UsbFix.txt

Wirus ukrywający pliki na pendrive - USBFix działa tylko do restartu, co robić?

Witam, z problemem połowicznie radzi sobie UBSFix, tzn do momentu restartu nie ukrywa plików na pendrivie, ale po restarcie znów od nowa zabawa się zaczyna - trzeba użyć USBFix i do ponownego restartu znów jest ok. Logi:

[b]############################## | UsbFix V 7.971 | [Clean][/b]

User: KSEMAR (Administrator) # KSEROWIN7
Updated 30/06/2015 by El Desaparecido - SosVirus
Started at 11:46:07 | 30/06/2015

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/changelog/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: MSI (A68HM-P33 (MS-7721))
CPU: AMD A4-6300 APU with Radeon(tm) HD Graphics
RAM - & gt; [Total : 3271 Mo | Free : 2028 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Google Chrome : 43.0.2357.130
WB: Mozilla Firefox : 38.0.5

[b]################## | Security Information |[/b]

AV: ESET Endpoint Security 6.1.2227.3 [Enabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: ESET Endpoint Security 6.1.2227.3 [Enabled |Updated]
FW: Zapora osobista ESET [Enabled]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ - & gt; Fixed disk # 293 Gb (239 Gb free - 82%) [] # NTFS
D:\ - & gt; Fixed disk # 293 Gb (293 Gb free - 100%) [] # NTFS
E:\ - & gt; Fixed disk # 346 Gb (345 Gb free - 100%) [] # NTFS
G:\ - & gt; Removable disk # 1004 Mb (974 Mb free - 97%) [] # FAT

[b]################## | Generic Research |[/b]

Deleted! G:\Removable Drive (1GB).lnk
Deleted! G:\ \v1zy5aej.sx12.knrpspj.9fk.ddglnqp.ssu.9dbylfe.bhf
Restored! [D] G:\ 
Restored! G:\ \ke27.nld.zz01qvl.vodif3x.zqvh.xxdiq.nhpda102.xxmhk9xs - & gt; G:\ke27.nld.zz01qvl.vodif3x.zqvh.xxdiq.nhpda102.xxmhk9xs
Restored! G:\ \~WRL0003.tmp - & gt; G:\~WRL0003.tmp
Restored! G:\ \Lady Macbeth.docx - & gt; G:\Lady Macbeth.docx
Restored! G:\ \ZALICZENIE-Z-INFORMATYKI.doc - & gt; G:\ZALICZENIE-Z-INFORMATYKI.doc
Restored! G:\ \Praca dyplomowa (lustrzane).doc - & gt; G:\Praca dyplomowa (lustrzane).doc
Restored! G:\ \Praca dyplomowa.doc - & gt; G:\Praca dyplomowa.doc
Restored! G:\ \desktop.ini - & gt; G:\desktop.ini
Restored! G:\ \IndexerVolumeGuid - & gt; G:\IndexerVolumeGuid

(!) Temporary files deleted. (21.6162519454956 MB)

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [StartCCC] " C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe " MSRun
04 - [x64] HKLM\..\Run : [RTHDVCPL] " C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe " -s
04 - HKU\S-1-5-21-2350049852-3801601513-849233071-1000\..\Run : [GG] " C:\Users\KSERO\AppData\Local\GG\Application\gghub.exe "

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]

[b]################## | C:\ - Fixed drive (NTFS) |[/b]

[30/06/2015 - 10:32:21 | A | 186 Ko] - C:\TDSSKiller.3.0.0.44_30.06.2015_10.31.09_log.txt
[30/06/2015 - 11:33:37 | ASH | 2511948 Ko] - C:\hiberfil.sys
[30/06/2015 - 11:33:39 | ASH | 3349268 Ko] - C:\pagefile.sys
[30/06/2015 - 10:49:45 | SHD] - C:\$RECYCLE.BIN
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[14/05/2015 - 10:24:59 | D] - C:\MSI
[15/05/2015 - 12:53:19 | RD] - C:\Program Files
[05/06/2015 - 15:39:03 | RD] - C:\Program Files (x86)
[30/06/2015 - 10:29:57 | D] - C:\AdwCleaner
[30/06/2015 - 11:15:55 | RD] - C:\Users
[30/06/2015 - 11:18:06 | D] - C:\Windows
[30/06/2015 - 11:26:42 | D] - C:\temp
[30/06/2015 - 11:28:12 | D] - C:\ProgramData
[30/06/2015 - 11:36:48 | D] - C:\FRST
[30/06/2015 - 11:45:42 | D] - C:\UsbFix

[b]################## | D:\ - Fixed drive (NTFS) |[/b]

[15/05/2015 - 15:17:21 | D] - D:\$RECYCLE.BIN
[30/06/2015 - 09:29:36 | D] - D:\skaner

[b]################## | E:\ - Fixed drive (NTFS) |[/b]

[15/05/2015 - 15:17:21 | D] - E:\$RECYCLE.BIN

[b]################## | G:\ - Removable drive (FAT) |[/b]

[30/06/2015 - 11:19:36 | D] - G:\ 
[30/06/2015 - 11:19:36 | N | 0 Ko] - G:\ke27.nld.zz01qvl.vodif3x.zqvh.xxdiq.nhpda102.xxmhk9xs
[19/03/2015 - 05:04:56 | N | 49 Ko] - G:\~WRL0003.tmp
[09/06/2015 - 23:13:44 | N | 19 Ko] - G:\Lady Macbeth.docx
[09/06/2015 - 22:27:32 | N | 1388 Ko] - G:\ZALICZENIE-Z-INFORMATYKI.doc
[14/06/2015 - 21:25:00 | N | 1391 Ko] - G:\Praca dyplomowa (lustrzane).doc
[16/06/2015 - 10:19:50 | N | 1370 Ko] - G:\Praca dyplomowa.doc
[30/06/2015 - 11:46:46 | D] - G:\Autorun.inf
[30/06/2015 - 11:34:18 | N | 0 Ko] - G:\desktop.ini
[30/06/2015 - 11:34:20 | N | 398 Ko] - G:\IndexerVolumeGuid
[30/06/2015 - 09:23:40 | D] - G:\ \Autorun.inf
[01/01/1601 - 02:00:00 | A | 0 Ko] - G:\ \Autorun.inf\lpt1.UsbFix

[b]################## | Vaccin |[/b]

C:\Autorun.inf - & gt; Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf - & gt; Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf - & gt; Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf - & gt; Vaccine created by UsbFix (El Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]