vbs:exedropper-gen[trj] and win32:ramnit-b

[scoobertina]

I am being invaded.. by vbs:exedropper-gen[trj] and win32:ramnit-b.. avast is deleting or putting them in a chest.. how do I make it stop though? it is running rampant through my files.. will avast be able to block them all?


Ok.. it says that most were deleted or put in the chest.. over 8600.. but the shield tells me that those files are infected.. what do I do? the pop up said I don't need to do anything.. but why does the shield still tell me that I have infected files.. even when I ran a scan it showed no infections.. please help.. I am confused..

btw.. I am running the free version.. 5.0.594

[SafeSurf]

Welcome to the forum. 

Open the Avast GUI > Settings > Virus Chest > Maximum size of chest...change it to zero to allow more to stay in the Chest so nothing is deleted.

What kind of scan did you run?

[scoobertina]

so I don't want it deleted? ohhhh ok... so I am infected then?

I ran a full system scan, but I started getting the pop ups well before that.. they have slowed way down.. but I still get a few here and there..

[SafeSurf]

So you deleted things that were in the Virus Chest?

[scoobertina]

yes.. I did.. and right now I am not happy about that..

[SafeSurf]

Do not turn your machine off.

Did you change any default settings of Avast?  When you get a warning...does it say put in Virus Chest?

[scoobertina]

I only changed the setting so I can keep all incoming in the chest and not have them deleted.
When I get a warning it says it is going to the chest

[SafeSurf]

Good.  Update your Avast definitions, then run a FULL scan with Avast.  Anything that is put into the Chest...leave there.

After you update your definitions...sign offline to do your Full Scan.  Then you can post your results.

[scoobertina]

Ok.. be back in a bit..

[scoobertina]

ok... I am back.. now what?

[SafeSurf]

Did the Full scan show anything?

[SafeSurf]

Next, check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
·   Download free http://www.malwarebytes.org/ for an on-demand scanner.
·   Double Click mbam-setup.exe to install the application.
·   After install, click update so you have latest database before scanning.
·   Under Settings:
o   General: Automatically Save File After Scan Completes is checked off
o   Scanner Settings:  Check all boxes
o   Updater: Download and install update if available is checked off
·   Once the program has loaded, select "Perform FULL Scan", then click Scan.
·   The scan may take some time to finish, so please be patient.
·   When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
·   Click the “remove selected” button to quarantine anything found.  You will find the infection details under the Quarantine tab.
·   The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
·   Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts -- Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.

[scoobertina]

I'm sorry, I fell asleep at the wheel..

on avast:
the full scan reported no infections but did say that some files could not be scanned.. I didn't get that the first time I did the full scan..

MBAM:
I ran the scan but now I can't click on the quarantine tab.. I have 11 infections

[Pondus]

I ran the scan but now I can't click on the quarantine tab.. I have 11 infections

You mean the " Remove Selected " button in lower left corner ?

[scoobertina]

yeah, that remove selected wouldn't allow me to click it..