Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

generic.bot.h

Started by moult86 , Dec 04 2009 12:59 PM

  • Please log in to reply

#1
moult86
Posted 04 December 2009 - 12:59 PM

moult86

    New Member

  • Member
  • Pip
  • 1 posts
My computer was recently infected with Generic.bot.h

McAfee caught the infection trying to make a registry change and make a call home, which I blocked via the firewall.

I immediately scanned with malwarebytes and it revealed 1 corrupted registry entry generic.bot.h. Malwarebytes claimed to have removed the infection. I then scanned with McAfee and Ad-Aware. Both scans came up negative for infection.

When i rebooted my system I kept getting a popup on my desktop saying "a program on your computer wants to display a message but cannot" According to the popup window the program path was C:Windows/explorer.exe

Another scan with MalwareBytes revealed the same infected registry key.

I cleaned my temp files with TFC that I downloaded from this site. I scanned with MalwarBytes and removed the infected registry key

Then I restored my system to a point before the infection (I knew this because McAfee alerted me to the infection when it was installing itself)

Since then the desktop popups have stopped and scanning with MalwareBytes reveals no infections.

Does this mean that I am no longer infected with Generic.bot.h? and
Should I delete the old restore point that contains the infection?

here is the MalwareBytes log file for the last quick scan after I restored my system.

Malwarebytes' Anti-Malware 1.42
Database version: 3292
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

12/4/2009 1:09:05 PM
mbam-log-2009-12-04 (13-09-05).txt

Scan type: Quick Scan
Objects scanned: 97583
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Many thanks in advance for helping me have piece of mind that my system is truly clean.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP