Hey there, as the title says I plug my usb on a pc cafe and went home to find out that it some virtual std. It had everithing turn into a direct acces with the location being CMD on System 32. Im running windows 10. I panicked and did 2 things: Open one of the sortcuts trying to open a folder, and format the USB.
I would be glad if anyone could help me.

As I saw a post from 2013 (https://forum.avast.com/index.php?topic=138715.0) with some similar issues im attaching the scan files that where asked from so as to maybe make it easier for you. Attaching GMER log and Farbar Recovery Scan Tool log

The MBam log is missing.
Please attach that one also.

Hey there, as the title says I plug my usb on a pc cafe and went home to find out that it some virtual std.........

Thanks for the help! I’ll upload the mbam as soon as I get home (1h~). I remember it found no threats though.
I didnt know, Will install it when this is finished. Thanks.

Thanks for the help! I'll upload the mbam as soon as I get home (1h~). [b]I remember it found no threats though[/b].

well, just in case im attaching it. Thanks again.

Hello, I have take a speedy peek at the posted logs.

First, unplug and don’t use your usb memory devices, they are infected …
First to clean the PC. Run this script…

1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Start
CreateRestorePoint:
File: C:\WINDOWS\system32\vulkaninfo.exe
CloseProcesses:
ShortcutWithArgument: C:\Users\Kurizu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Kurizu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Until AM for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mjafmkicbmhcbapadecadciafbkecofl
Hosts:
C:\Users\Kurizu\AppData\Roaming\Launcher.dat
C:\Users\Kurizu\AppData\Roaming\redirect2.dat
C:\Users\Kurizu\AppData\Roaming\update.dat
EmptyTemp:
End

2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.

Then it would be nice to uninstall Google Chrome and re-installing it again with fresh downloaded version of the PC.

Now, make shure MCShield is active, attach USB devices and MCShield should clean the flash drives. ANd you should be good to go.

//edited

Never mind, I have edited the above script.

Cheers

I did run the one before the edit. Should I run the new one?

mmm. Now im in doubt. maybe I did run the edited one. Im attaching the fixlog

MCShield detected no malware on the USB, probably due to formatting it. Thanks a lot for your help!