How to Remove Vbs:malware.gen Virus from the System

Have you ever experienced similar situation like this: Your antivirus product blocks some normal website from opening and reports that there is a virus named VBS:Malware-gen detected on your PC. Some users say that they received such threat alert even when they open Chrome browser or visit Amazon page. The discussions about this virus are mostly started by the users of Avast and AVG antivirus. If you also have troubles with this annoying virus, don’t be eager to delete or quarantine the suspicious files first. It is important for you to carefully the information below.

VBS:Malware-gen found on your computer? It could be a false positive issue actually. You should use another computer security product which has been improved with the latest virus database and advanced scanning technique, so that you can be more sure of that you will not delete the wrong files that may be a critical part of your system files.


What Is Vbs:malware.gen?

A lot of computer users have being scared and worried over the warning about VBS:Malware-gen threat. This infamous virus is exactly defined as a computer worm by cyber security specialists. To be more precisely, it is a malicious visual basic script file (VBScript) that can hide itself without being noticed. It is difficult to remove this type of computer virus as it works based on the configuration of the code. Once being executed, it usually drops copies of itself in %User Temp% and %User Startup% using deceptive file name to make it seem like a vital system file that should never be deleted or modified manually. And then it will receive and execute commands from a remote server to attack the compromised PC.

warning of VBS Malware-gen

Sometimes a dangerous computer virus like Vbs:malware.gen would cause havoc on your system and it can be more serious than some malware does. It is able to add malicious Windows registry entries in order to execute the virulent script each time the computer boots.

Most of the infected computers are running with Windows Operating System, but there are also reports from the users of Mac version. This case often happens to users who install Avast! Antivirus on their computers and some users reported that AVG also encountered this problem. Perhaps these two security software share the definitions or updates of viruses, so don’t be panic if you are using either of the antivirus programs as it is probably a false alarm.

amazon threat

However, this can be a serious issue in some situations. Even the Microsoft Outlook, which is one of the most traditional applications widely used over the world, can be used by cyber criminals to generate spam email messages with the rogue programs attached. These spam messages can be sent to all of your contacts in your email account and more computer users would become the victims.

Some malware infections invited by this worm rarely cause the infected computer to shut down suddenly. Commonly the virus pops up windows on the screen, open malware-hosted webpages in the default browser automatically, etc.

You think that’s all? There are always things that you don’t expect taking place. VB scripting can not only be used for scripts attached with a malicious email, but it can be also found on other Microsoft Office Suite applications and on most HTML-based websites, so that it will be executed as long as you visit the page containing the malicious script.

The general solutions for VBS:Malware-gen infection include effective file and behavioral detection, URL blocking and spam detection. You can use this anti-malware program to assist you to detect VBS:Malware-gen infection and remove the malicious files safely without causing irreversible damage on your computer system.


Removal Instructions for VBS:Malware-gen

1. End Related Process Through Task Manager

If you think your PC may have been infected with VBS virus, open your task manager (Press CTRL+ALT+DEL) and find “wscript.exe”.

Windows 7

Open Task Manager by right-clicking the Taskbar, and then clicking Start Task Manager.

Start Task Manager

The evil infection may run on your computer by mimicking the names of other normal system processes. Fortunately, the process of VBS:Malware-gen can be found under the Process.

Siviewer process

End the process by right clicking on it.

End process

Windows 8/8.1

On the Start Screen on Search, type “task” and select Task Manager (Which is supposed to show up on the top of apps list) then hit enter.


Search for any suspicious process related to the browser hijacker and click on End task.


Windows 10

Press Ctrl+Shift+Esc together to open Task Manager.

Select the process with the name contains wscript and choose End task.


2. Conduct A Full System Restore

If some of your data got corrupt by this VBS:Malware-gen worm virus, you can utilize tools like Data Recovery, MiniTool Power Data Recovery Free to recover the corrupted file safely, but this seems not much helpful as you wish by the current evidence we have. If you create the restore point on a regular base or happen to have the restore point , you can choose to restore the system from the latest system restore point. However, this method can only be done when your restore point remains intact. This option will take your PC back to an earlier point in time without affecting your files but it will delete the programs, updates and drivers that are appeared on your PC later than the restore point.

Windows 7

Step 1 Log in your computer as the administrator. Step 2 Open Control Panel from Start menu. control panel windows7 Step3 Click System and Security and click on Restore your computer to an earlier time. system and security windows7 Restore your computer to an earlier time Step 4 Press Open System Restore button. Open system restore windows 7 Step 5 Click on the Next > and you will see a list of the restore point that you have created before. Choose the latest one that before your computer system got infected with the ransomware and then click on Next >. choose restore point windows 7 Step 6 Confirm your restore point and click on Finish. Finish windows7 Step 7 Click Yes to confirm your operations and start to restore the system. Yes windows7 Step 8 The restore is in process. restore begins windows 7 Step 9 You will see the message during the restore process. The time it takes to complete the whole process is uncertain as it depends on the system condition. You PC will automatically restart when restore finishes. restore message

Windows 8

Step 1 Move your cursor on the screen’s right edge, and then click Search. Step 2 Enter Control Panel in the search box, and click Control Panel. control panel windows 7 Step 3 Enter Recovery in the Control Panel search box, and then tap or click Recovery. Search-ControlPanel-Recovery type Step 4 Click Open System Restore. security_restore_click If you are asked for the administrator password, you should enter the password on the box. win8.sysrestore04 Step 5 Click Next > and you will see a list of available restore points that you can choose. You should select the most recent point before the ransomware appeared on the system and click on Next >. security_restore_choose Step 6 Select Finish and click on Yes to start the restore. select-yes Step 7 Now please wait until the restore process get finished. Don’t be surprised if you see your computer restart several times during the restore process.

Windows 10

Step 1 Right-click (or press and hold) the Start button, and then select Control Panel. Step 2 Search Control Panel for Recovery. Step 3 Select Recovery > Open System Restore > Next. open system restore-min_zps8mn3pvdj Step 4 Choose the restore point related to the problematic app, driver, or update, and then select Next > Finish. show creadted restore point finish Step 5 Click on Yes to make confirm for your actions. YES

The manual removal methods contain very technical and complex set of steps which are easy to get wrong. SpyHunter is a trustworthy program that can help you save time and effort while removing computer infection. Except for VBS:Malware-gen, it is able to detect other malicious items that lurk on your computer system.

Now download and run SpyHunter installer:


Install SpyHunter on your PC.

SpyHunter installation step 5

Wait for the automatic scan gets complete.

SpyHunter scanning

Click on Fix Threats to remove all found infections.

SpyHunter detect Siviewer

Restart the computer in the end.

In Summary

It would be a good habit for everyone to scan the VBScript file using an antivirus tool before run it on the computer. A modern advanced antivirus utility has the ability to detect malicious code inside most files and the presence of a previously unknown virus by catching a virus as it tries to infect another file or disk. Some threat creators sometimes indeed get paid by spammers or advertisers to deliver additional unwanted programs to your system which can easily bypass antivirus. Some clumsy antivirus software may label very generically some harmless programs and websites as VBS:Malware-gen and pop up the misleading warning constantly. Users can mess up their computers and stop the computer from working if they delete the wrong files or do anything wrong.

Choosing the right antivirus software to protect your system is an important decision for each computer user. Viruses and malware can infect your computer in various ways, but a good antivirus program will give you peace of mind that your computer and personal data are safe. If you have not make up your mind yet, here is one recommended for you:


Share Button

Share Button