Author Topic: Would like some malware removal help: win32.download.gen  (Read 1568 times)

Offline amorris28

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Would like some malware removal help: win32.download.gen
« on: May 15, 2013, 06:42:47 PM »
In the last few days, I've run Spybot Search & Destroy and detected win32.download.gen. I couldn't delete it so I followed the "scan on restart" instructions a few times, but it never actually got removed. I finally got frustrated with SB:S&D so I uninstalled it. Then I found a post about win32.download.gen on this forum and followed the instructions from here:

http://forum.avast.com/index.php?topic=53253.msg451454#msg451454

After going through all of those steps, I ran my Avast Quick Scan with Scan PUP turned on to see if it would detect the win32..., but it didn't come up. I don't know if it's removed or not, because Avast didn't detect it before. I was wondering if anyone could help me figure out if it's removed, and if it isn't, how to remove it.

Attached are the four requested log files.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21800
  • Gender: Male
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #1 on: May 15, 2013, 06:48:57 PM »
SpyBot SD is a toy and cant handle todays malware..... use Malwarebytes as extra scanner   http://www.malwarebytes.org/
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline amorris28

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #2 on: May 15, 2013, 06:53:01 PM »
Yeah, I just got Malwarebytes to replace S&D, seen it recommended a few times.

Here's that last log file.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21800
  • Gender: Male
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #3 on: May 15, 2013, 06:59:14 PM »
guessing it was a SpyBot false positive!

what was the file detected.... full file path?

malware removers are notified...

Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline amorris28

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #4 on: May 15, 2013, 08:27:09 PM »
I think it was a false positive. I just re-downloaded SB to see if I could find the file detected, but my scan turned up no results so I think I'm all set!

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 29082
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #5 on: May 16, 2013, 12:33:35 PM »
There are just two orphaned run keys from old search toolbars

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Offline amorris28

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #6 on: May 17, 2013, 04:22:53 PM »
Here ya go!

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 29082
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Would like some malware removal help: win32.download.gen
« Reply #7 on: May 18, 2013, 12:44:42 PM »
Any problems remaining

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now