Hi. Recently, and I mean, in the latest two days I’ve been getting Avast pop-ups (yes, I use both Avast and Malwarebytes), about a malware named wVx4rt.exe. Apparently, this virus is called, every time, from wscript.exe as if it was the one creating it. Now, I can’t really understand where this virus comes from. I tried a scan with Malwarebytes but it found nothing, even if some days ago I did one and I had like 5 malwares but it was before any of this happened. I’m somewhat scared since it appears to be a remote control virus.
I’ve attached a few pictures here so that you can see. By the way, --nessun virus-- means --no virus–, but this happened after I scanned them afterwards.
Apologies for not including them earlier. I admit I somewhat panicked and hurried. Although, today I sat down and should hopefully possess all the logs needed. I’m not sure whether this will show the virus or not, since whenever I start up, Avast immediately detects wscript’s actions and blocks wVx4rt, deleting it shortly after.
For some reason, it seems positive, although 2 minutes later I’ve received the same warning from Avast.
I’ve removed Adobe, which was the most recent; plus, Avast did warn me about its crack patch being a virus, and it’s also the one I mostly suspect of, as this virus came out at the time I installed this. And, a few others which were pretty much the only illegal software I had. Yet, it didn’t really give too much of a result.
P.S: A few days ago, I used Malwarebytes for a simple scan and I’ve found a virus related to InstallShield. Which is also what this virus’ product is: InstallShield Update Service Scheduler. I’m not sure whether this is relevant or not, but right now, Malwarebytes doesn’t find me any other virus. Probably because Avast immediately deletes it, yet it appears again as I start up my computer.
Very well then, I’ll be waiting for further instructions from someone who’s knowledgeable with how to deal with this. I can only hope it’ll be soon enough. I can’t say I’m way too comfortable with this thing in my computer.
Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):
Fraps (remove only)
To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.
Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.
First off, thank you very much as I followed your instructions and the moment my Computer started up I received no warning, and most especially neither wscript nor wvx4rt.exe were running! My system seems to be working just fine.
Again, thank you. This virus had been annoying me a lot lately.
Alright then; let’s clear the tool and get a clean start point for you set up …
Clean up of Malware Removal Tools
Now that we are through using these tools, let’s clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.
[]Download Delfix from here to your desktop and double click it to start the program
[*]Ensure Remove disinfection tools is ticked Also tick:
[]Create registry backup
[*]Purge system restore
[*]Click Run
[*]The program will run for a few moments and then notepad will open with a log. Note: Please save this log first before rebooting your system (if asked to); DelFix does not save the log as it is trying to remove all traces of our work on your system. Please attach the log in your next reply.
You can delete any log files left on your desktop as these are no longer needed.
Everything should be fine now. I ran the program and made sure that; remove disinfection tools, create registry backup and purge system restore were ticked. I didn’t tick Activate UAC and Reset System Settings since they’re not listed in your post, so please tell me if I had to. Here is the log.