How to remove virus

Closed
farzeen Posts 1 Registration date Saturday January 4, 2014 Status Member Last seen January 4, 2014 - Jan 4, 2014 at 10:16 PM
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 - Jan 5, 2014 at 06:29 AM
HaiI.
If i use any pendrive in my lap. It will show a shortcut of the pendrive inside it. How can i remove this thing from my lap

10 replies

2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Jan 5, 2014 at 05:18 AM
Hello,

This type issue could be caused by a USB virus. It will spread to all of your USB memory devices and hard disk.

Here is a tool to remove the virus and vaccinate your USB against further viruses.


Download UsbFix (created by El Desaparecido) on your desktop.

http://ccm.net/download/download-24089-usbfix

If your antivirus gives an alert, ignore it and temporarily deactivate the antivirus.
Plug in your usb devices (Flash drive, pen drive. External HD etc...) don't open them.
Double click sur UsbFix.exe.

Click on deletion
.
Let the tool work.

At the end of the scan a report will show which you can copy and paste here..

The report is save at the root ( C:\UsbFix.txt ).

You can also vaccinate against any virus.

Gabriel.
0
I tried it .but it s not working. If I put that oendrive or another pendrive it shows again.
0
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Jan 5, 2014 at 05:58 AM
Have you got the report please ?

Gabriel.
0
Yes I got the report.
0

Didn't find the answer you are looking for?

Ask a question
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Jan 5, 2014 at 06:05 AM
So post it in your next reply please.

Gabriel.
0
############################## | UsbFix V 7.158 | [Research]

User: farzeen (Administrator) # ZEEN
Updated 02/01/2014 by El Desaparecido - Team SosVirus
Started at 16:00:51 | 05/01/2014

Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/

PC: Acer (EA50_HC_CR)
CPU: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
RAM -> [Total : 3911 Mo| Free : 2367 Mo]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 8 Single Language (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: avast! Antivirus [Enabled | (!) Outdated]
AS: Windows Defender : 4.3.0215.0
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 153 Gb (64 Mb free - 41%) [Zeen] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 101 Gb (10 Mb free - 10%) [for me] # NTFS
F:\ -> Fixed drive # 98 Gb (52 Mb free - 53%) [For you] # NTFS
G:\ -> Fixed drive # 91 Gb (24 Mb free - 26%) [For us] # NTFS
H:\ -> Removable drive # 7 Gb (413 Mb free - 6%) [PENDRIVE] # FAT32
0
################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 512 |ParentID: 500)
C:\Windows\system32\wininit.exe (ID: 568 |ParentID: 500)
C:\Windows\system32\services.exe (ID: 668 |ParentID: 568)
C:\Windows\system32\lsass.exe (ID: 676 |ParentID: 568)
C:\Windows\system32\svchost.exe (ID: 784 |ParentID: 668)
C:\Windows\system32\svchost.exe (ID: 836 |ParentID: 668)
C:\Windows\System32\svchost.exe (ID: 888 |ParentID: 668)
C:\Windows\system32\svchost.exe (ID: 920 |ParentID: 668)
C:\Windows\system32\svchost.exe (ID: 976 |ParentID: 668)
C:\Windows\System32\svchost.exe (ID: 1016 |ParentID: 668)
C:\Windows\system32\svchost.exe (ID: 1092 |ParentID: 668)
C:\Windows\system32\svchost.exe (ID: 1132 |ParentID: 668)
C:\Windows\System32\spoolsv.exe (ID: 1260 |ParentID: 668)
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (ID: 1500 |ParentID: 668)
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (ID: 1528 |ParentID: 668)
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ID: 1548 |ParentID: 668)
0
################## | Generic Research |

Found ! H:\_WHYQDX.init
Found ! H:\autorun.inf

################## | Registry |


################## | Vaccin |

E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> ???
0
After the run it shows like this
Line 19615 (file "c:/usbfix/go.exe")
Error : the requested action with this object has failed.
What u want me to do?
0
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Jan 5, 2014 at 06:29 AM
Why do you post the report in 3 parts ?

Download, install and run Malwarebyte which you can find on this site:

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware

Ensure you make an update.

Please request a FULL system scan on all discs, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.

If Malwarebyte restarts your system, launch it again to finish the Full scan.

When the scan is completed, delete all items found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.

Gabriel.
0