Author Topic: Virus problem  (Read 3283 times)

0 Members and 1 Guest are viewing this topic.

Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Virus problem
« on: January 30, 2019, 06:12:52 AM »
I collected some documents from my friend's computer and my flash got corrupted with a virus. It turns the flash to a shortcut and shows 8gb available. It is connected to Kaspersky internet security or something. I have downloaded FRST and followed all the guidelines. would attach the fixlog now.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 60312
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Virus problem
« Reply #1 on: January 30, 2019, 06:23:17 AM »
Attach your basic diagnostic logs.
Instructions: https://forum.avast.com/index.php?topic=194892
Windows 8.1 [x64] - Avast PremSec 19.7.2388.BC - CC 5.61 - EEK - Firefox ESR 60.8 [NS/AOS/uBO] - TB 60.8 [EM] - ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #2 on: January 30, 2019, 09:29:36 AM »
Thank you. Here are the diagnostic logs.

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35952
Re: Virus problem
« Reply #3 on: January 30, 2019, 12:37:27 PM »
Since you have a fixlog somone must have made a fix for you, who did that, or did you just run a random fix found online?



Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #4 on: January 30, 2019, 12:53:58 PM »
I did not. I saw some instructions on a previous post and I followed it.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 60312
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Virus problem
« Reply #5 on: January 30, 2019, 12:59:26 PM »
I did not. I saw some instructions on a previous post and I followed it.
Bad idea, see excerpt from the instructions below.

The fixes are specific to your problem and should only be used for this issue on this machine.
Windows 8.1 [x64] - Avast PremSec 19.7.2388.BC - CC 5.61 - EEK - Firefox ESR 60.8 [NS/AOS/uBO] - TB 60.8 [EM] - ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #6 on: January 30, 2019, 01:06:08 PM »
Ohh wow. What can I do now?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 60312
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Virus problem
« Reply #7 on: January 30, 2019, 01:14:13 PM »
You've to wait for one of the malware experts...
Windows 8.1 [x64] - Avast PremSec 19.7.2388.BC - CC 5.61 - EEK - Firefox ESR 60.8 [NS/AOS/uBO] - TB 60.8 [EM] - ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35952
Re: Virus problem
« Reply #8 on: January 30, 2019, 01:23:43 PM »
Fix is made by the malware expert, and based on the FRST logs comming from your machine, so a fix is made for your machine only, using fix you find online can destroy your machine

@Sass Drake will give you instructions when online, it may take hours


I assume that the FRST logs you have attached is from after you run the fix?


« Last Edit: January 30, 2019, 01:26:49 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #9 on: January 30, 2019, 01:56:12 PM »
No, before

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35952
Re: Virus problem
« Reply #10 on: January 30, 2019, 02:00:45 PM »
No, before
Then you need to attach fresh FRST logs so that @Sass Drake can see current staus when he arrive


Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Sass Drake

  • MyCity AMF R2
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 710
Re: Virus problem
« Reply #11 on: January 31, 2019, 01:25:48 AM »
  • Open Notepad (click Start button -> type notepad.exe -> press Enter)
  • Copy text from code block below and paste it into Notepad
Code: [Select]
VirusTotal: C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017\explorers.exe;C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017\spoolsvc.exe;C:\Users\AJE TAIWO\AppData\Roaming\dhelper.exe
HKU\S-1-5-21-1554402273-3413048909-868042803-1001\...\Winlogon: [Shell] explorer.exe, C:\Users\AJE TAIWO\AppData\Roaming\dhelper.exe <==== ATTENTION
Startup: C:\Users\AJE TAIWO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.lnk [2018-09-23]
Startup: C:\Users\AJE TAIWO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorers.lnk [2019-01-29]
ShortcutTarget: explorers.lnk -> C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017\explorers.exe ()
Startup: C:\Users\AJE TAIWO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\spoolsvc.lnk [2019-01-29]
ShortcutTarget: spoolsvc.lnk -> C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017\spoolsvc.exe ()
Startup: C:\Users\AJE TAIWO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk [2017-07-16]
ShortcutTarget: Start.lnk -> C:\Users\AJE TAIWO\AppData\Roaming\blbpso\mmrjbdbqy64.exe (Microsoft Corporation)
Startup: C:\Users\AJE TAIWO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svhost.lnk [2019-01-29]
ShortcutTarget: svhost.lnk -> C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017\svhost.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-09-13]
S2 0097231447339092mcinstcleanup; C:\Users\AJETAI~1\AppData\Local\Temp\009723~1.EXE -cleanup -nolog [X] <==== ATTENTION
C:\Users\AJE TAIWO\AppData\Roaming\Kaspersky Internet Security 2017
C:\Users\AJE TAIWO\AppData\Roaming\dhelper.exe
C:\Users\AJE TAIWO\AppData\Roaming\blbpso
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
  • Go to File -> Save As
  • Make sure that  UTF-8 is selected as Encoding (left side of Save button)
  • Save it as fixlist.txt on Desktop
  • Open again FRST and click on button Fix
  • Wait until FRST finishes
  • fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #12 on: January 31, 2019, 07:37:15 AM »
Thank you very much. I've attached the fixlog to this post.

Offline Sass Drake

  • MyCity AMF R2
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 710
Re: Virus problem
« Reply #13 on: January 31, 2019, 08:02:32 PM »
What is system status now?

Offline Adeyemo

  • Newbie
  • *
  • Posts: 7
Re: Virus problem
« Reply #14 on: January 31, 2019, 09:13:46 PM »
I think the issue has been resolved. I can't find the virus again. Thank you for your time and help.