Infected or not?

Status
Not open for further replies.
M

martinsh

Hi guys,

I'm totally new to this place, but found this forum when I did a search on Google for 'Generic5'. Which brings me to the problem I have; is my computer infected or not? And what do I do if it is indeed infected?

The reason I started to suspect something was wrong is because today AVG caught a virus called Generic5.HIA (path: c:\Windows\system32\Autorun.exe). I decided to heal the file not knowing if it was a critical system file or not and the file was moved to the AVG Virus Vault. My initial thought was that this would have fixed the problem, but then for no particular reason my computer restarted a couple of times and from what I gather this is at least one of the trademarks of the Generic5 virus.

I don't have much experience hunting down viruses, but I did notice others usually posting or attaching their HiJackThis log as well as their ComboFix log. I have installed and executed both programs and attached the resulting files.

Your help is greatly appreciated.

Thanks,
Martin
 
Did AVG report the virus during a full scan or was it the resident program that popped up reporting it? If it's the latter, run an AVG full scan and see if it finds anything more.
 
Hi Andy,

It was the resident program that popped up reporting it. I did run a complete virus test in AVG earlier today, but it didn't find anything more.

Can you tell from the attachments if my computer is infected or not? I'm especially worried about something that might be recording usernames and passwords.

Thanks,
Martin
 
If you ran a subsequent full scan and it didn't find anything else, it's unlikely your comp is still infected. You can try running a Trend Micro online virus scan if you want to be more secure about it.

As for recording usernames & passwords, that's spyware, not viruses. You need to run anti-spyware utilities to catch that. In fact, you need to run multiple ones as there are different types of spyware. The ones recommend to my customers are:

  • Ad-Aware 2007
  • Spybot Search & Destroy
  • AVG Anti-Spyware

All are free and can be downloaded via the Internet.
 
Ok, I did also run Spybot SD earlier today and it did show a couple of unwanted files, which I proceeded to fix, of course. I'll give the other spyware programs you mention a whirl as well.

Glad to hear that my computer probably isn't infected. I will certainly run the Trend Micro thing as well. My mind is not completely at rest, I must confess, basically because it was my impression that the Generic5 can be fairly difficult to get completely rid of. Sorry for being a pain, but do you see anything in the attached files that would indicate my computer is still infected?

Thank your for your help - I really appreciate it.

- Martin
 
Status
Not open for further replies.

Similar threads

E
Another day, another FBI takedown of routers infected by malware
Replies
7
Views
216
p51d007
p51d007
R
Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity #
2
Replies
32
Views
3K
Broni
Broni
A
FBI shoots down Qakbot botnet used to deliver ransomware
Replies
1
Views
341
Hotlynx16
H

Latest posts

Back