Witam serdecznie! Widziałem już podobnych tematów multum, ale zupełnie nie umiałem rozwiązania przypiąć do mojego komputera. Problem jest taki - jak włączam pendrive albo telefon przez USB, to pokazuje mi się najpierw skrót "Removable Disk", a dane z dysku dopiero po otworzeniu tego skrótu. Pół biedy z pendrive'ami, bo da się dostać do tych plików. Najgorszy problem jest z kartą pamięci - telefon (Nokia XpressMusic, ten taki "krzywy") nie radzi sobie z włączeniem tego skrótu, więc nie mam dostępu do dzwonków, tapet itd. Poza tym przy wsadzeniu pendrive do portu USB pokazuje się komunikat Microsoft Security Essentials, że znaleziono nierozpoznane elementy. Czytałem, żeby zrobić skan USBFixem, więc załączam. H to karta pamięci, pozostałe dwa to pendrive.
############################## | UsbFix V 7.129 | [Research]
User: Arek (Administrator) # AREK-KOMPUTER
Updated 24/06/2013 by El Desaparecido
Started at 21:40:27 | 04/07/2013
Website: http://sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net
PC: SAMSUNG ELECTRONICS CO., LTD. (R580/R590 ) (x64-based PC)
CPU: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz (2667)
RAM - & gt; [Total : 3957 | Free : 1832]
BIOS: Phoenix SecureCore(tm) NB Version 11JB.M044.20100622.hkk
BOOT: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16618
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) - & gt; Fixed drive # 102 Gb (39 Mb free - 39%) [] # NTFS
D:\ - & gt; Fixed drive # 474 Gb (282 Mb free - 59%) [] # NTFS
E:\ - & gt; CD-ROM
F:\ - & gt; CD-ROM
G:\ - & gt; Removable drive # 980 Mb (972 Mb free - 99%) [] # FAT32
H:\ - & gt; Removable drive # 470 Mb (71 Mb free - 15%) [] # FAT
I:\ - & gt; Removable drive # 4 Gb (4 Mb free - 100%) [] # FAT32
Z:\ - & gt; CD-ROM
################## | Active Processes |
C:\windows\system32\csrss.exe (488)
C:\windows\system32\wininit.exe (552)
C:\windows\system32\csrss.exe (580)
C:\windows\system32\services.exe (624)
C:\windows\system32\lsass.exe (640)
C:\windows\system32\lsm.exe (648)
C:\windows\system32\svchost.exe (756)
C:\windows\system32\nvvsvc.exe (836)
C:\windows\system32\winlogon.exe (864)
C:\windows\system32\svchost.exe (904)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (968)
C:\windows\System32\svchost.exe (496)
C:\windows\System32\svchost.exe (612)
C:\windows\system32\svchost.exe (644)
C:\windows\system32\svchost.exe (1032)
C:\windows\system32\nvvsvc.exe (1196)
C:\windows\system32\svchost.exe (1212)
C:\windows\system32\WLANExt.exe (1568)
C:\windows\system32\conhost.exe (1576)
C:\windows\system32\Dwm.exe (1672)
C:\windows\system32\taskeng.exe (1692)
C:\windows\System32\spoolsv.exe (1724)
C:\windows\system32\svchost.exe (1788)
C:\windows\Explorer.EXE (1836)
C:\windows\system32\taskhost.exe (1964)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2000)
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1236)
C:\windows\system32\svchost.exe (1332)
C:\windows\system32\dmwu.exe (1468)
C:\windows\system32\taskeng.exe (1652)
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (2056)
C:\ProgramData\OptimizerPro1\OptimizerPro1.exe (2064)
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (2084)
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2168)
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (2252)
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (2440)
C:\windows\SysWOW64\Rezip.exe (2480)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (2512)
C:\windows\system32\svchost.exe (2608)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2784)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2792)
C:\Program Files\Microsoft Security Client\msseces.exe (2816)
C:\Program Files (x86)\BitTorrent\BitTorrent.exe (2828)
C:\Program Files\Microsoft Security Client\NisSrv.exe (2264)
C:\windows\system32\svchost.exe (1544)
C:\Windows\SysWOW64\jmdp\stij.exe (3200)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3588)
C:\windows\system32\SearchIndexer.exe (3740)
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (3796)
C:\windows\syswow64\svchost.exe (3840)
C:\Program Files (x86)\Winamp\winampa.exe (3916)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3936)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3668)
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (3812)
C:\windows\System32\svchost.exe (4072)
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (4724)
C:\windows\SysWOW64\RunDll32.exe (4984)
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (4144)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3160)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (3892)
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (2692)
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (2888)
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (5060)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (4016)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (1636)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (3528)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (4396)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (2496)
C:\Users\Arek\AppData\Local\Google\Chrome\Application\chrome.exe (4540)
C:\windows\System32\WUDFHost.exe (5080)
C:\windows\system32\wbem\wmiprvse.exe (4376)
C:\windows\system32\wbem\wmiprvse.exe (5892)
C:\windows\System32\svchost.exe (4792)
C:\UsbFix\Go.exe (5316)
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [WinampAgent] - " C:\Program Files (x86)\Winamp\winampa.exe "
HKLM\SOFTWARE | Run : [Adobe ARM] - " C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - " C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
HKLM\SOFTWARE\wow6432Node | Run : [WinampAgent] - " C:\Program Files (x86)\Winamp\winampa.exe "
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - " C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - " C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-885473801-1135821649-2530607942-1001\SOFTWARE | Run : [BitTorrent] - " C:\Program Files (x86)\BitTorrent\BitTorrent.exe " /MINIMIZED
HKU\S-1-5-21-885473801-1135821649-2530607942-1001\SOFTWARE | Run : [Google Update] - " C:\Users\Arek\AppData\Local\Google\Update\GoogleUpdate.exe " /c
HKU\S-1-5-21-885473801-1135821649-2530607942-1001\SOFTWARE | Run : [DAEMON Tools Lite] - " C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe " -autorun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
################## | Files # Infected Folders |
Found ! G:\Removable Disk (1GB).lnk
Found ! H:\Removable Disk (1GB).lnk
Found ! I:\Removable Disk (4GB).lnk
Found ! F:\autorun.exe
Found ! F:\Autorun.inf
Found ! G:\autorun.inf
Found ! G:\desktop.ini
Found ! G:\Thumbs.db
Found ! H:\autorun.inf
Found ! H:\desktop.ini
Found ! H:\Thumbs.db
Found ! I:\autorun.inf
Found ! I:\desktop.ini
Found ! I:\Thumbs.db
################## | Registry |
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{602b4cd4-6c6f-11e2-b45c-e839df580801}
Shell\AutoRun\Command = F:\autorun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{f8ba2579-e0a5-11e1-ae01-e839df580801}
Shell\AutoRun\Command = Z:\autorun.exe
################## | Vaccin |
(!) This computer is not vaccinated!
################## | E.O.F | http://sosvirus.net |