Hello,
My system is infected with this virus i cant seem to get rid of, very time that I’ve inserted an USB in the laptop my files turned into shortcuts. i will really appreciate what ever assistance i can get.
help!!!
1] Install McShield
2] Follow the instructions > https://forum.avast.com/index.php?topic=194892.0
You can find instructions for MCShield also in the link Eddy posted, under SPECIFIC INFECTIONS LOGS.
Greetz, Red.
Your real files are hidden and you need to change the setting of the explorer to see them. Once you can see them you just remove the hidden attribute from them.
You can remove in most cases the shortcut files directly.
Regards,
PDI
I really appreciate your quick response. Bless you
I followed the link as suggested.
For step 1: attached is the log from Malwarebytes Anti-Malware scan saved as mbam .txt
For step 2: also attached are logs from Farbar Recovery Scan Tool saved as FRST .txt and Addition .txt
i have equally installed MCShield.
i will be waiting for your further instruction.
Please copy/paste the McShield log.
This is the McShield log. Regards
MCShield AllScans.txt <<<
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
v 3.0.5.28 / DB: 2016.2.21.1 / Windows 7 <<<
9/7/2017 3:37:42 PM > Drive C: - scan started (no label ~466 GB, NTFS HDD )…
=> The drive is clean.
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
v 3.0.5.28 / DB: 2016.2.21.1 / Windows 7 <<<
9/7/2017 5:58:56 PM > Drive E: - scan started (no label ~3843 MB, FAT32 flash drive )…
—> Executing generic S&D routine… Searching for files hidden by malware…
—> Items to process: 1
—> E:\franchise.docx > unhidden.
E:\franchise.docx.lnk - Malware > Deleted. (17.09.07. 17.58 franchise.docx.lnk.938870; MD5: 0ffdddcee720dbdf1f77d4e50cc6537c)
E:\july report.lnk - Malware > Deleted. (17.09.07. 17.58 july report.lnk.299751; MD5: 889117173a28ca0012b4cd30b960b254)
Resetting attributes: E:\july report < Successful.
=> Malicious files : 2/2 deleted.
=> Hidden folders : 1/1 unhidden.
=> Hidden files : 1/1 unhidden.
::::: Scan duration: 3sec ::::::::::::::::::
Malware experts are notified, there may be several hours before one is online
Don’t insert USB drives until I instruct you otherwise.
- Open Notepad (click Start button → type notepad.exe → press Enter)
- Copy text from code block below and paste it into Notepad
Task: {8A7BA3AF-C9BE-4454-A294-4F235CAE30FF} - System32\Tasks\{3DD09D73-6DBC-38D7-D235-767BD9C90FC2} => c:\programdata\{A1C0B543-458C-A4C7-D235-767BD9C90FC2}\0c7f65dc.exe <==== ATTENTION
c:\programdata\{A1C0B543-458C-A4C7-D235-767BD9C90FC2}\0c7f65dc.exe
- Go to File → Save As
- Make sure that UTF-8 is selected as Encoding (left side of Save button)
- Save it as fixlist.txt on Desktop
- Open again FRST and click on button Fix
- Wait until FRST finishes
- fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.
Thank you Drake for your response.
i have attached the fixlog
Now make sure MCSHield is running. After that, insert USB drives you suspect they are infected and attach MCShield report after scan.
I really do appreciate your response.
Kindly find attached MCShield report after scan…
You should be safe now.
• The following will implement some post-cleanup procedures:
=> Please download [https://toolslib.net/downloads/finish/2-delfix/[b][u]DelFix[/u][/b][/url] by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Done.
THANK YOU! THANK YOU! THANK YOU!
I thank everyone for their contribution. Gracias