How to remove LNK.Jenxcus-p worm virus?

[essexboy]

No those two will stay

Download AVZ tool from here to your desktop
Unzip all files to a folder on your desktop
Open the folder and double click the AVZ icon
When the tool opens select "File" > "Standards scripts"


Place a tick in :

 
5. Update signature database

Then press "Execute selected scripts"


Once that has execute then
select "File" > "Standards scripts"
Place a tick in :

3.   Advanced  System Analysis with malware removal mode enabled


When finished look in the folder AVZ4 on your desktop
Open the LOG folder
Upload the zip file  virusinfo_syscure to a file sharing site for me to collect

[REDACTED]

No those two will stay

It stops responding, I tried downloading it again but get same results.

[essexboy]

Is there anything important in this folder :

C:\Joymax

If not then run this fix

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
2015-07-11 18:16 - 2014-03-18 11:15 - 00000000 ____D C:\Joymax
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

Is there anything important in this folder :

The folder was empty, the .lnk files were created in different folders in the C directory and that just happened to be the one I captured on screenshot.

[essexboy]

Are you still receiving the alerts ?

[REDACTED]

Are you still receiving the alerts ?

Yes

I also apologize for late reply.

[essexboy]

Could you try AVZ from safe mode please..  I assume you have no USB devices plugged in during the alerts

[REDACTED]

Could you try AVZ from safe mode please..  I assume you have no USB devices plugged in during the alerts

The only USB device I have plugged in is my mouse.

When running AVZ in safe mode it doesn't stop responding, but suddenly closes, no log is generated.

[essexboy]

You have a fair few folders on your root c drive did you put those there

[REDACTED]

You have a fair few folders on your root c drive did you put those there

I assume most of those came with programs I installed.

[essexboy]

I will remove the suspect folders and see if that kills it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
2015-07-11 20:10 - 2013-08-29 11:13 - 00000000 ____D C:\eclipse
2015-07-11 19:58 - 2012-12-02 18:15 - 00000000 ____D C:\Users\Daniel\Downloads\Google chrome
2015-07-11 18:38 - 2014-02-20 18:45 - 00000000 ____D C:\Javalib
2015-07-11 18:27 - 2012-12-02 12:34 - 00000000 ____D C:\Fotos
2015-07-11 18:20 - 2014-06-06 23:03 - 00000000 ____D C:\nasm
2015-07-11 18:16 - 2014-03-18 11:15 - 00000000 ____D C:\Joymax
2015-07-11 08:32 - 2015-05-08 21:13 - 00000000 ____D C:\oraclexe
2015-07-11 08:32 - 2015-05-08 18:38 - 00000000 ____D C:\app
2015-07-11 08:32 - 2014-06-06 22:44 - 00000000 ____D C:\TASM
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

I will remove the suspect folders and see if that kills it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
2015-07-11 20:10 - 2013-08-29 11:13 - 00000000 ____D C:\eclipse
2015-07-11 19:58 - 2012-12-02 18:15 - 00000000 ____D C:\Users\Daniel\Downloads\Google chrome
2015-07-11 18:38 - 2014-02-20 18:45 - 00000000 ____D C:\Javalib
2015-07-11 18:27 - 2012-12-02 12:34 - 00000000 ____D C:\Fotos
2015-07-11 18:20 - 2014-06-06 23:03 - 00000000 ____D C:\nasm
2015-07-11 18:16 - 2014-03-18 11:15 - 00000000 ____D C:\Joymax
2015-07-11 08:32 - 2015-05-08 21:13 - 00000000 ____D C:\oraclexe
2015-07-11 08:32 - 2015-05-08 18:38 - 00000000 ____D C:\app
2015-07-11 08:32 - 2014-06-06 22:44 - 00000000 ____D C:\TASM
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

Of those:

Eclipse is the Java IDE I use.
Javalib, nasm and tasm I believe are tools for creating lexers (I know nasm is)
Not sure what is stored in oracleexe, could there be any data from the Oracle Database System or any other developing tool?
The fotos folder is just a folder where I store pictures taken with my camera.
The Google Chrome folder in Downloads is just the directory where everything I download from Google Chrome goes.
I removed the Joymax folder earlier when you told me.

[essexboy]

I am reaching a bit of an impasse now as most of my tools are failing to run ..  We will try one more

Create an emergency repair USB drive:
Download Dr Web Live USB to your desktop

• Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
• Launch drwebliveusb.exe.
• The program will detect available USB-devices automatically and prompt you to choose the one you?d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).

• To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
• Files will be copied automatically.
• Once the copying process is completed, press the Exit button to close the application.
• Reboot the infected computer with the USB in the drive
• Ensure that the first boot device is USB - If you are not sure about that then see this page for instructions
  
• As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

• Use arrow keys to select  DrWeb-LiveCD (Default)

• Press select objects for scanning

• When the system is loaded, check the disks or folders you want to scan, and click on Start.
• The programme will now scan for and cure/delete any malware that it finds.  Allow it to do so 

• When it has completed

• Select Open Report and copy to the USB
• Once completed reboot to normal windows, and attach the report here

[REDACTED]

I am reaching a bit of an impasse now as most of my tools are failing to run ..  We will try one more

The tool's been checking my computer for over 7 hours now, though it's been in the same percentage for at least 4 hours, I'm not sure if this is normal, I also think it's checked the same folder various times now, or at least it's not the first time it's been checking the adt bundle.

Also the remaining time's been changing a lot, at one point it said it ad 35 hours left and then it had 7 minutes.

[essexboy]

It looks as though most of the infections are in your document folders specifically winds pro