A few days ago while i was giving my computer a full virus scan, avast found a virus called LNK:Reveton-F [Trj] and quarantined it. It had infected Trace1.fx, which after a while of web surfing i discovered is part of the windows boot process. I do not know how i got that virus, while i had been downloading some things that day, i was on a encrypted website. My questions are: what is this virus, how did i get it, and what do i do now, i don’t want to delete the fie since it’s part of windows.
avast found a [b]virus[/b] called LNK:Reveton-F [Trj] and quarantined it.Not a virus, but a trojan LNK:Reveton-F [Trj] = Trojan LNK = Shortcut
This is part of reveton ransomware https://en.wikipedia.org/wiki/Ransomware
If you want help, follow instructions >> https://forum.avast.com/index.php?topic=194892.0
what’s confusing is that I have not experienced any symptoms yet, no shortcut has been created on my desktop (which is a symptom of this particular Trojan according to Microsoft) and nothing has been encrypted. So do I need to countine taking safety measures or am I safe?
Provide your logs, else we could only guess.
I don’t know how to export scan logs on Avast. so the most i can offer is the name of the virus, what file it infected, and the original location.
Threat Name Infected File Original Location
LNK:Reveton-F [Trj] Trace1.fx C:/Windows/Prefetch/Readyboot
We do not want avast log, we want the the logs requested in the instructions
The two logs from FRST (step 2) are the important ones
as @Asyn said, with no logs it is all guesswork and your guess is as good as ours
Oh, my bad.
Here are the files
Malware expert @Sass Drake is notified, it may take hours before he is online
Okay, thank you for all the help Pondus.
I don’t see anything malicious in logs. Can you attach files from this folder:
C:\ProgramData\AVAST Software\Avast\report
Also, please attach MBAM scan log if possible.
Sass Drake, i don’t know how to retrieve MBAM scan logs, however i can attach the files from the requested folder. Also, i found this virus through a scan and by the names of the text files you requested, i believe that this is a log for the shields and not the actual scan.
Other file
Edit: I deleted MBAM after i used it because i was told that it was unimportant compared to the other two text files. Also, it had not found a malicious file, it only found a few PUPs which i deleted.
It had infected Trace1.fx
Can you make screenshot of this?
I’m sorry for taking a while to respond, i was out of town and was unable to access my laptop. But i deleted the infected file because i got tired of it just laying around in my virus chest. I did not think it would be that important, also avast does not give much information on a infected file. It just gives the threat name,original location, and file name, which i posted here, so you can still get a bit of information. Also, i’m confident it was either a false positive or avast completely removed the Trojan. I have done many scans and i even made a scan more in depth and more sensitive than the full virus scan and still nothing. So i’m sure the threat is gone. But thanks for all your help Sass Drake.
FRST logs doesn’t show signs of infection.
Rename FRST to uninstall and run it. FRST should remove itself and files it created.
Nothing happened… do i replace .txt with anything?
Yu need to rename FRST.exe to uninstall.exe.
Okay, i did that. FRST is now gone from my computer.
That’s it.