I have a virus that Avast couldn't detect - Help

Hello,

A guy sent me a virus, however Avast couldn’t detect that virus, but it was detected with 11 other anti viruses.

What I did is I opened the virus with right click and notepad++, I am really not sure if it is still possible that I could be infected.

Please help

Test the file at VT (https://www.virustotal.com) and post the link to the result here.

Hello,

Thanks for the prompt reply.

I tested already that’s how I knew it was detected by 11 anti virus, link is here:

https://www.virustotal.com/#/file/d13d92c64332bfa52843fe30bf6e45f6e0a4f55fcf15d3256a9f81f87aa2ba9b/detection

Thanks

You can report a suspicious/malicious sample (File/Website) here: https://www.avast.com/report-malicious-file.php

Ok Thanks, however I am scared to open any of my emails now, so I am afraid that the hacker can detect my passwords, so what to do?

Do I still have to report it and wait until they find a solution and make an update? Please help Asap, I need to work and I can not open any of my emails now.

Thanks

Attach your basic diagnostic logs. (MBAM and FRST)
Instructions: https://forum.avast.com/index.php?topic=194892

Thanks your help is appreciated.

Hi,

The scanned file is a RAR file. It is packed. Unless you’ve unpacked the file and run the VBS file, you’re safe.

Can you upload that RAR file to www.mediafire.com (or another file sharing website) so I can take a look at the source code? Alternatively, I’ll PM you my email address, just forward the email to it.

VBS files are usually 1 of 2 things. A prank file (contantly opening and closing your CD-ROM for example or something like a Forkbomb (recursively opening blank CMD’s until you run out of RAM). Or it spreads a USB infection that doesn’t (usually) do much harm.

Hi,

Yes I know it is packed, I unpacked it and I opened the VBS file with notepad++

But I knew it was a a virus after I opened the file, I sent you a private message, please check it.

Thanks for your help

For suspicious mail check you can use this. See info here >> https://forum.avast.com/index.php?topic=198166.0

TrendMicro detection name of your file: HEUR_RLOTRICK.B
File is using right to left (RTLO) extension spoofing

Please find logs attached.

Thanks

Log2 attached

Log3 attached

OK, now you’ve to wait for one of the malware experts…

“C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe”

Can you scan that file @ www.virustotal.com and post the results here?

Scan this file “C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe” or run it?

When I scanned it with avast it said great no issues found, could you please explain more?

Scan with virustotal.com :wink:

This is the result: https://www.virustotal.com/#/file/070b158ca4cd5ffb9a3e4b522cadac3759791baef6fcc206cf1dbdbafdead17d/detection

Anything else I shall do?

Anything else I shall do?
Malware expert will check your logs when online, this may take hours

Thanks for your help, much appreciated!