Vir na flash disku - duit
Napsal: 14 led 2014 20:34
Dobrý den,
mám podobný problém. Na všech flaškách a SD kartě se mi objevila složka RECYCLER (která nejde smazat) a 4 odkazy:
Copy of Shortcut to (1)
Copy of Shortcut to (2)
Copy of Shortcut to (3)
Copy of Shortcut to (4)
Zkoušel jsem pomocí Usb fixu udělat diagnostiku:
############################## | UsbFix V 7.134 | [Deletion]
User: Do iT (Administrator) # DOIT-PC
Updated 06/09/2013 by El Desaparecido
Started at 20:23:55 | 14/01/2014
Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net
PC: ASUSTeK Computer Inc. (K50IJ ) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz (2001)
RAM -> [Total : 3037 | Free : 2214]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Ultimate (6.1.7600 32-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall Service [Enabled]
C:\ -> Fixed drive # 100 Mb (65 Mb free - 65%) [System Reserved] # NTFS
D:\ -> CD-ROM
E:\ (%systemdrive%) -> Fixed drive # 237 Gb (210 Mb free - 89%) [] # NTFS
F:\ -> Fixed drive # 229 Gb (6 Mb free - 3%) [Nový svazek] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 15 Gb (4 Mb free - 27%) [Kingston] # FAT32
I:\ -> Removable drive # 30 Gb (25 Mb free - 86%) [ADATA UFD] # FAT32
J:\ -> CD-ROM
M:\ -> Removable drive # 4 Gb (4 Mb free - 98%) [] # NTFS
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [VirtualCloneDrive] - "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\SOFTWARE | Run : [GrooveMonitor] - "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [QIP Internet Guardian] - E:\Users\Do iT\AppData\Roaming\QipGuard\QipGuard.exe /p
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - E:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [Skype] - "E:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [Infium] - "E:\Program Files\QIP 2012\qip.exe" /autorun
################## | Stopped processes |
Stopped! E:\Windows\System32\spoolsv.exe (1452)
Stopped! E:\Windows\Explorer.EXE (1492)
Stopped! E:\Windows\system32\taskhost.exe (1608)
Stopped! E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1708)
Stopped! E:\Windows\system32\HPSIsvc.exe (1752)
Stopped! E:\Program Files\Skype\Updater\Updater.exe (1888)
Stopped! E:\Windows\system32\taskeng.exe (2020)
Stopped! E:\Program Files\Google\Update\GoogleUpdate.exe (448)
Stopped! E:\Windows\system32\WUDFHost.exe (2108)
Stopped! E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (2316)
Stopped! E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (2328)
Stopped! E:\Users\Do iT\AppData\Roaming\QipGuard\QipGuard.exe (2352)
Stopped! E:\Windows\System32\StikyNot.exe (2360)
Stopped! E:\Program Files\Skype\Phone\Skype.exe (2400)
Stopped! E:\Program Files\QIP 2012\qip.exe (2424)
Stopped! E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (2456)
Stopped! E:\Program Files\Internet Explorer\iexplore.exe (2520)
Stopped! E:\Program Files\Internet Explorer\iexplore.exe (2540)
Stopped! E:\Windows\system32\SearchIndexer.exe (3008)
Stopped! E:\Program Files\Windows Media Player\wmpnetwk.exe (3788)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\nyAmMkah.exe (3892)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (3352)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (4040)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (4060)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\VbIsoWGu.exe (916)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_FLASH&Prod_Drive_SM_USB20&Rev_1100#AA04012700017955&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-8-7-16-6876424047-2823876534-814630025-8758\GbsMEVDO.exe (1016)
################## | Files # Infected Folders |
Deleted ! H:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\kkohNXnN.cpl
Deleted ! H:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! I:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\exoOCbKV.cpl
Deleted ! I:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! M:\Recycler\S-0-3-16-5231073347-1448215155-156132803-8810\AFaSDAKK.cpl
Deleted ! M:\Recycler\S-0-3-16-5231073347-1448215155-156132803-8810
Deleted ! M:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\BvpAeJhq.cpl
Deleted ! M:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! M:\Recycler\S-8-7-16-6876424047-2823876534-814630025-8758\AFTFfQXL.cpl
Deleted ! M:\Recycler\S-8-7-16-6876424047-2823876534-814630025-8758
Deleted ! H:\Copy of Shortcut to (1).lnk
Deleted ! H:\Copy of Shortcut to (2).lnk
Deleted ! H:\Copy of Shortcut to (3).lnk
Deleted ! H:\Copy of Shortcut to (4).lnk
Deleted ! I:\Copy of Shortcut to (1).lnk
Deleted ! I:\Copy of Shortcut to (2).lnk
Deleted ! I:\Copy of Shortcut to (3).lnk
Deleted ! I:\Copy of Shortcut to (4).lnk
Not deleted ! J:\Autorun.inf
Deleted ! M:\autorun.inf
Deleted ! M:\Copy of Shortcut to (1).lnk
Deleted ! M:\Copy of Shortcut to (2).lnk
Deleted ! M:\Copy of Shortcut to (3).lnk
Deleted ! M:\Copy of Shortcut to (4).lnk
(!) Temporary files deleted.
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[25/11/2013 - 17:57:16 | D ] C:\$RECYCLE.BIN
[25/11/2013 - 16:56:50 | N | 0] C:\AUTOEXEC.BAT
[14/01/2014 - 20:16:40 | RASHD ] C:\Autorun.inf
[25/11/2013 - 17:45:59 | D ] C:\Boot
[25/11/2013 - 16:45:30 | N | 211] C:\Boot.BAK
[25/11/2013 - 17:45:59 | N | 355] C:\Boot.ini.saved
[25/10/2001 - 15:00:00 | N | 4952] C:\Bootfont.bin
[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
[25/11/2013 - 17:46:00 | N | 8192] C:\BOOTSECT.BAK
[25/11/2013 - 16:56:50 | N | 0] C:\CONFIG.SYS
[25/11/2013 - 17:55:23 | N | 203464] C:\grldr
[04/10/2013 - 17:41:07 | N | 171136] C:\grldr.bak
[25/11/2013 - 16:56:50 | N | 0] C:\IO.SYS
[25/11/2013 - 16:56:50 | N | 0] C:\MSDOS.SYS
[13/04/2008 - 21:13:04 | N | 47564] C:\NTDETECT.COM
[13/04/2008 - 23:01:48 | N | 250576] C:\ntldr
[25/11/2013 - 17:00:55 | SHD ] C:\System Volume Information
[25/11/2013 - 17:55:25 | N | 12] C:\win7.ld
[14/01/2014 - 18:33:53 | SHD ] E:\$RECYCLE.BIN
[10/06/2009 - 22:42:20 | N | 24] E:\autoexec.bat
[14/01/2014 - 20:16:40 | RASHD ] E:\Autorun.inf
[14/01/2014 - 18:56:33 | N | 3280] E:\bootsqm.dat
[14/01/2014 - 18:34:34 | N | 5953] E:\ComboFix.txt
[10/06/2009 - 22:42:20 | N | 10] E:\config.sys
[14/01/2014 - 18:22:08 | D ] E:\dc
[14/07/2009 - 05:53:55 | SHD ] E:\Documents and Settings
[14/01/2014 - 20:22:15 | ASH | 2388463616] E:\hiberfil.sys
[25/11/2013 - 18:04:48 | D ] E:\ICQ
[25/11/2013 - 18:03:32 | RD ] E:\MSOCache
[14/01/2014 - 20:22:16 | ASH | 3184619520] E:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] E:\PerfLogs
[14/01/2014 - 18:23:27 | D ] E:\Program Files
[14/01/2014 - 16:48:41 | D ] E:\ProgramData
[14/01/2014 - 18:34:37 | D ] E:\Qoobox
[25/11/2013 - 17:55:14 | D ] E:\Recovery
[14/01/2014 - 18:10:47 | SHD ] E:\System Volume Information
[06/01/2014 - 16:44:36 | D ] E:\tapeta
[14/01/2014 - 20:25:20 | D ] E:\UsbFix
[14/01/2014 - 20:16:57 | N | 12581] E:\UsbFix [Clean 1] DOIT-PC.txt
[14/01/2014 - 20:25:40 | A | 8413] E:\UsbFix [Clean 2] DOIT-PC.txt
[25/11/2013 - 17:56:47 | D ] E:\Users
[14/01/2014 - 18:34:36 | D ] E:\Windows
[25/11/2013 - 17:57:16 | D ] F:\$RECYCLE.BIN
[14/01/2014 - 20:16:40 | RASHD ] F:\Autorun.inf
[28/10/2009 - 12:22:27 | D ] F:\dc
[09/06/2013 - 21:34:55 | D ] F:\moje
[25/11/2013 - 16:48:54 | SHD ] F:\System Volume Information
[29/06/2013 - 11:50:06 | D ] H:\Spongebob
[31/10/2013 - 18:10:10 | D ] H:\S05
[31/10/2013 - 18:12:38 | D ] H:\S06
[31/10/2013 - 18:01:46 | D ] H:\S01
[31/10/2013 - 18:03:22 | D ] H:\S02
[31/10/2013 - 18:05:20 | D ] H:\S03
[31/10/2013 - 18:07:22 | D ] H:\S04
[14/01/2014 - 20:16:42 | D ] H:\Autorun.inf
[14/01/2014 - 20:22:24 | D ] H:\RECYCLER
[06/01/2014 - 16:57:18 | D ] I:\Okresni prebor
[06/08/2010 - 09:01:56 | N | 366358528] I:\S06E12 Everybody Loves Hugo.avi
[29/08/2010 - 13:01:38 | N | 40202] I:\S06E12 Everybody Loves Hugo.srt
[12/01/2014 - 14:52:42 | N | 367411578] I:\Lost.S06E11.Happily-Ever-After.HDTV.XviD-NoTV.avi
[12/01/2014 - 15:05:32 | N | 39630] I:\Lost-s06e11---Happily-Ever-After.srt
[14/01/2014 - 20:16:42 | D ] I:\Autorun.inf
[14/01/2014 - 20:22:26 | D ] I:\RECYCLER
[19/10/2010 - 10:49:04 | R | 58] J:\Autorun.inf
[28/11/2012 - 21:37:40 | D ] J:\document
[28/11/2012 - 21:37:17 | D ] J:\drivers
[19/10/2010 - 10:49:04 | R | 4286] J:\Mobile Partner.ico
[14/01/2014 - 20:25:12 | D ] M:\RECYCLER
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
M:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net |
Chtěl jsem Vás poprosit o pomoc.
Předem děkuji.
mám podobný problém. Na všech flaškách a SD kartě se mi objevila složka RECYCLER (která nejde smazat) a 4 odkazy:
Copy of Shortcut to (1)
Copy of Shortcut to (2)
Copy of Shortcut to (3)
Copy of Shortcut to (4)
Zkoušel jsem pomocí Usb fixu udělat diagnostiku:
############################## | UsbFix V 7.134 | [Deletion]
User: Do iT (Administrator) # DOIT-PC
Updated 06/09/2013 by El Desaparecido
Started at 20:23:55 | 14/01/2014
Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net
PC: ASUSTeK Computer Inc. (K50IJ ) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz (2001)
RAM -> [Total : 3037 | Free : 2214]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Ultimate (6.1.7600 32-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall Service [Enabled]
C:\ -> Fixed drive # 100 Mb (65 Mb free - 65%) [System Reserved] # NTFS
D:\ -> CD-ROM
E:\ (%systemdrive%) -> Fixed drive # 237 Gb (210 Mb free - 89%) [] # NTFS
F:\ -> Fixed drive # 229 Gb (6 Mb free - 3%) [Nový svazek] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 15 Gb (4 Mb free - 27%) [Kingston] # FAT32
I:\ -> Removable drive # 30 Gb (25 Mb free - 86%) [ADATA UFD] # FAT32
J:\ -> CD-ROM
M:\ -> Removable drive # 4 Gb (4 Mb free - 98%) [] # NTFS
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [VirtualCloneDrive] - "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\SOFTWARE | Run : [GrooveMonitor] - "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [QIP Internet Guardian] - E:\Users\Do iT\AppData\Roaming\QipGuard\QipGuard.exe /p
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - E:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [Skype] - "E:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-610502017-2096169772-619058726-1000\SOFTWARE | Run : [Infium] - "E:\Program Files\QIP 2012\qip.exe" /autorun
################## | Stopped processes |
Stopped! E:\Windows\System32\spoolsv.exe (1452)
Stopped! E:\Windows\Explorer.EXE (1492)
Stopped! E:\Windows\system32\taskhost.exe (1608)
Stopped! E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1708)
Stopped! E:\Windows\system32\HPSIsvc.exe (1752)
Stopped! E:\Program Files\Skype\Updater\Updater.exe (1888)
Stopped! E:\Windows\system32\taskeng.exe (2020)
Stopped! E:\Program Files\Google\Update\GoogleUpdate.exe (448)
Stopped! E:\Windows\system32\WUDFHost.exe (2108)
Stopped! E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (2316)
Stopped! E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (2328)
Stopped! E:\Users\Do iT\AppData\Roaming\QipGuard\QipGuard.exe (2352)
Stopped! E:\Windows\System32\StikyNot.exe (2360)
Stopped! E:\Program Files\Skype\Phone\Skype.exe (2400)
Stopped! E:\Program Files\QIP 2012\qip.exe (2424)
Stopped! E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (2456)
Stopped! E:\Program Files\Internet Explorer\iexplore.exe (2520)
Stopped! E:\Program Files\Internet Explorer\iexplore.exe (2540)
Stopped! E:\Windows\system32\SearchIndexer.exe (3008)
Stopped! E:\Program Files\Windows Media Player\wmpnetwk.exe (3788)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\nyAmMkah.exe (3892)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (3352)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (4040)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\JZJEwHbO.exe (4060)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_Multiple&Prod_Card__Reader&Rev_1.00#058F63666433&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-3-3-48-2818058043-4273111735-006450761-8482\VbIsoWGu.exe (916)
Stopped! \\.\STORAGE#Volume#_??_USBSTOR#Disk&Ven_FLASH&Prod_Drive_SM_USB20&Rev_1100#AA04012700017955&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\RECYCLER\S-8-7-16-6876424047-2823876534-814630025-8758\GbsMEVDO.exe (1016)
################## | Files # Infected Folders |
Deleted ! H:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\kkohNXnN.cpl
Deleted ! H:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! I:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\exoOCbKV.cpl
Deleted ! I:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! M:\Recycler\S-0-3-16-5231073347-1448215155-156132803-8810\AFaSDAKK.cpl
Deleted ! M:\Recycler\S-0-3-16-5231073347-1448215155-156132803-8810
Deleted ! M:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482\BvpAeJhq.cpl
Deleted ! M:\Recycler\S-3-3-48-2818058043-4273111735-006450761-8482
Deleted ! M:\Recycler\S-8-7-16-6876424047-2823876534-814630025-8758\AFTFfQXL.cpl
Deleted ! M:\Recycler\S-8-7-16-6876424047-2823876534-814630025-8758
Deleted ! H:\Copy of Shortcut to (1).lnk
Deleted ! H:\Copy of Shortcut to (2).lnk
Deleted ! H:\Copy of Shortcut to (3).lnk
Deleted ! H:\Copy of Shortcut to (4).lnk
Deleted ! I:\Copy of Shortcut to (1).lnk
Deleted ! I:\Copy of Shortcut to (2).lnk
Deleted ! I:\Copy of Shortcut to (3).lnk
Deleted ! I:\Copy of Shortcut to (4).lnk
Not deleted ! J:\Autorun.inf
Deleted ! M:\autorun.inf
Deleted ! M:\Copy of Shortcut to (1).lnk
Deleted ! M:\Copy of Shortcut to (2).lnk
Deleted ! M:\Copy of Shortcut to (3).lnk
Deleted ! M:\Copy of Shortcut to (4).lnk
(!) Temporary files deleted.
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[25/11/2013 - 17:57:16 | D ] C:\$RECYCLE.BIN
[25/11/2013 - 16:56:50 | N | 0] C:\AUTOEXEC.BAT
[14/01/2014 - 20:16:40 | RASHD ] C:\Autorun.inf
[25/11/2013 - 17:45:59 | D ] C:\Boot
[25/11/2013 - 16:45:30 | N | 211] C:\Boot.BAK
[25/11/2013 - 17:45:59 | N | 355] C:\Boot.ini.saved
[25/10/2001 - 15:00:00 | N | 4952] C:\Bootfont.bin
[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
[25/11/2013 - 17:46:00 | N | 8192] C:\BOOTSECT.BAK
[25/11/2013 - 16:56:50 | N | 0] C:\CONFIG.SYS
[25/11/2013 - 17:55:23 | N | 203464] C:\grldr
[04/10/2013 - 17:41:07 | N | 171136] C:\grldr.bak
[25/11/2013 - 16:56:50 | N | 0] C:\IO.SYS
[25/11/2013 - 16:56:50 | N | 0] C:\MSDOS.SYS
[13/04/2008 - 21:13:04 | N | 47564] C:\NTDETECT.COM
[13/04/2008 - 23:01:48 | N | 250576] C:\ntldr
[25/11/2013 - 17:00:55 | SHD ] C:\System Volume Information
[25/11/2013 - 17:55:25 | N | 12] C:\win7.ld
[14/01/2014 - 18:33:53 | SHD ] E:\$RECYCLE.BIN
[10/06/2009 - 22:42:20 | N | 24] E:\autoexec.bat
[14/01/2014 - 20:16:40 | RASHD ] E:\Autorun.inf
[14/01/2014 - 18:56:33 | N | 3280] E:\bootsqm.dat
[14/01/2014 - 18:34:34 | N | 5953] E:\ComboFix.txt
[10/06/2009 - 22:42:20 | N | 10] E:\config.sys
[14/01/2014 - 18:22:08 | D ] E:\dc
[14/07/2009 - 05:53:55 | SHD ] E:\Documents and Settings
[14/01/2014 - 20:22:15 | ASH | 2388463616] E:\hiberfil.sys
[25/11/2013 - 18:04:48 | D ] E:\ICQ
[25/11/2013 - 18:03:32 | RD ] E:\MSOCache
[14/01/2014 - 20:22:16 | ASH | 3184619520] E:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] E:\PerfLogs
[14/01/2014 - 18:23:27 | D ] E:\Program Files
[14/01/2014 - 16:48:41 | D ] E:\ProgramData
[14/01/2014 - 18:34:37 | D ] E:\Qoobox
[25/11/2013 - 17:55:14 | D ] E:\Recovery
[14/01/2014 - 18:10:47 | SHD ] E:\System Volume Information
[06/01/2014 - 16:44:36 | D ] E:\tapeta
[14/01/2014 - 20:25:20 | D ] E:\UsbFix
[14/01/2014 - 20:16:57 | N | 12581] E:\UsbFix [Clean 1] DOIT-PC.txt
[14/01/2014 - 20:25:40 | A | 8413] E:\UsbFix [Clean 2] DOIT-PC.txt
[25/11/2013 - 17:56:47 | D ] E:\Users
[14/01/2014 - 18:34:36 | D ] E:\Windows
[25/11/2013 - 17:57:16 | D ] F:\$RECYCLE.BIN
[14/01/2014 - 20:16:40 | RASHD ] F:\Autorun.inf
[28/10/2009 - 12:22:27 | D ] F:\dc
[09/06/2013 - 21:34:55 | D ] F:\moje
[25/11/2013 - 16:48:54 | SHD ] F:\System Volume Information
[29/06/2013 - 11:50:06 | D ] H:\Spongebob
[31/10/2013 - 18:10:10 | D ] H:\S05
[31/10/2013 - 18:12:38 | D ] H:\S06
[31/10/2013 - 18:01:46 | D ] H:\S01
[31/10/2013 - 18:03:22 | D ] H:\S02
[31/10/2013 - 18:05:20 | D ] H:\S03
[31/10/2013 - 18:07:22 | D ] H:\S04
[14/01/2014 - 20:16:42 | D ] H:\Autorun.inf
[14/01/2014 - 20:22:24 | D ] H:\RECYCLER
[06/01/2014 - 16:57:18 | D ] I:\Okresni prebor
[06/08/2010 - 09:01:56 | N | 366358528] I:\S06E12 Everybody Loves Hugo.avi
[29/08/2010 - 13:01:38 | N | 40202] I:\S06E12 Everybody Loves Hugo.srt
[12/01/2014 - 14:52:42 | N | 367411578] I:\Lost.S06E11.Happily-Ever-After.HDTV.XviD-NoTV.avi
[12/01/2014 - 15:05:32 | N | 39630] I:\Lost-s06e11---Happily-Ever-After.srt
[14/01/2014 - 20:16:42 | D ] I:\Autorun.inf
[14/01/2014 - 20:22:26 | D ] I:\RECYCLER
[19/10/2010 - 10:49:04 | R | 58] J:\Autorun.inf
[28/11/2012 - 21:37:40 | D ] J:\document
[28/11/2012 - 21:37:17 | D ] J:\drivers
[19/10/2010 - 10:49:04 | R | 4286] J:\Mobile Partner.ico
[14/01/2014 - 20:25:12 | D ] M:\RECYCLER
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
M:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net |
Chtěl jsem Vás poprosit o pomoc.
Předem děkuji.
Prispevek jsem Vam oddelil do samostatneho tematu, do cizich se nevstupuje
