Hi, fumagawa is here.
I got this problem since the end of April, and I think it’s pretty troublesome.
I believe my computer is infected by Jenxcus.K virus. Because all data in every flashdrive that is connected with my computer became shortcuts.
MS Security Essentials detected it as Jenxcus and cleaned it, therefore the virus is gone as well as all the data. (but maybe they’re all hidden)
I need help to solve this issue, as soon as possible, because I’m working as internet cafe operator. People are usualy visiting my workplace to print documents, print photos, scanning documents, and then store them in their flashdrives. But I’m aware that my computer is also infecting their flashdrives as well.
I really don’t want to dissapoint them, because thier visit = my income.
Much obliged.
I’ve also attached several logs required to assist this cleaning.
Please notiy me if there is something missing with the logs. I will redo all the scans.
[*]Double click to run the tool and wait until it finishes.
[*]It will make a log named Anti-VBSVBE.txt. Please attach it to your reply.
.
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
[*]Click on the Scan button.
[*]After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
[*]After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
[*]Post logfile will also be saved in the C:\AdwCleaner folder.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Alright, here’s what I found.
the AntiVBSBVBE ran smooothly, I’va attached the log.
However, the AdwCleaner, did not. My AV detected the software as a Malware. Weird. So it got terminated by the AV.
And the last ones, the FRST.txt and the Addition.txt …
Last night, my friends helped me to fix the issues. He went through msconfig and disabled what you guys found as the source of the threat. It worked, really.
But when I turned on my PC again, there’s only one Startup thing in msconfig that is similar with previous threat. The extension (or whatever the name) is yxemiymdfm.vvv. So I disabled it again, and my computer asked to get a restart so the change will take effect.
Do I have to delete the registry of yxemiymdfm.vvv? If that so, how to do it? I’m not that good with those things, deeply sorry.
Download attached fixlist.txt on the same location as FRST (otherwise the fix won’t work)
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Open FRST, and click Fix. Attach me that report after it is finished.
[*] Please download ComboFix by sUBs and save it to your Desktop. You may read how Combofix works here.
[*] Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix. If you are unsure how to do this please read this or this Instruction.
[*] Run ComboFix. Click on I Agree! & follow the prompts. Note: If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart your computer.
[*] When finished, it will produce a report for you. Please attach log reports (ComboFix.txt) back to topic. (typical log location: C:\ComboFix.txt )
AdwCleaner is Safe. It’s a known FP and the owner (XPlode) has reported it along with many others. As for the reg key. No, do not delete it. Magna will probably target it if he thinks it’s needed.