Avast WEBforum

Other => Viruses and worms => Topic started by: amorris28 on May 15, 2013, 08:42:47 PM

Title: Would like some malware removal help: win32.download.gen
Post by: amorris28 on May 15, 2013, 08:42:47 PM
In the last few days, I've run Spybot Search & Destroy and detected win32.download.gen. I couldn't delete it so I followed the "scan on restart" instructions a few times, but it never actually got removed. I finally got frustrated with SB:S&D so I uninstalled it. Then I found a post about win32.download.gen on this forum and followed the instructions from here:

http://forum.avast.com/index.php?topic=53253.msg451454#msg451454

After going through all of those steps, I ran my Avast Quick Scan with Scan PUP turned on to see if it would detect the win32..., but it didn't come up. I don't know if it's removed or not, because Avast didn't detect it before. I was wondering if anyone could help me figure out if it's removed, and if it isn't, how to remove it.

Attached are the four requested log files.
Title: Re: Would like some malware removal help: win32.download.gen
Post by: Pondus on May 15, 2013, 08:48:57 PM
SpyBot SD is a toy and cant handle todays malware..... use Malwarebytes as extra scanner   http://www.malwarebytes.org/
Title: Re: Would like some malware removal help: win32.download.gen
Post by: amorris28 on May 15, 2013, 08:53:01 PM
Yeah, I just got Malwarebytes to replace S&D, seen it recommended a few times.

Here's that last log file.
Title: Re: Would like some malware removal help: win32.download.gen
Post by: Pondus on May 15, 2013, 08:59:14 PM
guessing it was a SpyBot false positive!

what was the file detected.... full file path?

malware removers are notified...

Title: Re: Would like some malware removal help: win32.download.gen
Post by: amorris28 on May 15, 2013, 10:27:09 PM
I think it was a false positive. I just re-downloaded SB to see if I could find the file detected, but my scan turned up no results so I think I'm all set!
Title: Re: Would like some malware removal help: win32.download.gen
Post by: essexboy on May 16, 2013, 02:33:35 PM
There are just two orphaned run keys from old search toolbars

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
Code: [Select]
:OTL
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
Title: Re: Would like some malware removal help: win32.download.gen
Post by: amorris28 on May 17, 2013, 06:22:53 PM
Here ya go!
Title: Re: Would like some malware removal help: win32.download.gen
Post by: essexboy on May 18, 2013, 02:44:42 PM
Any problems remaining