Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Every flash drive I put in my laptop just turned into a shortcut


  • This topic is locked This topic is locked
4 replies to this topic

#1 ran04

ran04

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:36 AM

Posted 10 October 2015 - 08:41 PM

I read one of the post with the same problem and I've tried to use usbfix, I have the report but I just can't understand if my laptop is cleaned or not, if anyone could help me with this report it will be very useful, thanks

 

############################## | UsbFix V 8.125 | [Clean]

User: pramesti (Administrator) # PRAMESTI-PC
Updated 09/10/2015 by SosVirus
Started at 12:52:14 | 10/10/2015

Website : http://www.en.usbfix.net/
Tutorial : http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/

################## | System information |

MB: Dell Inc. (0M516T)
CPU: Intel® Core™ i5-2410M CPU @ 2.30GHz
GC: Intel® HD Graphics Family
RAM -> [Total : 8099 Mo | Free : 5750 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Professional (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 45.0.2454.101
WB: Mozilla Firefox : 41.0.1

################## | Security Information |

AV: ESET NOD32 Antivirus 7.0 [Enabled |(!) Outdated]
AS: Windows Defender [(!) Disabled |Updated]
AS: ESET NOD32 Antivirus 7.0 [Enabled |(!) Outdated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 195 Gb (25 Gb free - 13%) [] # NTFS
D:\ -> Fixed disk # 270 Gb (48 Gb free - 18%) [DATA] # NTFS
F:\ -> Removable disk # 7 Gb (7 Gb free - 100%) [ROTI MANIS] # FAT32

################## | Generic Research |

Deleted! F:\ROTI MANIS (8GB).lnk
Deleted! F:\ \{260B7057-0A49-4652-9EC9-F5CF1567E813}.{005E292A-7110-4155-B5EC-31F13AB06120}
Deleted! C:\ProgramData\mskfx.exe
Deleted! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|1634271961
Deleted! [x64] HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IntelTBRunOnce
Restored! [D] F:\
Restored! F:\ \desktop.ini -> F:\desktop.ini
Restored! F:\ \IndexerVolumeGuid -> F:\IndexerVolumeGuid

(!) Temporary files deleted. (796.636633872986 MB)

################## | Startup |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [SpeedUp Apps Store] "C:\Program Files (x86)\SpeedUp\SpeedUpAppsStore\bin\ismagent.lnk"
04 - HKCU\..\Run : [{6957AA83-7847-47CF-A35A-CC854EC822BD}] C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\jlABmPhHrROl').GXJKEXxiZN)));
04 - HKLM\..\Run : [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Chicony_OSD] "C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 8\MMReminderService.exe
04 - HKLM\..\Run : [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
04 - [x64] HKLM\..\Run : [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Run : [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [AdobeBridge]
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [SpeedUp Apps Store] "C:\Program Files (x86)\SpeedUp\SpeedUpAppsStore\bin\ismagent.lnk"
04 - HKU\S-1-5-21-4070890762-718691062-3810399267-1000\..\Run : [{6957AA83-7847-47CF-A35A-CC854EC822BD}] C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\jlABmPhHrROl').GXJKEXxiZN)));
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04GS - AutoCAD Startup Accelerator.lnk : C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
04GS - Snagit 11.lnk : C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe

################## | UsbFix - Information |

Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/

################## | C:\ %SystemDrive% - Fixed drive (NTFS) |

[10/10/2015 - 12:31:30 | ASH | 6220156 Ko] - C:\hiberfil.sys
[10/10/2015 - 12:31:33 | ASH | 8293544 Ko] - C:\pagefile.sys
[02/06/2015 - 17:57:28 | N | 959 Ko] - C:\Membangun Jiwa Entrepreneurship Melalui Mata Kuliah PAI 2.pptx
[02/06/2015 - 18:22:06 | N | 3057 Ko] - C:\KULIAH 5 IMAN & TAKWA.ppt
[24/08/2014 - 20:15:10 | D] - C:\2011.12.18.First.Tour.Girls.Generation.2011.Blu-ray.1080p.x264.DTS.MySilu
[10/09/2013 - 00:05:39 | A | 1 Ko] - C:\freefallprotection.log
[15/12/2014 - 09:02:32 | D] - C:\Begin Again [www.official-soundtracks.com]
[20/10/2014 - 05:48:30 | SHD] - C:\$Recycle.Bin
[21/09/2015 - 21:11:38 | D] - C:\EAGLE-7.4.0
[19/08/2015 - 01:03:48 | D] - C:\$Windows.~BT
[14/07/2009 - 10:20:08 | D] - C:\PerfLogs
[14/07/2009 - 12:08:56 | SHD] - C:\Documents and Settings
[09/09/2013 - 22:53:38 | SHD] - C:\Recovery
[09/09/2013 - 22:53:41 | RD] - C:\Users
[10/09/2013 - 00:07:07 | D] - C:\Intel
[14/09/2013 - 01:44:51 | RHD] - C:\MSOCache
[09/08/2014 - 09:30:10 | D] - C:\[Smad-Cage]
[24/08/2014 - 20:00:10 | D] - C:\Foto Delis
[24/08/2014 - 20:03:54 | D] - C:\SNSD
[24/08/2014 - 20:07:28 | D] - C:\ToraDora
[24/08/2014 - 20:17:16 | D] - C:\Tamako Market
[24/08/2014 - 20:18:49 | RD] - C:\Kokoro Connect
[24/08/2014 - 20:21:17 | D] - C:\Love Live! S2
[24/08/2014 - 20:22:42 | D] - C:\Love Live!
[26/02/2015 - 17:06:15 | D] - C:\dell
[23/05/2015 - 21:45:23 | D] - C:\Shigatsu wa Kimi no Uso
[31/08/2015 - 14:32:54 | RD] - C:\Program Files
[23/09/2015 - 05:54:35 | D] - C:\Windows
[30/09/2015 - 07:53:50 | D] - C:\Emergency Couple
[30/09/2015 - 07:55:17 | D] - C:\Angel Beats
[03/10/2015 - 15:17:04 | RD] - C:\Program Files (x86)
[10/10/2015 - 12:27:48 | D] - C:\UsbFix
[10/10/2015 - 12:53:02 | HD] - C:\ProgramData

################## | D:\ - Fixed drive (NTFS) |

[16/09/2013 - 07:24:12 | A | 1582 Ko] - D:\Attachments_2013916.zip
[04/04/2015 - 10:27:03 | A | 99218 Ko] - D:\Ariana Grande - My Everything (iTunes Deluxe Version) (2014).zip
[28/09/2014 - 12:50:49 | A | 16 Ko] - D:\Ekotek.xlsx
[30/09/2014 - 10:26:05 | A | 34 Ko] - D:\Ekotek wulan 2 rapi.xlsx
[21/11/2014 - 21:01:37 | A | 34 Ko] - D:\Pengukuran Poligon_Kelompok 1_TMIP A2.xlsx
[30/11/2014 - 22:09:16 | A | 18 Ko] - D:\Copy of 1cabai rawit (Autosaved) (1).xlsx
[30/11/2014 - 23:17:14 | A | 12 Ko] - D:\strawberry ulang.xlsx
[11/11/2014 - 11:45:47 | A | 57 Ko] - D:\tipu tipu.xls
[10/10/2015 - 12:28:28 | A | 10 Ko] - D:\UsbFix [Listing 1] PRAMESTI-PC.txt
[26/09/2015 - 23:09:39 | N | 352771 Ko] - D:\Happiness - Holiday [1440x1080 h264 M-ON! HD].ts
[30/09/2013 - 20:57:18 | A | 3489 Ko] - D:\modul-8-kalorimeter pramesti.rtf
[07/10/2015 - 06:02:43 | A | 5537 Ko] - D:\1-Agus-Cengkeh.rtf
[06/11/2014 - 06:54:42 | A | 223 Ko] - D:\240110130053_Pramesti NRW_FIX.rar
[25/03/2014 - 07:38:46 | A | 2318 Ko] - D:\saint seiya.png
[25/03/2014 - 09:26:23 | A | 105757 Ko] - D:\Super Junior-M_SWING_Music Video (CHN ver.).mp4
[01/06/2014 - 15:46:48 | A | 610656 Ko] - D:\Running.Man.E197.140525.HDTV.H264.720p-LIMO from Kshowonline on Vimeo.mp4
[12/06/2014 - 06:41:42 | A | 14386 Ko] - D:\Ichiban no Takaramono ~Yui final ver.~.mp3
[12/06/2014 - 07:47:05 | A | 10760 Ko] - D:\My Soul, Your Beats!.mp3
[12/12/2014 - 07:42:18 | A | 3753 Ko] - D:\[The Heirs OST] Moment - Changmin (??) [2AM] .mp3
[19/01/2014 - 08:20:45 | A | 139765 Ko] - D:\[Tiramisubs]Nisekoi - 02 [x264 1280x720 10bit AAC][54B382C7].mkv
[20/01/2014 - 08:46:57 | A | 116430 Ko] - D:\[Tiramisubs]Nisekoi - 01v2 [HD].mkv
[26/01/2014 - 08:45:13 | A | 146094 Ko] - D:\[Tiramisubs] Nisekoi - 03 [x264 1280x720 10bit AAC][1C12E6F1].mkv
[02/02/2014 - 11:48:04 | A | 146312 Ko] - D:\[Tiramisubs] Nisekoi - 04 [x264 1280x720 10bit AAC][BA171BA2].mkv
[09/02/2014 - 04:25:10 | A | 144894 Ko] - D:\[Tiramisubs] Nisekoi-05 [x264 1280x720 10bit AAC][12F2ADCB].mkv
[14/12/2013 - 16:12:51 | A | 0 Ko] - D:\Local Disk © - Shortcut.lnk
[16/08/2013 - 07:43:38 | N | 89 Ko] - D:\G25.JPG
[21/09/2013 - 18:48:40 | N | 64 Ko] - D:\C360_2013-09-21-18-47-34.jpg
[26/09/2013 - 17:13:48 | N | 2732 Ko] - D:\Sparta 3.jpg
[26/09/2013 - 17:24:24 | N | 3165 Ko] - D:\Sparta 1.jpg
[30/09/2013 - 20:39:02 | A | 73 Ko] - D:\5031992668_84ae250f7c.jpg
[01/10/2013 - 13:36:35 | N | 1986 Ko] - D:\20130930_234221.jpg
[01/10/2013 - 13:36:48 | N | 1949 Ko] - D:\20130930_234159.jpg
[01/10/2013 - 13:37:02 | N | 1971 Ko] - D:\20130930_234100.jpg
[01/10/2013 - 13:37:15 | N | 1963 Ko] - D:\20130930_234138.jpg
[01/10/2013 - 13:37:29 | N | 1974 Ko] - D:\20130930_232544.jpg
[01/10/2013 - 13:37:46 | N | 2057 Ko] - D:\20130930_232513.jpg
[01/10/2013 - 13:37:59 | N | 1980 Ko] - D:\20130930_232419.jpg
[01/10/2013 - 13:38:13 | N | 1960 Ko] - D:\20130930_232440.jpg
[01/10/2013 - 13:38:26 | N | 1766 Ko] - D:\20130926_110948.jpg
[13/10/2013 - 14:39:26 | N | 2031 Ko] - D:\Kimunce.jpg
[14/12/2013 - 16:12:04 | A | 2100 Ko] - D:\Sparta 2.jpg
[13/01/2014 - 22:01:40 | A | 251 Ko] - D:\Osakawtf.jpg
[18/03/2014 - 06:29:58 | A | 438800 Ko] - D:\189.flv
[12/10/2013 - 18:24:46 | A | 20818 Ko] - D:\SKYPE-TECHNOLOGIES_SKYPE_A00_R272748.exe
[12/10/2013 - 18:35:20 | A | 29264 Ko] - D:\FoxitReader606.0722_enu_Setup.exe
[12/10/2013 - 19:03:06 | A | 31780 Ko] - D:\SkypeSetupFull.exe
[14/11/2013 - 17:58:34 | A | 793 Ko] - D:\smadav942.exe
[30/09/2013 - 20:55:46 | A | 198 Ko] - D:\modul-8-kalorimeter 2.docx
[01/10/2013 - 07:24:02 | A | 226 Ko] - D:\LAPORAN PRAKTIKUM FISIKA DASAR.docx
[01/10/2013 - 08:49:07 | A | 309 Ko] - D:\kalorimeter.docx
[30/11/2014 - 22:09:14 | A | 51 Ko] - D:\TUGAS 2.docx
[01/12/2014 - 06:24:54 | A | 34 Ko] - D:\STRAWBERRY FIX.docx
[06/10/2015 - 08:24:34 | A | 289 Ko] - D:\tugas PCB 1 variabel.docx
[30/09/2013 - 19:26:44 | A | 645 Ko] - D:\modul-8-kalorimeter.doc
[10/10/2015 - 12:26:54 | SHD] - D:\$RECYCLE.BIN
[04/05/2014 - 19:23:32 | D] - D:\Smadav 2011 Rev. 8.8
[09/08/2014 - 09:29:52 | D] - D:\Smadav 2013 Rev. 9.4
[27/04/2014 - 20:36:27 | D] - D:\05a-Mindjet_MindManager_v8.0.217-CYGNUS
[09/09/2013 - 23:35:41 | D] - D:\dell
[10/09/2013 - 00:41:04 | D] - D:\Dell_Vostro_3350
[14/09/2013 - 01:38:05 | D] - D:\Software
[15/09/2013 - 22:21:12 | D] - D:\$AVG
[27/10/2013 - 14:43:10 | D] - D:\Love Lab
[16/11/2013 - 20:00:24 | D] - D:\Nichijou
[06/12/2013 - 14:23:32 | D] - D:\hape
[13/01/2014 - 21:59:34 | D] - D:\laprak
[16/01/2014 - 13:35:25 | AD] - D:\Sherlock Holmes S3
[14/02/2014 - 19:16:17 | D] - D:\papa lombok
[14/02/2014 - 19:18:44 | D] - D:\Tour Bali
[14/02/2014 - 19:18:53 | D] - D:\Acara Spring 2009
[17/02/2014 - 20:49:52 | D] - D:\Hanamizuki
[23/03/2014 - 16:12:25 | D] - D:\lampiran mekflu
[27/04/2014 - 20:39:28 | D] - D:\Dari Flashdisk
[07/05/2014 - 15:49:42 | D] - D:\New folder
[28/05/2014 - 14:55:06 | D] - D:\Wulan's
[25/08/2014 - 23:01:26 | D] - D:\Ariana Grande - My Everything (iTunes Deluxe Version) (2014)
[21/09/2014 - 20:35:21 | D] - D:\Attachments_2013916
[06/11/2014 - 06:54:30 | D] - D:\240110130053_Pramesti NRW
[27/05/2015 - 06:46:08 | D] - D:\50 First Dates
[27/05/2015 - 06:53:33 | D] - D:\baka to test
[27/05/2015 - 07:06:27 | D] - D:\Nurarihyon no Mago
[27/05/2015 - 07:13:49 | D] - D:\Sket Dance
[05/06/2015 - 23:56:58 | D] - D:\dari HP
[23/06/2015 - 15:09:23 | D] - D:\nitip
[04/10/2015 - 19:19:19 | D] - D:\PCB wulan
[04/10/2015 - 19:22:27 | D] - D:\PCB WULAN FIX
[07/10/2015 - 21:38:49 | D] - D:\seminar
[09/10/2015 - 07:02:29 | D] - D:\semester 5
[10/10/2015 - 09:26:44 | D] - D:\dari download
[10/10/2015 - 12:27:00 | D] - D:\dari document

################## | F:\ - Removable drive (FAT32) |

[10/10/2015 - 08:35:52 | D] - F:\
[10/10/2015 - 12:53:08 | D] - F:\Autorun.inf
[10/10/2015 - 12:34:56 | N | 0 Ko] - F:\desktop.ini
[10/10/2015 - 12:34:56 | N | 582 Ko] - F:\IndexerVolumeGuid
[10/10/2015 - 08:19:18 | D] - F:\ \Autorun.inf
[01/01/1601 - 07:00:00 | A | 0 Ko] - F:\ \Autorun.inf\lpt1.UsbFix

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

Analysed in 80.42 seconds

################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
 



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 AM

Posted 14 October 2015 - 07:54 AM

Hello ran04  and welcome to BleepingComputer!                       :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 3 days, feel free to PM me.                        :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 3 days I will bump the topic, if you didn't reply in next 3 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

 

I've submitted my reports to my instructor and will reply back as soon as possible.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 AM

Posted 14 October 2015 - 07:59 AM

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 AM

Posted 18 October 2015 - 11:43 AM

Are you still there?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:36 PM

Posted 23 October 2015 - 01:35 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users