Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware-gen Detected


  • Please log in to reply
2 replies to this topic

#1 broomy

broomy

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 04 October 2008 - 02:21 PM

Hi, have got a problem, every time I start PC, my Avast 4.7 Home edition (freeware) pop-ups me a message that my PC is infected with VBS:Malware-gen (C:\WINDOWS\file.bat). Tried Avast virus scan, it suggested to move to chest, I did, but next time I start my PC, the same happens. Tried SuperAntiSpyware, it didn't help. Run McAfee online scan, it detected two infections (Exploit-PDF.b and GenericFakeAlert.a), but did not suggested any removal options. Then I found your forum, was unpatient, saved and run ComboFix (disabled system restore first, not sure that was a good idea). Restarted my PC, no more messages from Avast, but then I tried Symantec online scan once more, this time it displayed a message: 1 file infected on your disk drive C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KB908179.exe is infected with Packed.generic.187. Now I have Combofix.txt file, but don't know what to do next. Please help, need your advice. As Forum Guidelines say not posting any Log files unless requested, I am waiting for your instructions.
Regards,
Maris

Edited by broomy, 05 October 2008 - 04:01 AM.
Moved from HiJack This forum to Am I Infected as there were no logs. ~ OB


BC AdBot (Login to Remove)

 


#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 05 October 2008 - 09:41 AM

Plese try running these two scans and post the reports from them for examination
malawarebytes
http://www.bleepingcomputer.com/forums/ind...st&p=959453
I asppreciate this one has already been run but do a fresh run with these isntructions superantispyware
http://www.bleepingcomputer.com/forums/ind...st&p=959604

#3 broomy

broomy
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 05 October 2008 - 10:15 AM

Malwarebytes' Anti-Malware 1.28
Database version: 1229
Windows 5.1.2600 Service Pack 3

2008.10.05. 18:13:31
mbam-log-2008-10-05 (18-13-31).txt

Scan type: Quick Scan
Objects scanned: 45453
Time elapsed: 2 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Admin\Desktop\Dokumente und EinstellungenAll UsersStartmenuProgrammeAutostartoffice.exe (Trojan.Downloader) -> Quarantined and deleted successfully.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users