Flashdrive worm

[marvin_111111]

help! my friend lend me his flashdrive, and i got the worm.. now i can't double-click on my hard drive (c:\) what to do? i read about the HJT and i did everything that was told in the instructions. i have also attached my log here.

 

[howard_hopkinso]

Hello and welcome to Techspot.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[marvin_111111]

another problem

i have managed to get rid of the worm from my computer, i think. because i can already double-click on the hard drive icon. but there's another problem bothering me now, every time i start my computer.. the windows* window (*windows as in drive c:/windows) always pops up automatically and it irritates me. how can i fix this? please help.. thanks! =)

 

[howard_hopkinso]

Just because you`ve managed to get rid of the worm, doesn`t necessarily mean your system is clean.

When I looked at your HJT log it showed your system was infected with several infections. Therefore, I advise you to follow the instruction exactly and post fresh HJT and AVG Antispyware logs as requested.

If, once your system is clean, you still have the window opening on bootup, we`ll try and deal with that as a separate issue.

Regards Howard

This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[marvin_111111]

still a problem

i've done every step in the instructions. here are my logs, but the windows window still appear automatically. what is the problem?

 

[howard_hopkinso]

Delete all files in AVG Antispyware quarantine.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

UltimateBet

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

UltimateBet.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [FS6519] C:\WINDOWS

O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\UltimateBet<Delete the entire folder.
C:\WINDOWS\FS6519.dll.vbs

Reboot into normal mode and rehide your protected OS files.

Post a fresh HJT log and let me know if you`re still having problems.

Regards Howard

This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[marvin_111111]

done

i did all the steps the you told me to do except for the ff:

1) Click on the processes tab and end process for(if there).

UltimateBet.exe

2) O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

3) O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

4)Locate and delete the following bold files and/or directories(if there).
C:\WINDOWS\FS6519.dll.vbs

for the reason that i couldn't find them.

but the good thing is the windows window didn't appear automatically in the startup anymore. is my pc already free from viruses?

 

[howard_hopkinso]

Well done, your HJT log is now clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of marvin_111111 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[marvin_111111]

thanks!

yeah!! thanks for your time mr. howard hopkins! you are great!! thank you very much! god bless!