Win32.downloader.gen is classified as a Trojan and is very tricky. The Trojan seems to be only detected by Spybot so far while other anti-virus programs are not able to do the same trick. That explains why so many PC users prefer to install more than one anti-virus program at the cost of sustaining troubles triggered by conflicts between the two. Win32.downloader.gen is a typical Trojan that possesses the ability to hide its critical items. Victims always get warning message on win32.downloader.gen with the directory ‘C:\Users\Alec\AppData\Roaming\SearchProtect’ but without the possibility to remove the flagged item. Error message would prompt up and stop such attempt, saying that “the associated files are still in use (in memory)”. Actually, the fatal item of win32.downloader.gen, which is hidden, is occupying the flagged item.
Those who update themselves with virus knowledge would go into database and remove related registry entries there. However, it returns an error: “Unexpected error in fixing problems. (Cannot create file ‘C:\Windows\wininit.ini’. Access is denied.)” with only “OK” as an option. From this point of view, win32.downloader.gen is an aggressive one capable of imposing thorough damage that it somehow manages to cause troubles on browser (e.g. IE, Firefox, Google Chrome). It has been reported by its victims that they had their browsers open new windows randomly; the windows appeared to be legitimate and vaguely related to the intended content, but bore no relationship to the buttons they were clicking.
* Computer becomes choppy, sluggish and slow during operation.
* CPU usage will not stay stable, sometimes would soar steeply even when there’s few programs running in the background.
* Browser acts weird, such as it takes longer to load a page and gives different pages/ interface from that of former days.
* Error messages start to come into sight when attempts to change settings and remove item are made.
* Windows firewall as well as the one of installed anti-virus program will not stay as automatic.
* Letters/words are turned into symbols.
Taking the inability for anti-virus programs to remove win32.downloader.gen into consideration, manual removal is highly recommended to be adopted. However, we can apply programs to help alleviate the cumbersome manual procedures.
Start screen > open any folder > open Windows Explorer > select View tab > Tick ‘File name extensions’ and ‘Hidden items’ options > mainly navigate to C:＼windows＼winstart.bat, C:＼windows＼wininit.ini and C:＼windows＼Autoexec.bat to find and delete every files and folders named after win32.downloader.gen.
Click open ‘Control Panel’ > search for ‘Folder Options’ > tap View tab > tick ‘Show hidden files and folders and non-tick Hide protected operating system files (Recommended)’ > press ‘OK’ > mainly navigate to C:＼windows＼winstart.bat, C:＼windows＼wininit.ini and C:＼windows＼Autoexec.bat to find and delete every files and folders named after win32.downloader.gen.
1. Move your mouse over lower right screen
2. Charms bar appears
3. Click Search charm
4. Type ‘regedit’/‘regedit.exe’ and hit Enter key
navigate to HKEY_LOCAL_MACHINE＼SOFTWARE＼Microsoft＼Windows＼Curren Version, HKEY_CURRENT_USER＼Software＼Microsoft＼Windows＼CurrentVersion and HKEY_CURRENT_USER＼Software＼Microsoft＼Windows＼CurrentVersion＼Explorer＼Shell Folders Startup=”C:＼windows＼start menu＼programs＼startup respectively; find suspicious key value started with “Run” and delete accordingly.
Start menu > launch Run/ Search box > type ‘regedit’ > hit Enter key > the same as the fifth point above.
Insert Windows XP CD into the drive (if Autoplay kicks in, exit out of it).
Click on Start -> Run.
Copy and Paste ‘sfc /scannow’ within the text box.
Windows File Protection Service scans all protected files and verifies integrity, replacing any files with which it finds a problem.
Be patient and allow this process to proceed completely.
Restart your computer once this process is completed.
1. Put Windows 7 CD in your optical drive
2. Restart to boot from the DVD.
3. On the “Install Windows” screen, make the appropriate selections for language, time, and keyboard, and then click “Next”.
4. On the next screen, click “Repair Your Computer”.
5. In “System Recovery Options”, select which operating system you want to restore if any are listed, and click “Next”.
6. The “System Recovery Options” screen shows up and select “Startup Repair”.
According to the aforementioned characteristics of win32.downloader.gen, failure in removing it can be easily seen as it is capable of introducing additional virus and triggering extra PC issues. The key to a complete removal is to delete everything related but not exclusively to win32.downloader.gen on the computer if there’s any because any vicious leftover will help it survive.