Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash drive infected


  • Please log in to reply
12 replies to this topic

#1 hslee5

hslee5

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 10 May 2013 - 09:47 PM

Hi all,

 

I think my flash drive infected with some kind of severe virus.

 

My flash drive show used about 7.7GB but when click inside the folder was empty...

pendrive1.jpg

 

pendrive2.jpg

 

Please, anyone can help me? the flash drive was borrow from a friend, i hope can restore back the files....

 

Thank you.

 

Regards

Lee

 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 10 May 2013 - 10:11 PM

The symptoms you describe are indicative of a side effect from some rogue security programs which changes file attributes to "hidden", making them appear invisible so the user thinks their files have been deleted.

Please download unhide.exe by Grinler and save it to your Desktop. You can read more about the tool and what it does in this introductory topic.
  • Double-click on unhide.exe to run the tool.
  • After running it, all files will have the "hidden" attribute removed. This includes files that are normally hidden by the operating system and any files you may have intentionally hidden.
  • If Quick Launch and the Start Menu were deleted, unhide.exe will attempt to restore them back to their proper location.
If you have not performed any security scans, do this:

Perform a full system scan with your anti-virus and be sure to allow it to scan your flash drive.

Then download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A.4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After the scan, make sure that everything is checked and then click the Remove Selected button to remove all the listed malware.
  • When done, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner. Users who have previously completed the trial will not be prompted to start the trial upon upgrade or reinstallation.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 hslee5

hslee5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 11 May 2013 - 05:05 AM

Hi,

 

I've done the scaning.

 

The "unhide" log is as below:

 

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
  http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 05/11/2013 12:16:07 PM
Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 235617 files processed.

Processing the D:\ drive
Finished processing the D:\ drive. 20092 files processed.

Processing the F:\ drive
Finished processing the F:\ drive. 4000 files processed.

The C:\Users\HSLEE\AppData\Local\Temp\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.
 - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
 - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
No registry changes detected.

Program finished at: 05/11/2013 12:17:22 PM
Execution time: 0 hours(s), 1 minute(s), and 14 seconds(s)

 

and Malwarebyte log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.11.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
HSLEE :: HSLEE-PC [administrator]

11/5/2013 12:17:45 PM
MBAM-log-2013-05-11 (17-49-58).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 441325
Time elapsed: 37 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funshion (PUP.Funshion) -> No action taken.
HKCR\fsp (PUP.Funshion) -> No action taken.
HKCR\Funshion Task (PUP.Funshion) -> No action taken.
HKCR\thunder (Trojan.Agent) -> No action taken.
HKCR\CLSID\{18689D3E-CF06-482F-AEB1-0880F859F0AA} (PUP.Funshion) -> No action taken.
HKCR\TypeLib\{5165BFF4-4E35-446F-B00E-EA4185B64F76} (PUP.Funshion) -> No action taken.
HKCR\Interface\{332C1DFF-B83D-40E3-968F-F85E20BF0CFB} (PUP.Funshion) -> No action taken.
HKCR\Fun.OnlineInstallCtrl.1 (PUP.Funshion) -> No action taken.
HKCR\Fun.OnlineInstallCtrl (PUP.Funshion) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 22
C:\Program Files (x86)\Funshion Online (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\icon (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1 (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\Baiduflash (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\Baiduflash\subflash (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\Cacheflash (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flash (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashStamp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\playhome (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\historyTorrent (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\ini (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\screensave (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\Seed (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\serv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\Shortcut (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update (PUP.Funshion) -> No action taken.

Files Detected: 274
C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\funshionplugin2.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionService.exe (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionUpgrade.exe (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\LangResEnAmerican.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\Uninstall.exe (PUP.Funshion) -> No action taken.
D:\KwDownload\Temp\3900E478314AF606.exe (Adware.Ebiz.K) -> No action taken.
D:\KwDownload\Temp\9AC0596D90804BA4.exe (Trojan.StartPage) -> No action taken.
C:\Windows\System32\funshion.ini (PUP.Funshion) -> No action taken.
C:\Windows\SysWOW64\funshion.ini (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\FunShion.ini (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\agentd.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\atrc.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\cook.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\CoreAAC.ax (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\coreavc.ax (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\CrashReport.exe (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\drvc.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\dump.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\fptassrv.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\funoictl.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\Funshion-install.ico (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\FunShion.ini (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionDoctor.exe (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\FunshionGame2.ico (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\Funshop4.ico (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\gma.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\lsv.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\nicdescr.dat (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\pncrt.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\pndx5032.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\pos.ini (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\ptv.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\quality.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\rmoc3260.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\ttv.dll (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\风行.lnk (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\icon\MP4.ico (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\icon\RMVB.ico (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\AbnormalPopWndCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\AddListFile.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\AddMore.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\AdPackUpBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\AdTimer.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpCleanFile.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpClearDisk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpError.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpError_IE.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpPlayBarTip.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpPrompt.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpQuestion.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpTimerClose.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\bmpYellowQuestion.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Buffering.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\CaptionText.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\CaptionTextEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\CheckBox_Box.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\CheckBox_Check.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\checkSkin.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ClearFile.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\cycle.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Default.fskin (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\DelListFile.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\DiskWarnning.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\DownloadJsonClose.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Family.fskin (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\IErrorReshBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\IErrorWndBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgCleanFileBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgCloseMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgFullViewMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgMinViewMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgNonTopViewMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgNormalViewMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgStandardMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgStandardMiniEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgTopViewMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgVolCtrlBarThumb.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgVolCtrlBarThumbSel.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\imgVolCtrlBarThumbSel.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\list_expend.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\LogoMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\LogoMiniEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionBtnArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionBtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionBtnDownArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionBtnUpArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionSplidBarHead.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionSplidBarTrail.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionSplideBarBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionSplideBarThumb.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionText.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\OptionTextEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PauseAdCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PauseFlickerBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnFullView.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnNext.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnNextMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnNonTop.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnNormal.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPause.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPauseMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPlay.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPlayList.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPlayMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPre.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnPreMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnSimple.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnSimpleEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnStop.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnStopMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnTop.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnVolMute.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnVolume.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarBtnVolumeMini.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerBarOpenFile.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayerTipCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayInfoCurPlay.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayList.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayListEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayTrackBarThumb.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PlayTrackBarThumbSel.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Popular.fskin (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlCheckBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlCheckBtnCheck.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlCloseBtnAbnormal.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlIcon.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\PopUrlMiniBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\RadioBtnBox.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\RadioBtnPt.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\RpcLoading.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\RpcStartDlgBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Scroll.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarDownArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarDownArrowOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarUpArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarUpArrowOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerBkgndOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetBkgndOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetHead.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetHeadOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetMid.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetMidOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetTrail.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollBarVerWidgetTrailOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ScrollLinkBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\selected.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\ShowPlayInfoBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\small.zip (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\smallerror.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\smallerror.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\switchToLibrary.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\switchToPlayer.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskDelete.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskDownLoad.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskList.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskListEn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskListStatIcons.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskListStatSelIcon.png (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskManagerCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskManagerCloseTxtBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TaskPaused.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TextBtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TipTopArrow.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TopLeftCornor.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\TopRightCornor.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateBtmBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateBtmCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateBtmIgoreBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateBtmUpdateBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateCapBkgnd.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateCaption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateIconFail.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateIconInit.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\UpdateIconSuc.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\VolumeMute.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\VolumeNoMute.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\WebCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\WebCloseBtnRgn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\WndCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\BmpDetect.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpdetection.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpexception.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpNormal.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpOK.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpRepairedSuccess.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpRepairFailed.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\bmpRepairing.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\CaptionCloseBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\CaptionMinBtn.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\feedbackbtnbk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\forumhelpbtnbk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\funshionmark.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\gifChecking.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\gifRepairing.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\gifScanning.gif (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ignorebtnbk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\maindlgbk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ProblemHelpBtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\problemtabbk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ProgressBarBK.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ProgressBarFG.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\promptdlgBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\PromptDlgbtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\question.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\recheck.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\repairBtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ReRepairBtnBk.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarDownArrowOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarUpArrowOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarVerBkgndOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarVerWidgetBkgndOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarVerWidgetHeadOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarVerWidgetMidOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\ScrollBarVerWidgetTrailOption.bmp (PUP.Funshion) -> No action taken.
C:\Program Files (x86)\Funshion Online\Funshion\skin1\Tools_skin\test.bmp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\favorites.fav (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\install.ini (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\Cacheflash\blankFs.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\Cacheflash\donghuanew_18.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flash\DC996574_2866_7E4D_83BF_B1977BBD144B.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20121025100150-16620565.date1365428611.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20121116160715-8023715.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130201100406-11185805.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130201164259-19201471.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130220175514-12830591.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130225155352-15526368.date1362921276.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130226150217-10018781.date1365428611.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130227164305-6977412.date1363686921.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130301172801-4669038.date1362921276.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130306175136-6191721.date1363686921.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130307103254-14150367.date1364367199.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130311162226-15600100.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130312173716-9610743.date1364367199.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130314183056-14701843.date1364367199.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130318145916-18354135.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130320154958-11988375.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130321113036-264001.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130321135636-6794978.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130321150906-17176625.date1365428611.flv (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130322133313-5582206.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130322172040-3873839.date1365428611.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130329180210-11673237.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\20130407135155-5319331.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\flashNew\DFE6BA7B_A1EA_8EE0_E2AC_0887300C3EF2.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\cache\playhome\playHome.swf (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1356891113_1356891103_953222_macross_1356664047_255.dat (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1356891113_1356891103_953222_macross_1356664047_255.fsp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1356920565_1356920552_13286849_macross_1352859938_976.dat (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1356920565_1356920552_13286849_macross_1352859938_976.fsp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1362226985_1362226984_91463_31459691_1333597103_912.dat (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1362226985_1362226984_91463_31459691_1333597103_912.fsp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1364366977_1364366977_55014_macross_1340171926_851.dat (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\control\1364366977_1364366977_55014_macross_1340171926_851.fsp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\historyTorrent\国王的演讲-MP4.fsp (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\ini\httpfile.ini (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\Shortcut\FunShortcut.ini (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\AdLinkParamFile.fax (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\ad_define.fai (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\ad_define.fai.bak (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\ad_material.fax (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\dlpopwind.json (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\flashParam.txt (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\flashParam.txt.bak (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\hermes.json (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\localad.fax (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\minisite.json (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\popwind.json (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\updatexmlfile.txt (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\购物网站大全.lnk (PUP.Funshion) -> No action taken.
C:\Users\HSLEE\funshion\update\风行游戏.lnk (PUP.Funshion) -> No action taken.

(end)



The problem still the same...



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 11 May 2013 - 05:53 AM


Your Malwarebytes Anti-Malware log shows "No action taken". This usually occurs if you forget to click "Remove Selected" and instead just click "Save Logfile" or save the report before having Malwarebytes remove the threats. To confirm if everything was removed:
  • Rescan again (Quick Scan) in normal mode.
  • Don't forgot to check for database definition updates through the program's interface (preferable method) before scanning.
  • Make sure that everything detected is checked and then click the Remove Selected button.
  • Then click the Logs tab and copy/paste the contents of the new report in your next reply.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 11 May 2013 - 05:55 AM

Please download and scan with the Kaspersky Virus Removal Tool from one of the following links and save it to your desktop.Be sure to print out and read the instructions provided in:
  • Double-click the setup file (i.e. setup_11.0.0.1245x11_2012_18-23_13_03.exe) to install the utility.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • The required files will be exracted and installed...be patient as this will take a few minutes.
  • At the 'Welcome!' windows, check the box next to I accept the license agreement and click Start.
  • A new window will open with two tabs (Automatic Scan and Manual Disinfection) and two icons on the right.
  • For a more comprehensive (but longer) scan, click the icon which looks like a round gear, Click Scan Scope and place a check mark in the box next to Local Disk (C:).
    System memory, Hidden Startups and Disk boot sector boxes should already be checked by default.
  • Click on the 'Automatic Scan' tab, and click the green Start scanning button to begin.
  • The time to finish and percentage completed will show as the scan is in progress...Important! Do not use the computer during the scan.
  • If no threats are detect, exit the program.
  • If threats are detected, you will be prompted for action: Disinfect, Delete if disinfection failes.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • When finished, click the rectanular notepad icon > select Detected threats > click on to highlight and click the Save icon to save the results as a text file...name it avptool.txt).
  • Copy and paste the report results of avptool.txt with any threats detected in your next reply.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool.
  • -- If the above does not work, try a manual scan. If you cannot run this tool in normal mode, then try using it in "safe mode".

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 hslee5

hslee5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 11 May 2013 - 05:55 AM

The printscreen shown when scanning with Malwarebytes:

pendrive3.jpg

 

The directory is quite weird.... F:\?\MSJ....



#7 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:45 AM

Posted 13 May 2013 - 03:14 AM

Download MCShield via following link --> http://mcshield.net/downloads.html

Install it, now plug in USB, and wait until MCShield scan it. When it finish, press Start --> Run and type following
%AllUsersProfile%\MCShield\AllScans.txt
Then press OK.
 
Copy here content of that file.

Edited by TwinHeadedEagle, 13 May 2013 - 03:14 AM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 13 May 2013 - 10:31 AM

hslee5...did you rerun Malwarebytes and perform a scan with Kaspersky Virus Removal Tool yet?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 hslee5

hslee5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 18 May 2013 - 09:45 AM

Sorry for late reply.... i perform the scan already. 1st time with Kaspersky Virus Removal Tool, 3 threats found, but hang at 13%. 2nd time and 3rd time, zero threat found.



#10 hslee5

hslee5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 18 May 2013 - 09:46 AM

I also try manual scan in safe mode, zero threat found too...



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 18 May 2013 - 05:58 PM

WIthout seeing the results, I have no idea what Kaspersky found and removed or of it helped with your issue. What is the status of your flash drive now?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 hslee5

hslee5
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 May 2013 - 09:50 AM

Juz now send to my cousin... he already help me to solve it... dunno how he solve.... just use around 10 minutes... BTW... thanks for all the help.... quietman7

 

 and TwinHeadedEagle comments.... tqvm....



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:45 PM

Posted 19 May 2013 - 06:02 PM


You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users