Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MalSign.Generic.155


  • This topic is locked This topic is locked
10 replies to this topic

#1 vivienne

vivienne

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Preston, England
  • Local time:02:37 PM

Posted 18 February 2015 - 05:30 AM

My AVG Anti-Virus found MalSign.Generic 155 on my computer and said it is secured but doesn't say it has been deleted. Is it as good being secured rather than being deleted altogether? It says it arrived in Chrome.setup.exe which I had downloaded, although I couldn't get it to work properly and now it won't delete using the Uninstall option. What harm is it likely to have done to my computer - could anyone have had access to any of my banking details?



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:37 PM

Posted 21 February 2015 - 08:27 AM

Hello vivienne and welcome to BleepingComputer!             :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 2 days, feel free to PM me.             :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================


Farbar Recovery Scan Tool (FRST)

  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop.
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should.
  • Double click the icon.
  • Click Yes to the disclaimer.
  • Make sure the Addition.txt box is checked.
  • Click Scan and allow the program to run.
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen.
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 vivienne

vivienne
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Preston, England
  • Local time:02:37 PM

Posted 21 February 2015 - 11:52 AM

Oh dear - I feel a bit nervous of maybe messing my computer up when it appears to be working all right. AVG has said it has been secured so I suppose I really needed assurance that when they do that it means it can't actually do any harm now. Also, it would be nice to know it wasn't the sort of virus where anyone could have accessed my computer.



#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:37 PM

Posted 21 February 2015 - 11:56 AM

Please run the tool I mentioned please.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:37 PM

Posted 24 February 2015 - 06:02 AM

It had been three days since my last reply. Are you still there?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#6 vivienne

vivienne
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Preston, England
  • Local time:02:37 PM

Posted 24 February 2015 - 06:07 AM

I have decided I don't feel I want to download something I don't know about onto my computer from someone I don't know either and really would just have liked answers to my questions. Thanks anyway for trying to help me.



#7 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:37 PM

Posted 24 February 2015 - 01:33 PM

Hi vivienne.

 

If AVG quarantined it then the file can't be executed. And from your message looks like AVG quarantined it before it was executed so probably you're safe. But I can't exactly tell you before I don't have enough information. This malware is a generic one that was mostly detected based on behavior. I don't think this malware will allow remote access, however,

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#8 vivienne

vivienne
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Preston, England
  • Local time:02:37 PM

Posted 25 February 2015 - 04:24 AM

Thanks Sirawit. It is a pity AVG couldn't stop it going into my computer, but at least it found it with a scan and it appears it can't do anything now and good to know it isn't likely to have had remote access.



#9 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:37 PM

Posted 25 February 2015 - 07:52 AM

Hi vivienne.

 

No problems. :) Do you want any more help from me?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#10 vivienne

vivienne
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Preston, England
  • Local time:02:37 PM

Posted 25 February 2015 - 08:12 AM

No thanks. I will see if everything seems to be OK.



#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,071 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:02:37 PM

Posted 25 February 2015 - 11:03 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users