Author Topic: Got this virus---VBS:Malware [Gen]  (Read 13252 times)

0 Members and 1 Guest are viewing this topic.

GhosTT

  • Guest
Got this virus---VBS:Malware [Gen]
« on: February 28, 2006, 11:17:44 AM »
Keep in mind low skill level ;)

Anyways,
I think  AVAST stopped it from doing any damage,but...


Here is my problem.

When I scan with AVAST it doesn't show up anymore,but....
When I scan with ADWARESE ,I end up with AVAST popping up a window warning me of it.

Reccomends to add to the "CHEST", and I do,but still shows up in adwareSE scans.

Again remember    "Keep in mind low skill level"

So, my low skilled ass is thinking this virus is not doing nothing(tell me if I'm wrong),so want to know how to stop it from showing in scans???




Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Got this virus---VBS:Malware [Gen]
« Reply #1 on: February 28, 2006, 01:51:10 PM »
Reccomends to add to the "CHEST", and I do,but still shows up in adwareSE scans.
Maybe temporary files are being detected...
Are you using Windows XP?
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning
Select for scanning archives.
Boot.  ;)
The best things in life are free.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Got this virus---VBS:Malware [Gen]
« Reply #2 on: February 28, 2006, 03:31:57 PM »
Hello GhosTT,

Go to these links: http://www.aumha.org/a/health.htm to know how to take out the Trash on your comp. And run the script on http://www.aumha.org/a/noads.php.
If you want to do the temp files manually: delete all files "*.tmp" & search for all files "temp". Delete only the contents of them, do NOT delete the folder. But running CCleaner will surely help.
Read here: http://ww3.telus.net/dandemar/slowcom.htm where you have to forget about the online scanners suggested, use BitDefender in stead and Stinger.exe together with Spyaudit. The rest of the info there could be helpful in your situation.
After you have cleaned your comp, use it with one good resident AV solution, one software firewall only, Ad-aware, Spybot S&D, Spyware Blaster, Bazooka. Patch and update your software and surf safe.

polonus
« Last Edit: February 28, 2006, 03:35:52 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Got this virus---VBS:Malware [Gen]
« Reply #3 on: February 28, 2006, 03:34:10 PM »
Well firstly, when I run any other security scan, I pause avast's standard shield.

That way avast won't detect any unpacked virus or malware signatures. Not to mention for every file the other security program opens to scan avast will also scan it, so you almost double the scanned filed and scan duration.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

GhosTT

  • Guest
Re: Got this virus---VBS:Malware [Gen]
« Reply #4 on: March 01, 2006, 03:18:17 AM »
DavidR,

" Well firstly, when I run any other security scan, I pause avast's standard shield."

How do I pause it?

And to everybody,
thanks for the replies:)

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Got this virus---VBS:Malware [Gen]
« Reply #5 on: March 01, 2006, 12:53:06 PM »
" Well firstly, when I run any other security scan, I pause avast's standard shield."
Risth click the 'a' blue icon and choose the last option (Stop On-Access Protection).
Or, left click the 'a' blue icon, choose the Standard Shield at left and the pause buttom at right  ;)
The best things in life are free.

GhosTT

  • Guest
Re: Got this virus---VBS:Malware [Gen]
« Reply #6 on: March 03, 2006, 02:12:30 AM »
Thank you Tech :D

chilipepper

  • Guest
Re: Got this virus---VBS:Malware [Gen]
« Reply #7 on: March 12, 2006, 09:00:27 PM »
I'm curious if your advice actually worked for ghosTT.  My BF got it on his pc...same symptoms as ghosTT except Avast did NOT remove it.  It keeps regenerating like one version of CWS did (that I had...had to wipe the hard drive for that SOB) as soon as you try to move it to chest (recommended action).  Avast finds it in temp files blackbox.class...then verifier.class...then dummy.class...then beyond.class.  As Avast tries to deal with it, it regenerates the files.  Right now I'm trying to get rid of it in safe mode after disabling system restore.  Deleted all temp files (incl offline content), cookies and history thru IE tools>internet options and made sure the trash was empty.  Adaware didn't find it after that.  Running Avast right now.  Made the mistake of trying system restore before safe boot.  Hope that didn't screw up the whole thing.  Can't find any trace of it in the registry but I'm no expert there (just REALLY careful...yikes).  Still considering trying to do a boot scan when I restart in normal mode?  Ya think I oughtta? 

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Got this virus---VBS:Malware [Gen]
« Reply #8 on: March 12, 2006, 09:15:17 PM »
Hi chilipeper,

Try deleting the Java cache. You can do this from the Java console via Control Panel or use CCleaner- make sure you have the Java cache option ticked and run a clean up.

Check that you have the latest version of Sun Java, Version 5 Update 6.

http://www.java.com/en/download/index.jsp

Also ensure that any older versions of Sun Java have been removed from Add/Remove programs.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Got this virus---VBS:Malware [Gen]
« Reply #9 on: March 12, 2006, 09:27:48 PM »
Hi FwF,

Yes, and these things are exactly why I have my NoScript visor up inside FF or Flock. Once befallen to the byteverify scam, you'd never like to run the risk again, once bitten twice shy. Java super for me, but only at my saying, and when I checked the site.
That is why I am a strong adherent on in-browser security:
Adblock Plus updater, NoScript, DrWeb hyperlink plug-in, siteadvisor, avast webshield inside, are some of the in browser small add-ons I cannot surf without.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

chilipepper

  • Guest
Re: Got this virus---VBS:Malware [Gen]--reporting back
« Reply #10 on: March 13, 2006, 07:55:36 PM »
Welp...safe mode did the trick.  Avast got it then.  Funny thing...after it found and had deleted the infected files it then displayed, for the rest of that scan,  "Scanner status: infected". The next scan after that it showed "running" as normal and everything was clean.  Froze up the first time I tried to run it with puter in normal mode to double-check everything.  Thought the Avast techies might find the info useful.  Anyhooo...Now it runs fine and the SO's puter is clean again.    yay.   I've recommended he do a free online scan from another AV prog just to be sure (as you say, no AV gets EVERYthing EVERY time) Thanx for the tip on CCleaner but I don't want the Yahoo toolbar.  Too bad they had to tie the two together.   ::)   

CharleyO

  • Guest
Re: Got this virus---VBS:Malware [Gen]
« Reply #11 on: March 13, 2006, 08:25:04 PM »
***

There is a post in here somewhere that shows how to use CCleaner without the crappy Yahoo toolbar. I think it was posted by Bob3160. Do a search for it.


***

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Got this virus---VBS:Malware [Gen]
« Reply #12 on: March 13, 2006, 09:00:08 PM »
Quote
Funny thing...after it found and had deleted the infected files it then displayed, for the rest of that scan,  "Scanner status: infected".
It just signifies that at the time you ran that scan the system was infected, as you found it only relates to the duration of that scan.

Two temp file cleaners, etc. ClearProg - Temp File Cleaner or CCleaner - Temp File Cleaner, etc., if you chose to instal CCleaner, when you install it there is an option not to install the Yahoo Toolbar, see image.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

tukne1975

  • Guest
Re: Got this virus---VBS:Malware [Gen]
« Reply #13 on: May 22, 2009, 06:12:20 PM »

my script host is failed to load, it was a VBS malware affected and i already deleted the files affected, is there a remedy to restore the file? and where? i need help