Hello TwinHeadedEagle !
I am attaching herewith the fixlog.txt for your reference.
Sir, most of the files have returned to normal state after this fixture !
But one game file I pasted is still in shortcut form and it is an ISO file and an autorun.txt is also in shortcut form.
Thank you once again !
Re-run FRST and attach fresh report…
Hello TwinHeadedEagle !
Here’s the fresh report !
Hello TwinHeadedEagle
A new development here… everything seemed to be in order until my last post but now suddenly all folders in the PSP have become
shortcuts again . I do not seem to understand the problem but I guess the two shortcut files I told you could have affected all of them too.
I am attaching the fresh reports
Thanks for helping me !
Virus comeback after we clean it. Please do not use any USB until we clean it…
Instructions how to disable avast:
[*]Right click on the avast! system tray icon (
http://www.mcshield.net/pg/images/avast5.png
) in the lower right corner of the screen and scroll up to avast! shield controls;
[*]In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.
Note: Do not forget to turn back on this option after the cleaning by choosing avast! shield controls > Enable all shield options.
ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix’s window while it is running.
If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart computer once more.
Hello TwinHeadedEagle
I am attaching herewith the log report of ComboFix
The problem is I had forgotten to plug in my USB device before the Fix started but did it inbetween ( I mean in a few seconds after it started) …
Will it cause a problem?
Hello TwinHeadedEagle
I am attaching a fresh report of ComboFix after I re-ran the whole fix, this time with the PSP connected to the computer.
As you had mentioned I never tampered anything with the device or the pc while the scan took place both the times.
Thanks once again !
Open notepad and copy/paste the text present inside the code box below:
File::
c:\users\Balaji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MICROS~1.VBS
ClearJavaCache::
Save this as CFScript.txt
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
Now plugin all devices, and attach MCShield report.
Hello TwinHeadedEagle !
Thank you very much for your help it seems that the virus is finally removed from all the folders except the two I mentioned before.
I am attaching herewith the latest log report of ComboFix after I ran the .exe with the code you gave.
I am also attaching the latest MCShield allscans report and the last scan which reported driver is clean.
This is the first time MCShield reported “No virus Found”.
Good, virus is removed from your PC. We only need to take care of your USB.
Open MCShield Control Center, tick this option, and confirm with OK.
Re-scan USB and tell me how are the things now?
Hello TwinHeadedEagle !
I am attaching herewith the scan reports of McShield after checking the unhide option in scanner menu.
Thank you very much for helping me !
USB seems clean now, any remaining problems?
Hello TwinHeadedEagle !
Thank you very much ! 
There seems to be no remaining problems !
I reviewed MCShield report and it said “No malware detected”.
As for the two remaining files I told you about earlier , I deleted them .
It was a set of an autorun.inf file and an iso game with its shortcut.
Thank you again for spending your precious time to help me ! Thank you !
I would like if you suggest some measures to be taken if this occurs in the future .
There should be no issue in the future, keep using MCShield and it will protect you surely against such threats.
Please download DelFix by “Xplode” to your Desktop.
Run the tool and check the following boxes below;
[] Remove disinfection tools
[] Create registry backup
[*] Purge System Restore
Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
I don’t need DelFix log report.
Thank you sir once again for helping me !
I downloaded Delfix as you said and all the tools are removed !
Thank you sir !
I’m having the same problem of usb virus in my laptop.If u can help me, I would be thankful to you…
how to get help instructions. https://forum.avast.com/index.php?topic=53253.0
attach requested logs in a new topic you start
hello,
eversince i connected a flashdrive to my laptop, i began encountering the same problem. now all these shortcuts have appeared on all my files. i would be greatful for any help on this.my os is windows 7 ultimate SP1 (32bits).furthermore, everytime i start up my machine, this message on notepad keeps popping up:
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
what does this message mean?
thanks in advance.
Everyone, start your own thread and attach the FRST, aswMBR and MBAM log files!
following the thread started by runa llena and with the assistance of twinheadedeagle , the following files are the results of the scans.
thanks.