UC Chinese Virus

**Iaro96** · 12-13-2016, 05:04 PM

Autoruns doesn’t show me anything when I search for that

**jmarket** · 12-14-2016, 12:09 AM

Originally posted by Iaro96

Autoruns doesn’t show me anything when I search for that

Whilst we are waiting for the experts, did you run Autoruns as Administrator, that is important

**jmarket** · 12-14-2016, 03:59 AM

If you are not sure how to do that, this will show you.

To use Autoruns open the folder and right Click Either
Autoruns.exe – for 32 bit systems, or
Autoruns64.exe – for 64 bit systems.
And on the right click context menu click “Run as administrator”
If you are unsure if your system is 32 or 64 bit CLICK HERE

[MEDIA=imgur]WEuDcNy[/MEDIA]

When Autoruns opens.
[ol]
[li]Select the “Everything” tab.[/li][li]Type “Lenovo-31886.vbs” in the filter box.[/li][li]Deselect any entries found.[/li][/ol]
Then repeat the above typing “Lenovo-31951.vbs” in the filter box

[MEDIA=imgur]WkK6sBY[/MEDIA]

**Iaro96** · 12-14-2016, 06:34 AM

Ahh, I was missing running as administrator. My bad…
Got it! Unchecked them and got Google Chrome
Here I’ve attached the fresh FRST logs.

**jmarket** · 12-14-2016, 06:55 AM

Your logs look good laro96 Any issues persisting?

**Iaro96** · 12-14-2016, 06:07 PM

This is the last thing remaining… it another error that pop-up after startup.

**jmarket** · 12-14-2016, 06:26 PM

Are you referring to startup of the computer or startup of a program?

**Iaro96** · 12-14-2016, 06:54 PM

When I boot the computer

**jmarket** · 12-14-2016, 07:00 PM

Can you post a fresh autoruns log? Something is trying to create a file in the %TEMP% directory but is unable to.

Also please try the following:

[ol]
[li]Navigate to C:\Users[Username]\AppData\Local.[/li][li]Right-click on the Temp folder and select Properties.[/li][li]Select Security and click Advanced.[/li][li]On the Permissions, you should see three options:[/li]‘SYSTEM‘ with Full control which applies to ‘This folder, subfolders and files’
‘Administrators‘ with Full control which applies to ‘This folder, subfolders and files’
‘Your Username‘ with Full control which applies to ‘This folder, subfolders and files’

[li]All these permissions inherited from the C:\Users[Username]\ folder. Therefore, if the option Include inheritable permissions from this object’s parent’ is not marked with a tick, click on Change Permissions.[/li][li]Mark ‘Include inheritable permissions from this object’s parent’ with a tick, click Apply and then OK.[/li][li]Select Continue and remove inherited permissions.[/li][/ol]

**Iaro96** · 12-14-2016, 08:40 PM

Here is the fresh autoruns log.

**Iaro96** · 12-14-2016, 08:43 PM

Didn’t quite get what I have to do at the Advanced Security Setting for Temp.

**Malnutrition** · 12-16-2016, 01:34 PM

Your problem is in scheduled task.

**jmarket** · 12-16-2016, 02:38 PM

[IMG alt="13-500x380" width="500px" height="380px"]https://images.drivereasy.com/wp-content/uploads/2015/12/13-500x380.png[/IMG]

[IMG alt="53-500x378" width="500px" height="378px"]https://images.drivereasy.com/wp-content/uploads/2015/12/53-500x378.png[/IMG]

Then click OK in each box then reboot.

**Iaro96** · 12-19-2016, 12:21 AM

Sorry for the late response… did not had access to my computer until now. Uhhh, on startup the message changed a little bit this time. Additionally, I still feel my computer a bit sluggish (specially at startup). Maybe using CCcleaner would help. Haven’t done that yet. [ATTACH]1148[/ATTACH] Will do what jmarket instructed

**Iaro96** · 12-19-2016, 02:05 AM

Still can’t manage to get it. This is how it looks.
[MEDIA=imgur]YUXoKl9[/MEDIA]

UC Chinese Virus

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment