Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
can't get rid of w32.downloader.gen
Message
<blockquote data-quote="efree777" data-source="post: 120953" data-attributes="member: 8230"><p>FROM OTL FIX:</p><p></p><p>All processes killed</p><p>========== OTL ==========</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{362269bd-c93c-460f-9255-3bd667eb7f0a}\ deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{362269bd-c93c-460f-9255-3bd667eb7f0a}\ not found.</p><p>Registry value HKEY_USERS\S-1-5-21-767052454-1278637375-1300389408-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.</p><p>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully.</p><p>C:\ProgramData\Search Protection\_run.bat moved successfully.</p><p>Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully.</p><p>Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.</p><p>C:\SearchProtect\ffprotect folder moved successfully.</p><p>C:\SearchProtect folder moved successfully.</p><p>C:\Users\Marie\AppData\Roaming\Win7codecs folder moved successfully.</p><p>========== FILES ==========</p><p>C:\ProgramData\Search Protection folder moved successfully.</p><p>C:\Program Files (x86)\iWonEI\Installr\setups folder moved successfully.</p><p>C:\Program Files (x86)\iWonEI\Installr\1.bin\chrome folder moved successfully.</p><p>C:\Program Files (x86)\iWonEI\Installr\1.bin folder moved successfully.</p><p>C:\Program Files (x86)\iWonEI\Installr folder moved successfully.</p><p>C:\Program Files (x86)\iWonEI folder moved successfully.</p><p><span style="color: #A23BEC">< ipconfig /flushdns /c ></span></p><p>Windows IP Configuration</p><p>Successfully flushed the DNS Resolver Cache.</p><p>C:\Users\Marie\Desktop\cmd.bat deleted successfully.</p><p>C:\Users\Marie\Desktop\cmd.txt deleted successfully.</p><p>========== COMMANDS ==========</p><p> </p><p>[EMPTYTEMP]</p><p> </p><p>User: Administrator</p><p> </p><p>User: All Users</p><p> </p><p>User: Default</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 33170 bytes</p><p>->Flash cache emptied: 56475 bytes</p><p> </p><p>User: Default User</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 0 bytes</p><p>->Flash cache emptied: 0 bytes</p><p> </p><p>User: Marie</p><p>->Temp folder emptied: 27012178 bytes</p><p>->Temporary Internet Files folder emptied: 22604955 bytes</p><p>->Java cache emptied: 52586492 bytes</p><p>->FireFox cache emptied: 70989297 bytes</p><p>->Google Chrome cache emptied: 0 bytes</p><p>->Flash cache emptied: 57026 bytes</p><p> </p><p>User: NeroMediaHomeUser.4</p><p>->Temp folder emptied: 35840 bytes</p><p>->Temporary Internet Files folder emptied: 33170 bytes</p><p> </p><p>User: Public</p><p> </p><p>%systemdrive% .tmp files removed: 0 bytes</p><p>%systemroot% .tmp files removed: 0 bytes</p><p>%systemroot%\System32 .tmp files removed: 0 bytes</p><p>%systemroot%\System32 (64bit) .tmp files removed: 0 bytes</p><p>%systemroot%\System32\drivers .tmp files removed: 0 bytes</p><p>Windows Temp folder emptied: 35086134 bytes</p><p>%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50741 bytes</p><p>%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes</p><p>%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84793 bytes</p><p>RecycleBin emptied: 213002 bytes</p><p> </p><p>Total Files Cleaned = 199.00 mb</p><p> </p><p> </p><p>OTL by OldTimer - Version 3.2.69.0 log created on 05162013_102333</p><p></p><p>Files\Folders moved on Reboot...</p><p>C:\Users\Marie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEI2LL9U\count[2].js moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJ5SEV8K\fastbutton[1].htm moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P6VK62X\Thread-can-t-get-rid-of-w32-downloader-gen[1].htm moved successfully.</p><p>C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P6VK62X\tweet_button.1368146021[1].htm moved successfully.</p><p></p><p>PendingFileRenameOperations files...</p><p></p><p>Registry entries deleted on Reboot...</p><p></p><p></p><p>FROM SECURITYCHECK:</p><p></p><p> Results of screen317's Security Check version 0.99.63 </p><p> Windows 7 Service Pack 1 x64 (UAC is enabled) </p><p> Internet Explorer 9 </p><p><strong><u>``````````````Antivirus/Firewall Check:``````````````</u></strong> </p><p> Windows Firewall Enabled! </p><p>Lavasoft Ad-Aware </p><p>Norton Internet Security </p><p> Antivirus up to date! (On Access scanning <strong>disabled</strong>!) </p><p><strong><u>`````````Anti-malware/Other Utilities Check:`````````</u></strong> </p><p> Ad-Aware </p><p> MVPS Hosts File </p><p> Spybot - Search & Destroy </p><p> Java(TM) 6 Update 22 </p><p> <span style="color: red"><strong>Java version out of Date!</strong></span> </p><p> Adobe Flash Player 11.7.700.202 </p><p> Adobe Reader 9 <span style="color: red"><strong>Adobe Reader out of Date!</strong></span> </p><p> Mozilla Firefox 14.0.1 <span style="color: red"><strong>Firefox out of Date!</strong></span> </p><p> Google Chrome 25.0.1364.172 </p><p> Google Chrome 26.0.1410.64 </p><p> Google Chrome plugins... </p><p><strong><u>````````Process Check: objlist.exe by Laurent````````</u></strong> </p><p> Norton ccSvcHst.exe </p><p> <span style="color: red"><strong>Ad-Aware AAWService.exe is disabled!</strong></span> </p><p> <span style="color: red"><strong>Ad-Aware AAWTray.exe is disabled!</strong></span> </p><p> <strong><span style="color: red">Spybot Teatimer.exe is disabled!</span></strong> </p><p> Ad-Aware Antivirus AdAwareService.exe </p><p> Ad-Aware Antivirus SBAMSvc.exe </p><p><strong><u>`````````````````System Health check`````````````````</u></strong> </p><p> Total Fragmentation on Drive C: 0% </p><p><strong><u>````````````````````End of Log``````````````````````</u></strong></p></blockquote><p></p>
[QUOTE="efree777, post: 120953, member: 8230"] FROM OTL FIX: All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{362269bd-c93c-460f-9255-3bd667eb7f0a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{362269bd-c93c-460f-9255-3bd667eb7f0a}\ not found. Registry value HKEY_USERS\S-1-5-21-767052454-1278637375-1300389408-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully. C:\ProgramData\Search Protection\_run.bat moved successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found. C:\SearchProtect\ffprotect folder moved successfully. C:\SearchProtect folder moved successfully. C:\Users\Marie\AppData\Roaming\Win7codecs folder moved successfully. ========== FILES ========== C:\ProgramData\Search Protection folder moved successfully. C:\Program Files (x86)\iWonEI\Installr\setups folder moved successfully. C:\Program Files (x86)\iWonEI\Installr\1.bin\chrome folder moved successfully. C:\Program Files (x86)\iWonEI\Installr\1.bin folder moved successfully. C:\Program Files (x86)\iWonEI\Installr folder moved successfully. C:\Program Files (x86)\iWonEI folder moved successfully. [color=#A23BEC]< ipconfig /flushdns /c >[/color] Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Marie\Desktop\cmd.bat deleted successfully. C:\Users\Marie\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Marie ->Temp folder emptied: 27012178 bytes ->Temporary Internet Files folder emptied: 22604955 bytes ->Java cache emptied: 52586492 bytes ->FireFox cache emptied: 70989297 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 57026 bytes User: NeroMediaHomeUser.4 ->Temp folder emptied: 35840 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 35086134 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50741 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84793 bytes RecycleBin emptied: 213002 bytes Total Files Cleaned = 199.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05162013_102333 Files\Folders moved on Reboot... C:\Users\Marie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEI2LL9U\count[2].js moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJ5SEV8K\fastbutton[1].htm moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P6VK62X\Thread-can-t-get-rid-of-w32-downloader-gen[1].htm moved successfully. C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P6VK62X\tweet_button.1368146021[1].htm moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... FROM SECURITYCHECK: Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 [b][u]``````````````Antivirus/Firewall Check:``````````````[/u][/b][u][/u] Windows Firewall Enabled! Lavasoft Ad-Aware Norton Internet Security Antivirus up to date! (On Access scanning [b]disabled[/b]!) [b][u]`````````Anti-malware/Other Utilities Check:`````````[/u][/b][u][/u] Ad-Aware MVPS Hosts File Spybot - Search & Destroy Java(TM) 6 Update 22 [color=red][b]Java version out of Date![/b][/color] Adobe Flash Player 11.7.700.202 Adobe Reader 9 [color=red][b]Adobe Reader out of Date![/b][/color] Mozilla Firefox 14.0.1 [color=red][b]Firefox out of Date![/b][/color] Google Chrome 25.0.1364.172 Google Chrome 26.0.1410.64 Google Chrome plugins... [b][u]````````Process Check: objlist.exe by Laurent````````[/u][/b][u][/u] Norton ccSvcHst.exe [color=red][b]Ad-Aware AAWService.exe is disabled![/b][/color] [color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/color] [b][color=red]Spybot Teatimer.exe is disabled![/color][/b] Ad-Aware Antivirus AdAwareService.exe Ad-Aware Antivirus SBAMSvc.exe [b][u]`````````````````System Health check`````````````````[/u][/b][u][/u] Total Fragmentation on Drive C: 0% [b][u]````````````````````End of Log``````````````````````[/u][/b][u][/u] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
