My sister was doing her projects with her friends in school today. When she inserted her Cruzer Micro (2GB) thumbdrive into her friend’s laptop, their anti-virus immediately detected some virus in the thumbdrive. Worried that her laptop, a HP EliteBook 9470m running on Windows 8, might get a virus, she told me to help her scan her laptop.
Initially, her laptop was only protected by Windows Defender. As I needed to scan her laptop, I decided to install avast! Free to do so.
After about 25min of scanning, avast! concluded that there was a threat found. I looked at the details and realised that, besides some files with ‘Error: The system cannot find the path specified (3)’, this is what I saw.
File Name: C:\MSI\TrustedInstaller.exe
Severity: High
Status: Threat: Win32:Dropper-gen [Drp]
I have checked online for information and solutions but they always told me to install other softwares to get rid of it. Also, they also warned us not to delete the file away; if the infected file was an essential Windows file, I will never be able to boot up again.
Can anyone help me? I’m not a professional when it comes to removing viruses from computers so I’ll really appreciate if anyone can help me. Also, will the virus infect other thumbdrives or removable media?
Have you taken any action on the detected file?..like moved to chest
If not you can upload and test the file at www.virustotal.com first…post link to scan result here
Recomended program to install on all computers
MCShield usb protector www.mcshield.net
This does not replace antivirus, so you need that also
HP computers usully come with a preinstalled 90 day norton AV
This should be removed before installing avast
Also run removal tool for uninstalled AV to clear any leftover conflicting files
REmoval tools http://singularlabs.com/uninstallers/security-software/
Thanks for assisting me. I have not moved the file to the virus chest as of yet, since I have no idea whether it’ll affect the operation of the computer. Can I move it there first to prevent the virus from spreading?
Her laptop didn’t come with Norton, which is pretty surprising.
I’ll do a virus scan for the infected file in the next few days (I’m busy tomorrow and on Friday so I have no time to touch my sister’s laptop).
the point is to upload and confirm that it is infected before you move it to chest....as it is a bit more tricky to do it after
uploading and testing a file at virustotal take less then 5 minutes
Her laptop didn't come with Norton, which is pretty surprising.
may be bc it is a HP Elitebook.... these are usually sold to firms that have/install there own AV protection
That is not the correct location for trusted installer on windows 8 and is highly likely to be malware
First clean the SD card
Download McShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives
[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
Yes, as long as you keep it in the virus chest (indefinitely if you want) Do install MCShield to block any infections of this sort in the future. It does automatically update every couple of days or so via internet when connected, and USB protection is free. Will also automatically scan an USB external drive if connected.