Files in external hard disk drive are lost

[Closed]
Report
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015
-
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
-
Hello,

I lost all my files in my external hard disk drive. I had done the command prompt with the command

attrib -h -r -s /s /d g:\*.*

There are a few folders, like FOUND.000 and system volume information, showed up. I tried with the command prompt again but nothing is recovered.

What should I do?

5 replies

Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
Right click on the External hard disk in My computer and select properties, Did your hard disk take space of your data in it? and simply shows no data inside it?
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

yes, it does take up 300++GB (which is the same before everything gone).

I tried command prompt but it said unable to attribute the files
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
Try this 1,

Follow these steps to display hidden files and folders.

Open Folder Options by clicking the Start button Picture of the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, and then click OK.
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

I had tried it, and still nothing is recovered.
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
Click on the below link and download the file "AutorunExterminator"

https://ccm.net/download/download-11613-autorun-exterminator

Extract it --> Double-click on "AutorunExterminator" -

This will remove the autorun virus from the drives.

Step 2:

For xp ,go to run and type

cmd and click ok

For vista and 7

Go to start and type

cmd

Now right click on it and select run as administrator

Now run this command


attrib -h -r -s /s /d g:\*.*

where g refers to your external hard drive letter

this should unhide your files

Let me know how it works

Also Run Malwarebytes in your pc.
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

It showed unable to change attribute for all the files. I am scanning with malwarebytes but it took a while.
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
Disconnect the problem USB drive for now.

Next, download UsbFix:
https://www.usb-antivirus.com/fr/produit/usbfix-standard/
Press the green Download free USBFix button
Save to the Desktop.

In the next step, a window requesting the connection of removable drives appears. Please connect the problem USB drive when requested!
Right-click the downloaded USBFix file and select: Run as Administrator
Press: Research
This option scans the connected drives, and reports its infected Files and Folders
When done, the program closes on its own, and a report appears.
(The report file is also found at C:\UsbFix.txt)
Please post the UsbFix.txt (Research) report in your reply.

Once again, run USBFix as Administrator, but, this time, press: Listing
It creates a report of all the Folders and Files found at the root of every hard drive, partition, or removable drive connected.
Also post the UsbFix.txt (Listing) report in your reply.


Note 1: If USBFix does not run in normal Windows, please run in Safe Mode:
Restart your computer.
When the computer starts, tap the F8 key on the keyboard repeatedly until presented with the Advanced Boot Options menu
Using the arrow keys, select: Safe Mode
Press the Enter key on your keyboard to boot into the selected mode.

Note 2: If your AntiVirus program detects USB as malware, either let the AV program allow USBFix to run, or, temporarily disable your AntiVirus program:
Info - https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

When done with USBFix, re-enable your AV!


Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

I am not sure whether these are the one you need

UsbFix (research)
[b]############################## | UsbFix V 8.103 | [Research][/b]

User: sony (Administrator) # SONY-PC
Updated 08/09/2015 by El Desaparecido - SosVirus
Started at 17:36:09 | 10/09/2015

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Tutorial : [url=http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/]http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://ww25.how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Sony Corporation (VAIO)
CPU: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
GC: NVIDIA GeForce 9300M GS
RAM -> [Total : 3068 Mo | Free : 552 Mo]
Bios: INSYDE
Boot: Normal boot

OS: Microsoft? Windows Vista (TM) Home Premium (6.0.6002 32-Bit) Service Pack 2
WB: Internet Explorer : 9.00.8112.16421
WB: Google Chrome : 45.0.2454.85
WB: Mozilla Firefox : 33.1.1

[b]################## | Security Information |[/b]

AV: Microsoft Security Essentials [Enabled |Updated]
AS: Microsoft Security Essentials [Enabled |Updated]
AS: Windows Defender [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
AS: Malwarebytes Anti-Malware : 2.1.6.1022
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 286 Gb (194 Gb free - 68%) [] # NTFS
I:\ -> CD-ROM # 238 Mb (0 Mb free - 0%) [Utility_HD-PXTU2] # CDFS
K:\ -> Fixed disk # 465 Gb (82 Gb free - 18%) [] # FAT32

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
04 - HKCU\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKCU\..\Run : [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
04 - HKCU\..\Run : [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKCU\..\Run : [Google Update] "C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\sony\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [Facebook Update] "C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
04 - HKLM\..\Run : [BuffaloTools] C:\Program Files\BUFFALO\BuffaloTools\BuffaloTools.exe
04 - HKLM\..\Run : [Backup Utility TaskTray Tool] "C:\Program Files\BUFFALO\Backup_Utility\BUTray.exe"
04 - HKLM\..\Run : [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
04 - HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
04 - HKLM\..\Run : [SecureW2 Tray] C:\Program Files\SecureW2\sw2_tray.exe
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [Google Update] "C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [Akamai NetSession Interface] "C:\Users\sony\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [Facebook Update] "C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-375499331-1598649443-1027971131-1003\..\Run : [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
04GS - BUFFALO RAMDISK Tray Utility.lnk : C:\Program Files\BUFFALO\BFRD4G\BRDUtilTray.exe
04GS - BUFFALO RAMDISK Utility.lnk : C:\Program Files\BUFFALO\BFRD4G\BRDUtil.exe

[b]################## | Generic Research |[/b]


[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://ww25.how-to-remove.us/[/url]

[b]Analysed in 8.734 seconds[/b]

[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]

UsbFix (Listing)
[b]############################## | UsbFix V 8.103 | [Listing][/b]

User: sony (Administrator) # SONY-PC
Updated 08/09/2015 by El Desaparecido - SosVirus
Started at 17:38:47 | 10/09/2015

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Tutorial : [url=http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/]http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://ww25.how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: Sony Corporation (VAIO)
CPU: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
GC: NVIDIA GeForce 9300M GS
RAM -> [Total : 3068 Mo | Free : 399 Mo]
Bios: INSYDE
Boot: Normal boot

OS: Microsoft? Windows Vista (TM) Home Premium (6.0.6002 32-Bit) Service Pack 2
WB: Internet Explorer : 9.00.8112.16421
WB: Google Chrome : 45.0.2454.85
WB: Mozilla Firefox : 33.1.1

[b]################## | Security Information |[/b]

AV: Microsoft Security Essentials [Enabled |Updated]
AS: Microsoft Security Essentials [Enabled |Updated]
AS: Windows Defender [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
AS: Malwarebytes Anti-Malware : 2.1.6.1022
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 286 Gb (194 Gb free - 68%) [] # NTFS
I:\ -> CD-ROM # 238 Mb (0 Mb free - 0%) [Utility_HD-PXTU2] # CDFS
K:\ -> Fixed disk # 465 Gb (82 Gb free - 18%) [] # FAT32

[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]

[07/11/2007 - 08:00:40 | A | 10 Ko] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.3082.txt
[07/11/2007 - 08:00:40 | A | 0 Ko] - C:\eula.1041.txt
[06/12/2014 - 23:24:21 | A | 29 Ko] - C:\ckcore.txt
[19/09/2006 - 05:43:37 | A | 0 Ko] - C:\config.sys
[04/03/2012 - 14:35:05 | RASH | 0 Ko] - C:\MSDOS.SYS
[04/03/2012 - 14:35:05 | RASH | 0 Ko] - C:\IO.SYS
[10/09/2015 - 14:27:38 | ASH | 3449076 Ko] - C:\pagefile.sys
[10/09/2015 - 14:29:16 | ASH | 3142632 Ko] - C:\hiberfil.sys
[07/11/2007 - 08:12:28 | A | 228 Ko] - C:\VC_RED.MSI
[13/01/2007 - 11:51:01 | A | 0 Ko] - C:\Installer_Setup.log
[13/01/2007 - 12:06:56 | A | 377 Ko] - C:\vcredist_x86.log
[07/11/2007 - 08:00:40 | A | 1 Ko] - C:\globdata.ini
[07/11/2007 - 08:00:40 | A | 1 Ko] - C:\install.ini
[10/09/2015 - 17:33:35 | RASHD] - C:\Autorun.inf
[07/11/2007 - 08:03:18 | A | 550 Ko] - [[url=https://www.virustotal.com/file/08966ce743aa1cbed0874933e104ef7b913188ecd8f0c679f7d8378516c51da2/analysis/1441815476/]VirusTotal[/url] - (0/56)] - C:\install.exe
[07/11/2007 - 08:03:18 | A | 74 Ko] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - C:\install.res.3082.dll
[07/11/2007 - 08:03:18 | A | 80 Ko] - C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 75 Ko] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 89 Ko] - C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 95 Ko] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 78 Ko] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 93 Ko] - C:\install.res.1040.dll
[16/02/2010 - 10:50:53 | A | 5 Ko] - C:\WirelessDiagLog.csv
[06/12/2014 - 14:32:06 | D] - C:\HunanTV.cache
[07/11/2007 - 08:09:22 | A | 1409 Ko] - C:\VC_RED.cab
[07/11/2007 - 08:00:40 | A | 6 Ko] - C:\vcredist.bmp
[21/02/2009 - 12:44:49 | SHD] - C:\$Recycle.Bin
[19/09/2006 - 05:43:36 | A | 0 Ko] - C:\autoexec.bat
[02/11/2006 - 21:02:03 | SHD] - C:\Documents and Settings
[13/01/2007 - 11:31:35 | RHD] - C:\MSOCache
[13/01/2007 - 12:11:23 | AD] - C:\Office2007 SP1
[21/01/2008 - 10:32:31 | D] - C:\PerfLogs
[05/12/2008 - 09:47:16 | D] - C:\Intel
[21/02/2009 - 12:42:52 | RD] - C:\Users
[11/04/2009 - 14:36:36 | RASH | 325 Ko] - C:\bootmgr
[18/04/2009 - 21:40:44 | D] - C:\VAIO Entertainment
[05/10/2009 - 10:45:41 | SHD] - C:\Boot
[27/02/2010 - 09:53:33 | A | 0 Ko] - C:\bholog
[07/08/2010 - 23:42:49 | SHD] - C:\System Volume Information
[16/11/2010 - 22:57:12 | D] - C:\My Music
[16/12/2010 - 00:28:51 | D] - C:\4836f8fc75b09e65f1
[22/01/2011 - 22:24:18 | D] - C:\48472d706d634ac13c
[31/10/2011 - 01:14:38 | D] - C:\PFiles
[30/05/2013 - 05:49:02 | A | 0 Ko] - C:\END
[25/06/2013 - 09:42:51 | D] - C:\FavoriteVideo
[07/11/2014 - 21:37:06 | D] - C:\data_from_forms
[11/11/2014 - 23:16:10 | D] - C:\Media
[15/03/2015 - 23:04:16 | D] - C:\362b5f8ef8b2a95eb53192f47b096d
[10/09/2015 - 14:04:36 | D] - C:\Windows
[10/09/2015 - 16:02:25 | D] - C:\xfmovie
[10/09/2015 - 16:10:20 | D] - C:\Program Files
[10/09/2015 - 17:29:21 | D] - C:\Downloads
[10/09/2015 - 17:29:21 | HD] - C:\ProgramData
[10/09/2015 - 17:29:22 | D] - C:\Download
[10/09/2015 - 17:30:13 | D] - C:\UsbFix

[b]################## | I:\ - CD-ROM (CDFS) |[/b]

[12/05/2010 - 14:15:43 | R | 0 Ko] - I:\Ver220.txt
[12/03/2010 - 16:30:19 | R | 19 Ko] - I:\drivenavi.ini
[08/01/2010 - 17:21:56 | R | 0 Ko] - I:\Autorun.inf
[01/03/2010 - 16:12:30 | R | 389 Ko] - [[url=https://www.virustotal.com/file/009cd9d5078c89b4ec8441dee86243df144e4ed773e0a69d59ebc18929d4fc18/analysis/1432427142/]VirusTotal[/url] - (1/57)] - I:\DriveNavi.exe
[12/05/2010 - 14:06:41 | D] - I:\Mac
[12/05/2010 - 14:06:41 | D] - I:\DATA
[12/05/2010 - 14:07:20 | D] - I:\Windows

[b]################## | K:\ - Fixed drive (FAT32) |[/b]

[02/09/2008 - 22:00:46 | A | 0 Ko] - K:\desktop.ini
[10/09/2015 - 17:33:36 | RASHD] - K:\Autorun.inf
[07/07/2008 - 21:07:08 | A | 6 Ko] - K:\Thumbs.db
[10/09/2015 - 14:33:56 | SHD] - K:\$RECYCLE.BIN
[10/09/2015 - 14:34:44 | D] - K:\FOUND.001
[10/09/2015 - 14:31:36 | D] - K:\FOUND.000
[10/09/2015 - 14:31:20 | D] - K:\System Volume Information

[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
From the logs I see that There are autorun virus in your pc,

Now Run UsbFix on your computer.

Choose "Clean" option

A pop-up will follow :
Connect all your external data sources to your PC (Usb keys, external drives, etc...)



While cleaning, you will loose access to your desktop, but this is normal.

The numbers of analysed and infected éléments are displayed.

Once you've made a choice, a report will open.

You can find a copy of this report on your desktop, and another at : C:\UsbFix\Log\UsbFix [Clean 1] Your PC.txt

Copy/paste it on next reply.

<signature>Hardware Technician
Please inform us when the issue is resolved. Thank you </span>
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

I was having trouble with my laptop too. So I switch to another laptop, and follow all the instruction again.

Then this is the report for cleaning.
[b]############################## | UsbFix V 8.103 | [Clean][/b]

User: user-pc (Administrator) # USER
Updated 08/09/2015 by El Desaparecido - SosVirus
Started at 21:46:35 | 10/09/2015

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Tutorial : [url=http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/]http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://ww25.how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]

[b]################## | System information |[/b]

MB: ASUSTeK COMPUTER INC. (X555LJ)
CPU: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
GC: Intel(R) HD Graphics 5500
RAM -> [Total : 8095 Mo | Free : 5181 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft? Windows 8.1 Single Language (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.9600.16384
WB: Google Chrome : 45.0.2454.85
WB: Mozilla Firefox : 12.0

[b]################## | Security Information |[/b]

AV: Windows Defender [Enabled |[b](!) Outdated[/b]]
AS: Windows Defender [Enabled |[b](!) Outdated[/b]]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 373 Gb (339 Gb free - 91%) [OS] # NTFS
D:\ -> Fixed disk # 543 Gb (543 Gb free - 100%) [Data] # NTFS
F:\ -> Fixed disk # 932 Gb (836 Gb free - 90%) [Seagate Backup Plus Drive] # NTFS
G:\ -> CD-ROM # 238 Mb (0 Mb free - 0%) [Utility_HD-PXTU2] # CDFS
H:\ -> Fixed disk # 465 Gb (82 Gb free - 18%) [] # FAT32

[b]################## | Generic Research |[/b]


(!) Temporary files deleted. (5.28851509094238 MB)

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://ww25.how-to-remove.us/[/url]

[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]

[04/09/2015 - 11:51:02 | ASH | 6631256 Ko] - C:\hiberfil.sys
[04/09/2015 - 11:51:03 | ASH | 1966080 Ko] - C:\pagefile.sys
[04/09/2015 - 11:51:03 | ASH | 262144 Ko] - C:\swapfile.sys
[10/09/2015 - 21:10:57 | SHD] - C:\$Recycle.Bin
[18/06/2013 - 05:18:29 | N | 0 Ko] - C:\BOOTNXT
[22/08/2013 - 07:45:52 | SHD] - C:\Documents and Settings
[22/08/2013 - 08:22:35 | D] - C:\PerfLogs
[03/12/2014 - 09:44:40 | RASH | 395 Ko] - C:\bootmgr
[03/12/2014 - 09:46:52 | SHD] - C:\Boot
[03/12/2014 - 10:15:57 | SHD] - C:\Recovery
[23/06/2015 - 18:11:44 | D] - C:\Intel
[23/06/2015 - 18:37:14 | D] - C:\eSupport
[23/06/2015 - 18:57:12 | RD] - C:\Users
[02/09/2015 - 16:48:57 | RHD] - C:\MSOCache
[02/09/2015 - 16:51:25 | RD] - C:\Program Files
[02/09/2015 - 17:05:54 | HD] - C:\ProgramData
[10/09/2015 - 21:17:37 | RD] - C:\Program Files (x86)
[10/09/2015 - 21:33:25 | AD] - C:\Windows
[10/09/2015 - 21:45:14 | D] - C:\UsbFix

[b]################## | D:\ - Fixed drive (NTFS) |[/b]

[23/06/2015 - 17:31:18 | SHD] - D:\$RECYCLE.BIN
[02/09/2015 - 17:05:51 | D] - D:\KwDownload

[b]################## | F:\ - Fixed drive (NTFS) |[/b]

[23/08/2013 - 09:37:46 | A | 1089 Ko] - F:\Warranty.pdf
[14/08/2013 - 14:40:40 | N | 550 Ko] - F:\BackupPlus.ico
[17/09/2014 - 01:40:59 | A | 143959 Ko] - F:\Seagate Dashboard Installer.exe
[11/09/2014 - 19:04:33 | A | 147751 Ko] - F:\Seagate Dashboard Installer.dmg
[18/08/2015 - 22:48:11 | SHD] - F:\$RECYCLE.BIN
[12/12/2014 - 01:21:19 | D] - F:\Seagate
[29/08/2015 - 07:54:11 | D] - F:\Anime
[09/09/2015 - 21:49:24 | D] - F:\photo
[10/09/2015 - 00:54:42 | D] - F:\other
[10/09/2015 - 01:01:29 | D] - F:\Walk Of Shame [2014] HDRip XViD juggs[ETRG]
[10/09/2015 - 01:01:55 | D] - F:\Bad Teacher (2011)
[10/09/2015 - 01:02:25 | D] - F:\Night at the Museum Secret of the Tomb (2014)
[10/09/2015 - 01:13:27 | D] - F:\music
[10/09/2015 - 02:49:28 | D] - F:\To be deleted
[10/09/2015 - 02:52:12 | D] - F:\Kyushu enrollment
[10/09/2015 - 02:52:13 | D] - F:\Other 2
[10/09/2015 - 18:29:13 | D] - F:\document

[b]################## | G:\ - CD-ROM (CDFS) |[/b]

[11/05/2010 - 23:15:43 | R | 0 Ko] - G:\Ver220.txt
[12/03/2010 - 01:30:19 | R | 19 Ko] - G:\drivenavi.ini
[08/01/2010 - 02:21:56 | R | 0 Ko] - G:\Autorun.inf
[01/03/2010 - 01:12:30 | R | 389 Ko] - G:\DriveNavi.exe
[11/05/2010 - 23:06:41 | D] - G:\Mac
[11/05/2010 - 23:06:41 | D] - G:\DATA
[11/05/2010 - 23:07:20 | D] - G:\Windows

[b]################## | H:\ - Fixed drive (FAT32) |[/b]

[02/09/2008 - 22:00:46 | A | 0 Ko] - H:\desktop.ini
[07/07/2008 - 21:07:08 | A | 6 Ko] - H:\Thumbs.db
[10/09/2015 - 14:33:56 | SHD] - H:\$RECYCLE.BIN
[10/09/2015 - 14:34:44 | D] - H:\FOUND.001
[10/09/2015 - 14:31:36 | D] - H:\FOUND.000

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

[b]Analysed in 14.86 seconds[/b]

[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
Now what about USB drive? still behaving same?
Posts
7
Registration date
Thursday September 10, 2015
Status
Member
Last seen
September 11, 2015

Yes
Posts
3569
Registration date
Friday February 6, 2015
Status
Moderator
Last seen
July 18, 2016
869
The software already clean some infections, in the above Log which is your USB device?