Hello, as you suggested, here is my report I hope you can help me. 2016-04-16T16:36:35+00:00

Home Forums Virus, Trojan, Spyware, and Malware Removal Logs Hello, as you suggested, here is my report I hope you can help me.

  • Author
    Posts
  • SheilaPortes
    Participant
    Post count: 1
    #1665 |

    Well, it turns out that it is this virus, System Volume Information and Recycler in my computer and my removable disk and it is creating shortcuts of many important folders and hiding the originals. Really, I hope that you can help me with this since I have tried other tutorials and has not served me.
    ############################## | UsbFix V 8.220 | [Clean]

    User: Windows-7 (Administrator) # WINDOWS-7-PC
    Updated 15/04/2016 by SOSVirus
    Started at 12:34:22 | 16/04/2016

    Website : https://www.usb-antivirus.com/
    Tutorial : https://www.usb-antivirus.com/tutorial/
    Support : http://www.sosvirus.org/
    Live detection : http://www.sosmalware.com/usbfix/
    Contact : https://www.usb-antivirus.com/contact/

    ################## | System information |

    MB: Dell Inc. (0PU052)
    CPU: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
    GC: Intel(R) Q35 Express Chipset Family (Microsoft Corporation – WDDM 1.0)
    RAM -> [Total : 981 Mo | Free : 226 Mo]
    Bios: Dell Inc.
    Boot: Normal boot

    OS: Microsoft™ Windows 10 Pro (6.3.10586 32-Bit)
    WB: Internet Explorer : 11.00.10586.0
    WB: Microsoft Edge : 11.00.10586.218 (th2_release.160401-1800)
    WB: Google Chrome : 49.0.2623.112

    ################## | Security Information |

    AV: Windows Defender [(!) Disabled |Updated]
    AS: Windows Defender [(!) Disabled |Updated]
    FW: Windows Firewall [Enabled]
    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Fixed disk # 149 Gb (86 Gb free – 58%) [] # NTFS
    E: -> Removable disk # 2 Gb (2 Gb free – 100%) [SHEILA] # FAT32

    ################## | Generic Research |

    (!) Temporary files deleted. (0.36109733581543 MB)

    ################## | Startup |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [OneDrive] “C:UsersWindows-7AppDataLocalMicrosoftOneDriveOneDrive.exe” /background
    04 – HKLM..Run : [BCSSync] “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – HKUS-1-5-19..Run : [OneDriveSetup] C:WindowsSystem32OneDriveSetup.exe /thfirstsetup
    04 – HKUS-1-5-20..Run : [OneDriveSetup] C:WindowsSystem32OneDriveSetup.exe /thfirstsetup
    04 – HKUS-1-5-21-3876282736-723518055-450509568-1000..Run : [OneDrive] “C:UsersWindows-7AppDataLocalMicrosoftOneDriveOneDrive.exe” /background

    ################## | UsbFix – Information |

    Info : How to remove shortcut virus on flash disk (Video)
    Info : Shortcut virus on flash disk, What is it ?
    Live detection : http://www.sosmalware.com/usbfix/

    ################## | C: %SystemDrive% – Fixed drive (NTFS) |

    [10/06/2009 – 17:42:20 | A | 0 Ko] – C:config.sys
    [16/04/2016 – 11:49:01 | ASH | 753104 Ko] – C:hiberfil.sys
    [16/04/2016 – 11:49:04 | ASH | 1835008 Ko] – C:pagefile.sys
    [16/04/2016 – 11:49:04 | ASH | 262144 Ko] – C:swapfile.sys
    [20/03/2016 – 00:55:44 | D] – C:Windows.old
    [13/04/2016 – 10:07:26 | D] – C:Config.Msi
    [16/04/2016 – 01:28:35 | SHD] – C:$RECYCLE.BIN
    [10/06/2009 – 17:42:20 | A | 0 Ko] – C:autoexec.bat
    [17/12/2015 – 09:53:36 | D] – C:$Windows.~WS
    [19/03/2016 – 20:33:00 | D] – C:$WINDOWS.~BT
    [14/07/2009 – 00:53:55 | SHD] – C:Documents and Settings
    [15/06/2013 – 08:45:57 | RHD] – C:MSOCache
    [15/06/2013 – 09:00:08 | D] – C:Autodesk
    [13/05/2014 – 22:04:43 | D] – C:a6675c0e5a9eb5072dfe2
    [09/07/2014 – 10:27:48 | D] – C:ee94a69f973a71da08abf492ebe39
    [30/10/2015 – 01:45:01 | N | 0 Ko] – C:BOOTNXT
    [30/10/2015 – 01:48:44 | D] – C:PerfLogs
    [09/12/2015 – 01:08:30 | D] – C:c08d17b3390e8700db
    [19/03/2016 – 21:04:41 | RD] – C:Program Files
    [19/03/2016 – 21:18:18 | SHD] – C:Recovery
    [19/03/2016 – 21:31:12 | HD] – C:ProgramData
    [20/03/2016 – 00:53:47 | D] – C:inetpub
    [22/03/2016 – 21:38:34 | D] – C:Windows
    [29/03/2016 – 21:35:14 | RD] – C:Users
    [07/04/2016 – 02:57:22 | D] – C:aceaa484c8cf66589d6b6c9ee1
    [16/04/2016 – 12:34:02 | D] – C:UsbFix

    ################## | E: – Removable drive (FAT32) |

    ################## | Vaccin |

    C:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

    Analysed in 19.06 seconds

    ################## | E.O.F | https://www.sosvirus.net/ | https://www.usb-antivirus.com/ |

  • Anonymous
    Post count: 0

    Hi ,

    Welcome on SOSVirus :)

    Your report is OK .

    Please, follow this tutorial :

    • Download Malwarebytes Anti-Malware (MBAM), save it to your Desktop.
    • Install Malwarebytes Anti-Malware, follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
    • When MBAM opens it will says Your database is out of date. Choose Fix Now.
    • Click on the Settings tab at the top of the window, click on Detection and Protection at the top of the windows, checkmarck Scan for rootkits.
    • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
    • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).

      Please be patient as the scan will take some time.

    • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.

      If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
      Click OK to either and let MBAM proceed with the disinfection process.
      If asked to restart the computer, please do so immediately.

    • After the reboot, launch MBAM, click on the History tab, choose Application Logs.
    • Click the most recent Scan Log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
    • To finish, copy and past your report on your next message.
  • You must be logged in to reply to this topic.