I am a senior citizen and have a senior citizen friend several states away that I am trying to help. I have NIS on my computer with Windows Vista. My friend has AVG free AntiVirus with Windows XP Service Pack 3 on his computer.
He also has SpyBot running in the background on his computer, which frequently picks up something named "Win32.Downloader.gen". My question is, if he installs NIS on his computer, should it pick up and "fix" the "Win32.Downloader.gen" problem? Thanks for any help!
From the link below it appears that only spybot finds the infection. May I suggest you read my post on the thread to try and delete it. I would be grateful if you could repost with the results.
Hi Intesec - Thanks for your prompt reply posting. I assume you are referring to your 2/11/2013 posting. I will review it thoroughly and get back with a reply posting when I can get together with my friend.
Yes, only SpyBot finds the infection. One problem I have is that my friend and I are both in our mid-eighties - and I'm having trouble teaching him how to get in Safe Mode. I've ran SpyBot in Safe Mode on my end, as well as Malware Bytes. More info when I've discussed with my friend.
There appears to be a slight confusion about the dates the thread I am referring to was started on 05-08-2013 at 07:21 PM and not 2/11/2013. To clarify what I mean please click on the link below and refer to the posts by me there are two of them, which I have copied here for you to review.
I’ve had the same problem with browser garbage from cnet and keep away from downloading from it now. File hippo seems ok. I have had success by running the software in safe mode which allowed the problems to be resolved that failed in normal mode, but Norton appears to be disabled in safe mode only allowing a full scan, so it might be wise to disconnect from the internet before booting into safe mode (see help and support from the start menu).
I’ve just run spybot in safe mode and it finished the scan. I have some suggestions,
To try running spybot in safe mode again?
To get updates and try running spybot in safe mode again?
To download the latest version get updates and try running spybot in safe mode again?
The link below needs the basic version downloaded not the trial or the pro, the same when installing to avoid any real time protection. You’ll need to uncheck a box at the bottom of a line of check boxes, if I remember correctly.
IMHO, the best thing your friend can do is to follow dickevans information in regards to using one of the 4 malware removal sites he listed in his post here.
Also please read the last post in that thread by Quads - he is a fully trained malware removalist who has quit working malware removals on this forum because of information coming from many different sources (and causing in some cases) more harm than good.
Spybot S&D (or 2) will not remove "Search Protect" by Conduit, as found out myself and on Spybot Forum etc. We have programs that will including scripting. Spybot does not find it all,
No point in telling users to use programs that does not do the job
I really appreciate all the help my original inquiry brought. My friend already has SpyBot on his computer, so the question really does not concern SpyBot - except that SpyBot finds the Win32.downloader.gen every day when he runs it. My question is, can he install another program, such as Norton Internet Security (for Windows XP SP3) that will also find Win32.downloader.gen and fix it?? Thanks again!
From calebcrawford’s information on the link below NIS cannot delete, win32.downloader.gen, as Caleb’s thread progresses to a malware removal site. May I suggest trying spybot in safe mode, as Caleb could not run spybot in safe mode?
calebcrawford’s post below.
I seem to be afflicted by a trojan/virus. It comes up in Spybot as win32.downloader.gen, and Spybot cannot remove. I am using Norton Internet Security 19.9.1.14 fully updated, and the quick scan shows nothing, I am still running a full scan.
Used a Malware Removal forum to fix the problem and make sure the system is cleaned and in order. Please do the same and use people like myself to safely deal with things as we know what we are doing with the advanced tools we use.
Hi Quads - SpyBot detects Win32.downloader.gen every time my friend runs it. It gives the message that it cannot be fixed at the time, but may (I think) fix it next time SpyBot is run. So far, it HAS fixed it the next time he runs Spybot (which is usually immediately) - but then the next day, SpyBot detects it again.
Today, after he had re-run SpyBot and it showed fixed, I had him run a hard drive search for Win32.downloader.gen and it did not come up. I asked him to run one of his daily web-sites, and then run the search again. The search didn't find it.
The goal is to try to find an "automatic" detector, so that he doesn't have to keep running SpyBot manually twice to get it fixed. I've sent an inquiry to Norton to ask them if they have such a product; will post what I hear from them! Thanks.
"I had him run a hard drive search for Win32.downloader.gen and it did not come up" hahahahaha that is funny, It doesn't work like that., you are way out of your depth so careful with what you do with the system.
As I said Spybot does not detect it all. But now you have a broken product (if we can call it that ) even Spybot forums found that they have to manually script to get the rest.
Here's the latest. When he runs Spybot, he gets the following message:
"(X) Win32.Downloader.gen
(X) [SBI $BCCEBCBD] Program Directory
C:\Documents and Settings\GMac...\Application Data\Search Project\
WARNING
Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory).
This could be fixed after a restart.
May Spybot-S&&D run on your next system startup?
YES NO"
The (X) are in red color.
He usually clicks on YES, and restarts the computer - and Spybot also starts. When Spybot is finished running this 2nd time, it usually shows that Win32.Downloader.gen has been fixed, i.e., (X) in green.