Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
win32.downloader.gen
Message
<blockquote data-quote="littlesqueak7" data-source="post: 122399" data-attributes="member: 8546"><p>[attachment=4608]</p><p>[attachment=4606]</p><p></p><p>Fiery:</p><p>Thank you so much for offering to help me get rid of win32.downloader.gen and other malware on my computer. i am grateful there are people like you who are knowledgeable and have tools to help.</p><p></p><p>I followed your instructions and am attaching the logs as advised. No Malware was found using the Malwarebytes Anti-Rootkit, so there is no log.</p><p>=============================================</p><p>OTL Log:</p><p>All processes killed</p><p>========== OTL ==========</p><p>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll deleted successfully.</p><p>C:\Program Files (x86)\SearchProtect\bin\cltmng.exe moved successfully.</p><p>Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\bin\cltmng.exe moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\lib folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect\bin folder moved successfully.</p><p>C:\Users\Liberte\AppData\Roaming\SearchProtect folder moved successfully.</p><p>========== FILES ==========</p><p>C:\Program Files (x86)\SearchProtect\ffprotect folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs\spsd folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs\spbd folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs\lib folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\Dialogs folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect\bin folder moved successfully.</p><p>C:\Program Files (x86)\SearchProtect folder moved successfully.</p><p><span style="color: #A23BEC">< ipconfig /flushdns /c ></span></p><p>Windows IP Configuration</p><p>Successfully flushed the DNS Resolver Cache.</p><p>C:\Users\Liberte\Downloads\Malware Bytes LOGs\cmd.bat deleted successfully.</p><p>C:\Users\Liberte\Downloads\Malware Bytes LOGs\cmd.txt deleted successfully.</p><p>========== COMMANDS ==========</p><p> </p><p>[EMPTYTEMP]</p><p> </p><p>User: All Users</p><p> </p><p>User: Default</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 33170 bytes</p><p>->Flash cache emptied: 56502 bytes</p><p> </p><p>User: Default User</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 0 bytes</p><p>->Flash cache emptied: 0 bytes</p><p> </p><p>User: Liberte</p><p>->Temp folder emptied: 100121012 bytes</p><p>->Temporary Internet Files folder emptied: 113264008 bytes</p><p>->Java cache emptied: 2302171 bytes</p><p>->FireFox cache emptied: 449802061 bytes</p><p>->Google Chrome cache emptied: 874063 bytes</p><p>->Apple Safari cache emptied: 36864 bytes</p><p>->Flash cache emptied: 60765 bytes</p><p> </p><p>User: Public</p><p> </p><p>User: UpdatusUser</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 33170 bytes</p><p> </p><p>%systemdrive% .tmp files removed: 0 bytes</p><p>%systemroot% .tmp files removed: 0 bytes</p><p>%systemroot%\System32 .tmp files removed: 0 bytes</p><p>%systemroot%\System32 (64bit) .tmp files removed: 0 bytes</p><p>%systemroot%\System32\drivers .tmp files removed: 0 bytes</p><p>Windows Temp folder emptied: 812451 bytes</p><p>%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46463554 bytes</p><p>RecycleBin emptied: 1907320 bytes</p><p> </p><p>Total Files Cleaned = 683.00 mb</p><p> </p><p> </p><p>OTL by OldTimer - Version 3.2.69.0 log created on 05272013_164216</p><p>======================================</p></blockquote><p></p>
[QUOTE="littlesqueak7, post: 122399, member: 8546"] [attachment=4608] [attachment=4606] Fiery: Thank you so much for offering to help me get rid of win32.downloader.gen and other malware on my computer. i am grateful there are people like you who are knowledgeable and have tools to help. I followed your instructions and am attaching the logs as advised. No Malware was found using the Malwarebytes Anti-Rootkit, so there is no log. ============================================= OTL Log: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll deleted successfully. C:\Program Files (x86)\SearchProtect\bin\cltmng.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\bin\cltmng.exe moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\ffprotect folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs\lib folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\Dialogs folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect\bin folder moved successfully. C:\Users\Liberte\AppData\Roaming\SearchProtect folder moved successfully. ========== FILES ========== C:\Program Files (x86)\SearchProtect\ffprotect folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spsd folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\spbd folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs\lib folder moved successfully. C:\Program Files (x86)\SearchProtect\Dialogs folder moved successfully. C:\Program Files (x86)\SearchProtect\bin folder moved successfully. C:\Program Files (x86)\SearchProtect folder moved successfully. [color=#A23BEC]< ipconfig /flushdns /c >[/color] Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Liberte\Downloads\Malware Bytes LOGs\cmd.bat deleted successfully. C:\Users\Liberte\Downloads\Malware Bytes LOGs\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Liberte ->Temp folder emptied: 100121012 bytes ->Temporary Internet Files folder emptied: 113264008 bytes ->Java cache emptied: 2302171 bytes ->FireFox cache emptied: 449802061 bytes ->Google Chrome cache emptied: 874063 bytes ->Apple Safari cache emptied: 36864 bytes ->Flash cache emptied: 60765 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 812451 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46463554 bytes RecycleBin emptied: 1907320 bytes Total Files Cleaned = 683.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05272013_164216 ====================================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top