LNK:FakeFolder-B[Trj] - Is it in my laptop now?

[REDACTED]

Hello, I am completely new to this forum, but before posting this I have searched through the forum about the problem I had and I am posting this to inquire about the problem further and see if I am free of it. I have a very new laptop just 1 week old and a friend gave me his external hard drive so I can transfer some files on my computer to his ext hard drive. He told me he has no viruses but I should have been wiser. Anyway the second I plug it in, avast alerts me that there are 17 LNK:FakeFolder-B[Trj] on that external hard drive and it quarantined them. I Immediately removed the ext hard drive and run a full system scan that came back with no infections. I got scared that the virus or whatever it is may have seeped into my computer so I started searching through the avast forums and found on different posts that I should download and run mcshield. I have done that and the scan took way less than 2 seconds and I read the logs and showed that all my drives were clean. I plugged in my own personal ext hard drives and memory sticks and mcshield scanned them and the logs showed that they were all clean as well. I ran another avast full system scan and there were no infections detected. Now the questions is, after doing all this, does this indicate that the virus did not manage to seep into my laptop or any other external memory devices? Is there anything else I should be doing or am I good for now and I should stop worrying? I hope I will be hearing about this soon, and I do apologize if I posted this in the wrong section, but I figured it may be the right place.

[Eddy]

Let us check the system.
Follow the instructions and attach the logs please.

[REDACTED]

Sure thing, lets do that. Just not sure which instructions to follow lol sorry. Are they any of the ones in your signature?

[Pondus]

here  https://forum.avast.com/index.php?topic=53253.0
attach Malwarebytes / Farbar Recovery Scan Tool / aswMBR logs

[Pondus]

I plugged in my own personal ext hard drives and memory sticks and mcshield scanned them and the logs showed that they were all clean as well.

Did MCShield scan that drive when it was plugged in?

Anyway the second I plug it in, avast alerts me that there are 17 LNK:FakeFolder-B[Trj] on that external hard drive and it quarantined them.

avast may have killed it before MCShield   

[Pondus]

LNK:FakeFolder-B[Trj]  = Microsoft call it Dorkbot

Tech info
http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fDorkbot

Spreads via…
Removable drives

Win32/Dorkbot might create a folder named "RECYCLER" in all accessible USB drives, and registers it as a Recycle Bin folder. The worm registers a device notification so that it is notified whenever you plug a USB device into your PC. It then copies itself to the USB device, using a variable file name, and creates an Autorun configuration file named "autorun.inf" pointing to the worm copy. These autorun.inf files tell the operating system to launch the worm file automatically when the USB drive is accessed from another PC that supports the Autorun feature.

seems your friend need a computer check also

[REDACTED]

Well I removed all external memory devices before installing mc and I ran the scan and it showed me that my internal drives were clean,when I plugged in my memory devices (not my friends) mc scanned them and said they were cleaned. To be honest I was scared to plug in my friend's external hard disk again lol. When Avast detected them and quarantined them, I went to the chest and there was an option to delete/remove them (I am sorry I do not remember the exact action) and so I did that. I ran MC scan a few times and plugged my stuff in and out and would still show me everything was clean. I remember we had a similar virus at uni and I believe it attaches itself to removable disks and when I plugged in my removable devices and nothing happened to them, I felt a bit at ease. But there is nothing wrong with making sure even more right? lol
At the moment I am running the scans that you asked me to run and I will be attaching the logs. But do you think that the virus has been killed and did not manage to get into my laptop?

[Pondus]

But do you think that the virus has been killed and did not manage to get into my laptop?

removal experts will find out when they see your logs

they are notified, it may take some hours before they are online

[Eddy]

Sorry, forgot to post the link.

It is the one Pondus gave you.

[REDACTED]

Well I have run all the scans you asked for and attached the logs, I know I was not supposed to rename any logs but the Malwarebytes log was empty and I had to give a name to it or else it would not save.
When saving the log for aswMBR I got two files, a .txt and a .dat, what should I be doing with the .dat?

[Eddy]

I had a quick look and there are some (minor) things that i.m.o. should be fixed, but I leave it to one of the experts to guide you.

[REDACTED]

Are they virus related or just things within the system itself? I hope they are not very harmful lol.

[essexboy]

There are two batch files that the malware placed on the system but without the trigger file they are harmless, the remainder are just house cleaning

 CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {4B9A223F-B483-4215-97CC-8C831EA52A0A} URL =
SearchScopes: HKCU - {4B9A223F-B483-4215-97CC-8C831EA52A0A} URL =
2014-09-13 15:35 - 2014-09-13 15:35 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-09-13 15:17 - 2014-09-13 15:17 - 00000510 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

Alright, I have done what you have asked and I have attached the fixlog 

[essexboy]

Are you experiencing any problems at all ?