0

What is VBS Malware Gen?

Posted by Arch on July 13, 2019
VBS Malware-Gen

Computer security is undoubtedly getting more advanced with each passing day, but so are computer viruses. One of the currently most problematic is the VBS:Malware-Gen, a Trojan made as a Visual Basic Script file that comes archived in a zip file.

It’s quite dangerous as it’s easy for users to download it from a spam email or a suspicious website, and then it’s easy for it to steal your data. Before we get into ways of deleting it, some additional info might be in check.

About This Trojan

Although it might seem harmless in some cases, this virus’ main goal is to snatch your personal data and sell it to third parties. Make sure to watch out for an Autorun.inf file. This usually harmless file that’s located in USB flash drives, helping them start an Autorun program (if it’s set), can also be a sign that your computer is infected with this Trojan. That’s because the VBS:Malware-Gen often masks itself as the mentioned file.

It’s been reported that the virus is even able to overheat your CPU and disable your antivirus software and internet connection. In case of the latter, you need to be ready to try and take it down without online support. Luckily, there are ways to deal with that as well.

Facing the Threat

First of all, if you already have your antivirus or antimalware software installed, you’re most likely safe, as these can detect the threat and quarantine it before it starts wreaking havoc on your computer. However, you might be in trouble if you don’t, or if it somehow manages to disable your antivirus software before it gets discovered and quarantined.

Use (Another) Antivirus Software

The first course of action is installing an antivirus. If you already have one, consider installing antimalware software. Malwarebytes is among the most popular available options. Most of these are free to use with trial versions that give you additional benefits before they run out. If the antivirus didn’t detect the threat, yet you have your own suspicions, make sure it’s updated to the latest version and run a system scan as quickly as possible.

Go Into Safe Mode

Each Windows operating system allows you to boot into Safe Mode, which is a mode that starts Windows up with just the most important programs and drivers. Booting it into Safe Mode with Networking is often used to search for problems on your computer, and can also be used to scan your computer for viruses.

Note that the method differs between newer and older versions of Windows. Here’s how to do this in Windows 8/8.1 and Windows 10:

  1. You’ll need to restart your computer right away, so make sure you’ve saved your data beforehand.
  2. Open up the Start menu (if you’re on Windows 10). Click on the “Restart” button while also pressing and holding down the “Shift” key.
  3. If done correctly, “Troubleshooting Options” will appear.
  4. Select “Troubleshoot.”
  5. After this, go to “Advanced Options.”
  6. Choose “Startup Settings,” then click “Restart.”
  7. As Windows restarts, the system will show you a list of various options. Select the one you want to by pressing the number next to it. In other words, see where “Safe Mode with Networking” is and press that number.
  8. The system will then take you to the Safe Mode. All you then need to do is run a scan and see if the antivirus software manages to find a threat.

On Windows XP, Vista and 7, the process might be more similar to this:

  1. Restart your computer.
  2. Wait for a few seconds And just before it starts booting, press F8 on the keyboard. It’s best that you press it multiple times to make sure that the “Advanced Options” menu will appear. You can stop pressing the button when it does.
  3. Choose “Safe Mode with Networking.”
  4. While your computer is in Safe Mode, run the antivirus and start a system scan.
    safe mode

Reset Your Web Browser

Chances are that VBS Malware-Gen may have installed a web extension for your browser that collects data or slows down your computer. You can reset your web browser to solve this issue. Each of them has its own way of resetting. Here’s how to restore settings in Google Chrome:

  1. Click on the three dots in the top-right corner and choose “Settings.” You can also do this by copying “chrome://settings/” into the Address bar.
  2. Scroll to the bottom of the Settings page and click on the “Advanced” button.
  3. Scroll all the way down again and click on “Restore settings to their original defaults” or “Clean up computer.” In case you want to the former, confirm your decision.
    Chrome Restore settings

To restore the settings in Firefox:

  1. Click the “Help” menu and choose “Troubleshooting Information.” Another way of doing this is to copy “about:support” into your Address bar.
  2. At the top-right corner of “Troubleshooting Information,” click on “Restart with Add-ons Disabled…” to enter Firefox in Safe Mode, or simply click on the “Refresh Firefox…” button to revert the settings to their defaults.
    Firefox Troubleshooting

Check Your Web Browser Shortcuts

If you’re using Desktop or Taskbar shortcuts to access your web browser of choice, make sure they’re not modified. To do this, enter their properties by right-clicking on the shortcut and selecting “Properties.”

You should go to the Shortcut tab. Make sure that the path to the browser, called the “Target” here, is not changed in any way. It should have nothing outside of the quotation marks, and nothing besides the program path inside of them.
Shortcut Properties

Staying Safe

Although it might not be as scary as some more serious viruses, don’t forget that this one wants to take your personal information. To avoid this Trojan, just be careful with the sites you visit and the mail you open. If none of the offered solutions work, consider completely reinstalling Windows.

Did any of these tips help you defeat the VBS:Malware-Gen? Are there any other methods you would mention for fighting trojans and malware? Help others stay safe by leaving a comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *


Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.