Win32:Downloader Infection

Hello,

yesterday after booting the first time my PC, Avast was direct from the beginning off. I turned it on an let it do a fast check and unforntunaly ist found :
Win32:Downloader-TBH (Adw) with a $RIN34UF.exe.

I let Avast delet the file which was succesful. The i made several full scans , also with fresh downloaded Malwareantibytes and nothing is found anymore.

Is my System safe now or should i replay a backup ? What does the “TBH (Adw)” mean ,i can´t find a specific virus name…
For my understanding Adware is for Advertising, not stealing passwords etc… is this correct ?

With kind Regards
Jens

Win32:Downloader-TBH (Adw)
TBH is the version and adw is adware so nothing dangerous

run AdwCleaner to clear your browser for any crap files http://forum.avast.com/index.php?topic=53253.0
you may post the log here

Hello,

thnaks for your answer !! Could to hear that this should not be extreme dangerous.

Here is the log, it seems AdwCleaner found nothing:

AdwCleaner v2.300 - Datei am 03/05/2013 um 19:53:36 erstellt

Aktualisiert am 28/04/2013 von Xplode

Betriebssystem : Windows 8 Pro (64 bits)

Benutzer : drah_000 - ZOCKER

Bootmodus : Normal

Ausgeführt unter : C:\Users\drah_000\Downloads\adwcleaner.exe

Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gefunden : C:\ProgramData\boost_interprocess

***** [Registrierungsdatenbank] *****

***** [Internet Browser] *****

-\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6FCABB18-6A48-11E2-BEB1-D43D7E3838C3}

-\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\drah_000\AppData\Roaming\Mozilla\Firefox\Profiles\sxjj2ymn.default\prefs.js

[OK] Die Datei ist sauber.

-\ Chromium vr_pages: {
enabled: false
}

Datei : C:\Users\drah_000\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Die Datei ist sauber.


AdwCleaner[R1].txt - [1040 octets] - [03/05/2013 19:53:36]

########## EOF - C:\AdwCleaner[R1].txt - [1100 octets] ##########

After cleaning :

AdwCleaner v2.300 - Datei am 03/05/2013 um 19:57:04 erstellt

Aktualisiert am 28/04/2013 von Xplode

Betriebssystem : Windows 8 Pro (64 bits)

Benutzer : drah_000 - ZOCKER

Bootmodus : Normal

Ausgeführt unter : C:\Users\drah_000\Downloads\adwcleaner.exe

Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess

***** [Registrierungsdatenbank] *****

***** [Internet Browser] *****

-\ Internet Explorer v10.0.9200.16537

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6FCABB18-6A48-11E2-BEB1-D43D7E3838C3} → hxxp://www.google.com

-\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\drah_000\AppData\Roaming\Mozilla\Firefox\Profiles\sxjj2ymn.default\prefs.js

[OK] Die Datei ist sauber.

-\ Chromium vr_pages: {
enabled: false
}

Datei : C:\Users\drah_000\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Die Datei ist sauber.


AdwCleaner[R1].txt - [1169 octets] - [03/05/2013 19:53:36]
AdwCleaner[R2].txt - [1229 octets] - [03/05/2013 19:56:19]
AdwCleaner[S1].txt - [1198 octets] - [03/05/2013 19:57:04]

########## EOF - C:\AdwCleaner[S1].txt - [1258 octets] ##########