Elektroda.pl
Elektroda.pl
X

Wyszukiwarki naszych partnerów

Wyszukaj w ofercie 200 tys. produktów TME
Europejski lider sprzedaży techniki i elektroniki.
Proszę, dodaj wyjątek elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Pendrive tworzy link sam do siebie

Martinezzz123 15 Paź 2015 14:26 510 4
  • #1 15 Paź 2015 14:26
    Martinezzz123
    Poziom 10  

    Witam.
    Mam Pendriva 64GB. Markowy. Działał parę lat.
    Od jakiegoś czasu po zgraniu na niego czegokolwiek Pendrive tworzy coś w rodzaju linka w swoim głównym katalogu.
    Normalny eksplorator windows nie widzi wtedy nic więcej.
    Spod Total Commandera można dostać się głębiej i tam dopiero są pliki.... oraz jakiś dziwny plik o długiej nazwie (na zdjęciach widać).

    Pendrive tworzy link sam do siebie Pendrive tworzy link sam do siebie

    Formatowałem pendriva i sposobem szybkim i normalnym - i nic.
    Pomóżcie co z tym zrobić.

    ps. antywirus nic nie wykrywa

  • Pomocny post
    #2 15 Paź 2015 14:32
    Kolobos
    Spec od komputerów

    Zly dzial, masz zainfekowany system.

    Uzyj USBFix, opcja Clean i daj log z opcji Listing.

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Daj w zalaczniku logi z FRST (Frst.txt oraz Addition.txt):
    http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

  • #3 15 Paź 2015 17:43
    Martinezzz123
    Poziom 10  

    Oto listinng.

    Spoiler:
    ############################## | UsbFix V 8.130 |

    User: Marcin (Administrator) # MARCIN-PC
    Updated 14/10/2015 by SosVirus
    Started at 17:23:14 | 15/10/2015

    Website : http://www.en.usbfix.net/
    Tutorial : http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/
    Support : http://www.sos-virus.net/
    Live detection : http://how-to-remove.us/
    Contact : http://www.en.usbfix.net/contact/

    ################## | System information |

    MB: ASUSTeK Computer INC. (P7P55 WS SUPERCOMPUTER)
    CPU: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
    GC: NVIDIA GeForce GTX 560
    GC: NVIDIA GeForce GTX 560
    RAM -> [Total : 8190 Mo | Free : 4095 Mo]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft� Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
    WB: Mozilla Firefox : 36.0.1

    ################## | Security Information |

    FW: Windows Firewall [Enabled]
    SC: Security Center [(!) Disabled]
    WU: Windows Update [Enabled]

    ################## | Disk Information |

    C:\ (%SystemDrive%) -> Fixed disk # 115 Gb (16 Gb free - 14%) [System] # NTFS
    D:\ -> Fixed disk # 56 Gb (2 Gb free - 3%) [Foto] # NTFS
    E:\ -> Fixed disk # 584 Gb (71 Gb free - 12%) [Gry] # NTFS
    F:\ -> Fixed disk # 1863 Gb (486 Gb free - 26%) [Multimedia] # NTFS
    G:\ -> Fixed disk # 466 Gb (276 Gb free - 59%) [Instalki] # NTFS
    H:\ -> Fixed disk # 466 Gb (158 Gb free - 34%) [Gry Download] # NTFS
    J:\ -> CD-ROM # 10 Gb (0 Mb free - 0%) [One Piece Pirate Warriors 3] # UDF
    K:\ -> CD-ROM # 5 Gb (0 Mb free - 0%) [NOBUNAGA'S AMBITION: Sphere of I] # UDF
    O:\ -> Removable disk # 62 Gb (62 Gb free - 100%) [Muza64] # exFAT
    P:\ -> Removable disk # 7 Gb (11 Mb free - 0%) [AUDIOBOOKI] # FAT32

    ################## | C:\ %SystemDrive% - Fixed drive (NTFS) |

    [02/03/2015 - 20:00:12 | A | 0 Ko] - C:\Rescued document.txt
    [02/03/2015 - 20:00:12 | A | 1 Ko] - C:\Rescued document 1.txt
    [25/04/2015 - 23:32:33 | A | 17 Ko] - C:\Rescued document 2.txt
    [21/12/2010 - 21:15:57 | RASH | 0 Ko] - C:\MSDOS.SYS
    [21/12/2010 - 21:15:57 | A | 0 Ko] - C:\CONFIG.SYS




    [21/12/2010 - 21:15:57 | RASH | 0 Ko] - C:\IO.SYS
    [09/10/2015 - 11:55:20 | ASH | 8386552 Ko] - C:\pagefile.sys
    [22/12/2010 - 08:00:40 | N | 0 Ko] - C:\Boot.ini.saved
    [03/06/2012 - 21:02:56 | D] - C:\Windows.old
    [15/10/2015 - 14:10:54 | D] - C:\Config.Msi
    [02/06/2012 - 14:24:01 | N | 0 Ko] - C:\win7.ld
    [15/10/2015 - 17:13:25 | RASHD] - C:\Autorun.inf
    [22/09/2005 - 21:09:38 | A | 874 Ko] - C:\msdia80.dll
    [09/01/2011 - 02:43:59 | A | 43 Ko] - C:\sound32.dll
    [30/11/2014 - 01:20:38 | N | 3 Ko] - C:\bootsqm.dat
    [18/02/2007 - 14:00:00 | N | 47 Ko] - C:\NTDETECT.COM
    [02/06/2012 - 14:29:24 | SHD] - C:\$Recycle.Bin
    [21/12/2010 - 21:15:57 | A | 0 Ko] - C:\AUTOEXEC.BAT
    [18/02/2007 - 14:00:00 | RASH | 290 Ko] - C:\ntldr
    [14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
    [20/11/2010 - 14:40:07 | RASH | 375 Ko] - C:\bootmgr
    [22/12/2010 - 09:24:57 | D] - C:\UZYTKI
    [23/12/2010 - 09:30:25 | D] - C:\VritualRoot
    [02/06/2012 - 14:24:01 | N | 167 Ko] - C:\grldr
    [09/12/2013 - 16:14:55 | SHD] - C:\System Volume Information
    [09/12/2013 - 16:39:14 | D] - C:\DOS
    [09/12/2013 - 16:39:15 | SHD] - C:\Boot
    [09/12/2013 - 16:39:22 | D] - C:\1dn
    [18/01/2014 - 20:21:37 | RD] - C:\Users
    [12/09/2015 - 19:08:33 | D] - C:\Temp
    [21/09/2015 - 09:34:40 | D] - C:\uzytki 95
    [24/09/2015 - 13:52:28 | D] - C:\VTRoot
    [26/09/2015 - 02:02:38 | D] - C:\1 Moje
    [26/09/2015 - 02:02:38 | D] - C:\1a Ksiazki
    [07/10/2015 - 14:22:18 | RD] - C:\Program Files
    [11/10/2015 - 18:39:30 | D] - C:\Windows
    [15/10/2015 - 00:25:50 | RD] - C:\Program Files (x86)
    [15/10/2015 - 15:44:36 | HD] - C:\ProgramData
    [15/10/2015 - 17:22:14 | D] - C:\UsbFix

    ################## | O:\ - Removable drive (exFAT) |

    [15/10/2015 - 14:19:32 | N | 0 Ko] - O:\desktop.ini
    [15/10/2015 - 17:13:25 | RASHD] - O:\Autorun.inf
    [24/02/2014 - 18:35:32 | N | 124 Ko] - O:\to do tabelka.doc
    [03/10/2015 - 00:48:08 | D] - O:\�
    [15/10/2015 - 14:19:32 | N | 559 Ko] - O:\IndexerVolumeGuid[/code]

    Dodano po 17 [minuty]:

    A to AdwCleaner:

    [code]# AdwCleaner v5.013 - Logfile created 15/10/2015 at 17:36:04
    # Updated 09/10/2015 by Xplode
    # Database : 2015-10-04.3 [Local]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : Marcin - MARCIN-PC
    # Running from : G:\4instalki 5internet\2 Antyvirusy\Antyvirusy do USB\adwcleaner_5.013.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****

    [-] Service Deleted : LiveUpdateWPP Manager

    ***** [ Folders ] *****

    [-] Folder Deleted : C:\Program Files (x86)\WebProtector
    [-] Folder Deleted : C:\Program Files (x86)\LiveUpdateWPP
    [-] Folder Deleted : C:\Program Files (x86)\WebProtectorPlus
    [-] Folder Deleted : C:\Program Files (x86)\ReactorKeeper
    [-] Folder Deleted : C:\ProgramData\Ask
    [-] Folder Deleted : C:\ProgramData\15370262231853938572
    [-] Folder Deleted : C:\ProgramData\{96ad95bf-091d-1089-96ad-d95bf09156fc}
    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus
    [-] Folder Deleted : C:\Users\Marcin\AppData\Local\Mail.Ru
    [-] Folder Deleted : C:\Users\Marcin\AppData\Roaming\WebExtend

    ***** [ Files ] *****

    [-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\7e171a71-11dc-b1d3-132f-505c78e64d01
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{a4e17035}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D}
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}]
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}]
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
    [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKCU\Software\Softonic
    [-] Key Deleted : HKCU\Software\PRODUCTSETUP
    [-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    [-] Key Deleted : HKLM\SOFTWARE\WebProtector
    [-] Key Deleted : HKLM\SOFTWARE\LiveUpdateWPP
    [-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector
    [!] Key Not Deleted : [x64] HKCU\Software\Softonic
    [!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
    [-] Key Deleted : [x64] HKLM\SOFTWARE\systweak
    [-] Key Deleted : [x64] HKLM\SOFTWARE\WebProtectorPlus
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtectorPlus
    [!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [!] Key Not Deleted : HKU\S-1-5-21-2526676920-1630542573-3289477811-1005\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

    ***** [ Web browsers ] *****


    *************************

    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5543 bytes] ##########

  • #4 15 Paź 2015 18:39
    Kolobos
    Spec od komputerów

    Log z adwc jest zbedny. Wymagane sa za to logi z FRST, ktorych nie dales.

  • #5 06 Lis 2015 14:49
    Martinezzz123
    Poziom 10  

    @Kolobos - sory że dopiero teraz, ale w nawale pracy zapomniałem ci podziękować.
    Uruchomienie USBFix, opcja Clean i AdwCleaner, opcja Scan i Clean pomogło.
    A już myślałem, że będę stawiał system od zera.
    Dzięki.

 Szukaj w ofercie
Zamknij 
Wyszukaj w ofercie 200 tys. produktów TME