I’m about to go crazy
Avast is removing all my adobe software like photoshop, dreamweaver, etc…
And it put them all in my virus chest
So i disabled avast right away after it moved about 150 files in the virus chest
Is this a joke?
Upload and test suspicious files at one of these places… post link to scan result(s) here
www.virustotal.com / www.metascan-online.com / www.jotti.org
If you think detection is wrong, you can use one of these options and report it
You can upload files and report issues to avast here : http://www.avast.com/contact-form.php (select subject according to Your case)
You can use mail
send to virus@avast.com in a password protected zip file
mail subject: False Positive / undetected sample (select subject according to your case)
zip password: infected
or you can send files from avast chest
how to use the chest. http://www.avast.com/faq.php?article=AVKB21
It doesn’t happen like this before
probably the latest virus definition detect these as malware
I guess i have remove all adobe software
cuz its removing every single files from them 
what malwarename does avast give these files?
Don’t remember
I just cleared my virus chest
This is one of the file i did the scan earlier
Its the 4th file in that virus chest picture
I think all of them are Win32:RmnDrp
49/54 sure does not look like a false Positive and Ramnit is a file infector
Microsoft info
Virus:Win32/Ramnit.J is a detection for a virus that infects Windows executable files and HTML files and attempts to allow backdoor access to the infected computer.http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Virus%3aWin32%2fRamnit.J#tab=2
follow instructions here and attach (not copy and paste) Malwarebytes and OTL logs https://forum.avast.com/index.php?topic=53253.0
malware expert are notified but may not be back online before tomorrow
be aware that with file infectors the result may be a format/reinstall :-\
I will just remove all adobe software
EDIT: Actually this is getting crazy. It starting to detect all the programs have RmnDrp
seems the file infector is spreading …
Not delete
i mean detect all my files have RmnDrp and put them all in the chest
EDIT: This thingy just popup. I upload in the attachment. IDriverT.exe RmnDrp
Follow Pondus advice in reply # 7. Be advice. The more you open files and programs the more the infector spread. Just run the recomended program and post the logs and wait for an answer from one of our specialists.
Good luck.
I found the answer
It spreading thru online
and here 1 of the proof: http://omgili.com/thread/jHIAmI4hxg.AlpNcxgBTqSsWr0qhUt2s6xQ4AmiPgrPQ.9hTMvIVVlIq4gjNX5pwX4ej_GVEFgLAC8GIW6soPw--/
EDIT: Malwarebytes logs in the attachment
and OTL log ?
I removed the virus completely
thank for the help tho
I recomend you attach it so a malware expert can take a look at OTL diagnostic log
I wish i can do that
but im completely removed them all
So i don’t think OTL can scan them anymore o.o
Basically they attach some binary into every single files
Use hex editor and compare with the original file that isn’t infected. Then you will see a pattern that the original uninfected file don’t have it. So I just removed that line then no virus.
The virus have another ability to flood the RAM slowly on startup and I use CCleaner and adwcleaner to remove that in registry.
Ok, before you continue, TURN OFF your computer! I have some experience with file infectors of my own (research accident with Virut) and if you’ll continue to run your PC, just more stuff will get infected. So, turn it off immediately!
Next, get an external HDD enclosure or another computer. Attach your current (Infected) disk into new computer as secondary disk or use the external disk enclosure to attach it as well, external drive. This will ensure nothing will continue to get infected, because the infected system won’t be starting. JUST REMEMBER NOT TO RUN ANYTHING FROM INFECTED DISK! And then scan it on-demand with avast! and then just to be sure maybe with DrWeb CureIt which is free and known to handle file infectors rather well. And at the end also Hitman Pro and Malwarebytes check, because you’re never too sure with file infectors.
And even this might not be 100% to get rid of the issue as the system might become unbootable. I mean, if antiviruses remove explorer.exe or other critical components, the system won’t work. I suggest that after the cleaning, you re-install Windows by doing a repair install. This will reinstall windows but keep everything else you had installed on the disk, so you won’t have to re-install all the apps and stuff. Though with file infectors i’d recommend doing it clean from zero, just to be sure.
So i don't think OTL can scan them anymore o.oOTL is a diagnostic program, malware expert will from this log see anything that is wrong or leftover files that need removal ..... it is highly recomended to do it
I am afraid I have bad news. You have been infected by a family of Polymorphic File Infector malware. It targets all your .exe, .dll, .HTML file and opens backdoor to your PC. It also has a tendency to jump from partitions to partitions and soon infect your system files. Due to it’s nature only way to perfectly remove it is to format the Hard-Disk and perform a re-installation of the Operating System(OS).
Please backup your non-executable files such as pictures, Text files et cetera and perform the R/R.