Member Avatar for Seeker01375

Hello -

I was recently informed by our IT department that my work laptop had a Virantix Trojan on it. The IT work Ticket also referred to a virus name of Trojan.Fakeavalert. They successfully removed it / them.

How do I determine it's origin? What do I need to do to find out if it came from my home computer or one of my USB drives? And, of course, if I do find it how do I get rid of the sucker permanently?

I have Symantec's Internet Security program running in the background whenever my home computer is on, but the internet connection is a wireless network connection. The computer is only on when someone is actually using it - it does not stay on 24 /7.

Thank you for any education you can give me about this.

  • 3 Contributors
  • 2 Replies
  • 104 Views
  • 16 Hours Discussion Span
  • Latest Post Latest Post by jholland1964
Member Avatar for cohen

There are many ways to resolve this problem by getting viruses.

1. - Be careful what USB and other devices are inserted into your computer.
2. - Keep your virus software updated.
3. - Do regular virus scans.
4. - If a computer on the network has a virus, say a home network, do not connect to it, as it may transfer over the network.
5. - Be careful on what sites you visit, and other computer users visit.

There are many ways to stop things from happening, but to determine where the virus came from, takes a lot of time. It all depends on the computer activity.

Hopefully that helps.

Cohen

Member Avatar for jholland1964

What do I need to do to find out if it came from my home computer or one of my USB drives?

There are definitely some infections which can be transferred via USB drives. Now if you transferred files via email from the home computer or from the home computer via a USB device there is a good chance the home computer is infected, and if you used a USB device then it would also be infected.
I would check out both. Beginning with the home computer...
Of course scan with your onboard AV program, update it and then maybe consider running a scan in Safe Mode.
Remove all that is found.
Also in NORMAL mode, download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.

Now to check out the USB devices. Many of these infections are installed onto and from USB devices and CD's via AutoPlay. The minute the USB device is plugged in it begins to work...OR when a CD is inserted it begins to play automatically, you DON'T want this to happen.
These types of infections happen because they load an autorun.inf file.
You can hold down the Shift key when inserting the flash drive into your computer until Windows detects it to keep autorun.inf from executing automatically. Many are now recommending that users the Autorun feature feature on USB and removable drives as a method of prevention. This should keep the malicious file from automatically running upon insertion and infecting your system while allowing you to safely perform a scan.
You can then update MBA-M again, choose a Full System Scan and have it scan the Flash Drive for infection.
Save that log also.
Post them both back here, along with a Full System Scan log from HJT.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.