao

Googling doesn't give me much, but it does show up in someone's
HijackThis log and in a link to a Trade Marketing organization. I'd say
it certainly couldn't hurt you to do the following malware scans:

1) Scan in Safe Mode with current version (not earlier than 2003)
antivirus using updated definitions;
2) remove spyware with Spybot Search & Destroy
(www.safer-networking.org) and Ad-aware (www.lavasoftusa.com). These
programs are free, so use them both since they complement each other.
You may also want to run CWShredder and HijackThis from
http://aumha.org/freeware.htm. Although CWShredder is no longer being
updated, it will still clean older variants of the CoolWebSearch
malware. If you do not have success with this, there are new removal
steps at http://www.silentrunners.org/sr_cwsremoval.html. A combination
of HijackThis and About:Buster (http://www.majorgeeks.com) works well
in removing homepage hijackers. Always read the instructions before
running a spyware removal tool. Be sure to update these programs before
running, and it is a good idea to do virus/spyware scans in Safe Mode.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options);
3) If you are running Windows ME or XP, you should disable/enable System
Restore because malware will be in the Restore Points. With ME, you
must disable System Restore completely. With XP, you can delete all but
the most recent (presumably clean) System Restore point from the More
Options section of Disk Cleanup (Run>cleanmgr).
4) make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update;

It's a good thing you have a firewall; it's doing its job.

Malke

 

[David H. Lipman]

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (personal free version)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt202.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
10) Please report back your results

Dave





| Hi,
| My firewall shows that something called Requester.5.exe keeps trying to get
| out onto the internet to do something or other. Does anybody know if this is
| a legitimate program or is it a virus or spyware?
|
| Ciao
|
|

 

[J Antero]

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (personal free version)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt202.zip

Extract the contents of the ZIP file and place the contents in the same
directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full
Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform
using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and
re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~
600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
10) Please report back your results

Requester.5.exe is adware. Today, when Zonealarm firewall showed its
internet access request, I used the target URL and got a porn site. Over the
the last year I've been using Norton anti-virus, a firewall, and SpyWare
Blaster, and this crap still got in and stayed.
Also, I downloaded the Lava program, updated it and ran it and it did NOT
get rid of this Requester.5.exe problem. It did detect a bunch of cookies
and some malware that dealt with, but this Requester.5.exe thing still
existed on the subsequent bootup.
Any suggestions on how to get rid of Requester.5.exe ?

Thanks, J