Copying UsB Problem
Closed
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
-
Jan 1, 2013 at 09:34 AM
chinmayathebest Posts 28 Registration date Wednesday November 28, 2012 Status Member Last seen February 21, 2013 - Feb 18, 2013 at 05:22 AM
chinmayathebest Posts 28 Registration date Wednesday November 28, 2012 Status Member Last seen February 21, 2013 - Feb 18, 2013 at 05:22 AM
Related:
- Lpt1.usbfix
- Usb show - Download - Backup and recovery
- Usb flash drive tester - Download - Backup and recovery
- Windows 7 bootable usb download - Download - Storage
- Usb debugging enabler tool - Download - Other
- Ps4 too many usb devices connected - Guide
24 responses
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 1, 2013 at 05:06 PM
Jan 1, 2013 at 05:06 PM
Stand-by for my analysis.
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 1, 2013 at 05:35 PM
Jan 1, 2013 at 05:35 PM
ZHP Diag created three Icons on your desktop.
1. Open ZHP Fix
2. Copy the lines below and then clic on the second button, (clipboard) At the bottom a "Go" button will appear. Click on it.
O4 - HKCU\..\Run: [windows] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\Chinmaya\Documents\MSDCSC\msdcsc.exe => Infection Bot (Malware.Bot)
O4 - HKUS\S-1-5-21-3165046482-525462170-2448898062-1001\..\Run: [windows] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\Chinmaya\Documents\MSDCSC\msdcsc.exe => Infection Bot (Malware.Bot)
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} => Infection BT (Adware.Yontoo)
[HKCU\Software\DC3_FEXEC] => Infection Diverse (Malware.Trace)
[HKCU\Software\PopCap] => Infection BT (Adware.PopCap)
O43 - CFD: 23-12-2012 - 13:38:50 - [30.878] ----D C:\ProgramData\PopCap Games => Infection BT (Adware.PopCap)
O43 - CFD: 23-12-2012 - 13:16:59 - [0.011] ----D C:\Users\Chinmaya\AppData\Roaming\dclogs
O44 - LFC:[MD5.C826711D000C71F37D9B4EA5FA4C8F6E] - 28-12-2012 - 17:08:20 ---A- . (...) -- C:\Windows\AutoKMS.ini [184]
O44 - LFC:[MD5.CF7498ADA4AC2F50E5CA72205865D7CE] - 28-12-2012 - 17:07:58 ---A- . (.Unknown owner - Local KMS Host.) -- C:\Windows\KMSEmulator.exe [78848]
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] => Infection BT (Adware.BHO)
[HKLM\Software\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT [HKLM\Software\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}]
3. Close ZHP Fix
4. Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
5. Delete all of your ZHP logs, generate a new one and upload the new one on Speedy share. If you still have problems with transfering data, let me know.
Again, do not plug any usb devices in another computer or you may spread the infection.
1. Open ZHP Fix
2. Copy the lines below and then clic on the second button, (clipboard) At the bottom a "Go" button will appear. Click on it.
O4 - HKCU\..\Run: [windows] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\Chinmaya\Documents\MSDCSC\msdcsc.exe => Infection Bot (Malware.Bot)
O4 - HKUS\S-1-5-21-3165046482-525462170-2448898062-1001\..\Run: [windows] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\Chinmaya\Documents\MSDCSC\msdcsc.exe => Infection Bot (Malware.Bot)
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} => Infection BT (Adware.Yontoo)
[HKCU\Software\DC3_FEXEC] => Infection Diverse (Malware.Trace)
[HKCU\Software\PopCap] => Infection BT (Adware.PopCap)
O43 - CFD: 23-12-2012 - 13:38:50 - [30.878] ----D C:\ProgramData\PopCap Games => Infection BT (Adware.PopCap)
O43 - CFD: 23-12-2012 - 13:16:59 - [0.011] ----D C:\Users\Chinmaya\AppData\Roaming\dclogs
O44 - LFC:[MD5.C826711D000C71F37D9B4EA5FA4C8F6E] - 28-12-2012 - 17:08:20 ---A- . (...) -- C:\Windows\AutoKMS.ini [184]
O44 - LFC:[MD5.CF7498ADA4AC2F50E5CA72205865D7CE] - 28-12-2012 - 17:07:58 ---A- . (.Unknown owner - Local KMS Host.) -- C:\Windows\KMSEmulator.exe [78848]
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] => Infection BT (Adware.BHO)
[HKLM\Software\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT [HKLM\Software\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}]
3. Close ZHP Fix
4. Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
5. Delete all of your ZHP logs, generate a new one and upload the new one on Speedy share. If you still have problems with transfering data, let me know.
Again, do not plug any usb devices in another computer or you may spread the infection.
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 2, 2013 at 05:06 AM
Jan 2, 2013 at 05:06 AM
Well I carried out all the steps that you told but still I am having the problem of transferring files. Here's the new ZHPDiag Log link:
http://speedy.sh/5CXXq/ZHPDiag.txt
:/
http://speedy.sh/5CXXq/ZHPDiag.txt
:/
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 2, 2013 at 06:36 AM
Jan 2, 2013 at 06:36 AM
to remove the virus and vaccinate your USB against further viruses.
Download UsbFix (créé par El Desaparecido) on your desktop.
http://services.service-webmaster.fr/cpt-clics/clics-30453-6505.html
If your antivirus gives an alert, ignore it and temporarily deactivate the antivirus.
Plug in all of your usb devices (Flash drive, pen drive. External HD etc...) don't open them.
Double click sur UsbFix.exe.
Click on deletion
Let the tool work.
At the end of the scan a report will show which you can copy and paste here..
The report is save at the root ( C:\UsbFix.txt ).
Download UsbFix (créé par El Desaparecido) on your desktop.
http://services.service-webmaster.fr/cpt-clics/clics-30453-6505.html
If your antivirus gives an alert, ignore it and temporarily deactivate the antivirus.
Plug in all of your usb devices (Flash drive, pen drive. External HD etc...) don't open them.
Double click sur UsbFix.exe.
Click on deletion
Let the tool work.
At the end of the scan a report will show which you can copy and paste here..
The report is save at the root ( C:\UsbFix.txt ).
Didn't find the answer you are looking for?
Ask a question
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 2, 2013 at 08:22 AM
Jan 2, 2013 at 08:22 AM
http://speedy.sh/5C8vq/UsbFix.txt
There you go, but I tried transferring still the problem wasn't solved.
:/
There you go, but I tried transferring still the problem wasn't solved.
:/
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 2, 2013 at 04:36 PM
Jan 2, 2013 at 04:36 PM
USB Fix removed most of the infections and there were many!
However there are still some in F and G called autorun:
Try this 1
Click on the below link and download the file "AutorunExterminator"
https://ccm.net/downloads/security-and-maintenance/5911-autorun-exterminator/
Extract it --> Double-click on "AutorunExterminator" --> Plug your pendrive now.
This will remove the autorun.inf files from your pendrive and also from drives.
However there are still some in F and G called autorun:
Try this 1
Click on the below link and download the file "AutorunExterminator"
https://ccm.net/downloads/security-and-maintenance/5911-autorun-exterminator/
Extract it --> Double-click on "AutorunExterminator" --> Plug your pendrive now.
This will remove the autorun.inf files from your pendrive and also from drives.
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 4, 2013 at 07:05 AM
Jan 4, 2013 at 07:05 AM
Hi
So, what's happening?
So, what's happening?
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 6, 2013 at 04:47 AM
Jan 6, 2013 at 04:47 AM
well sorry dude, I couldn't reply earlier as I was off on a vacation.
I tried AutorunExterminator but it quite didn't help. It did not find even a single autorun.inf file and whenever I connected my USB drive it stopped responding.
will be waiting for your further suggestions.
:/
I tried AutorunExterminator but it quite didn't help. It did not find even a single autorun.inf file and whenever I connected my USB drive it stopped responding.
will be waiting for your further suggestions.
:/
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 6, 2013 at 06:16 AM
Jan 6, 2013 at 06:16 AM
Please, don't call me Dude, I find it disrespectful. I could have 10 times your age.
You log definately shows autorun files in F and G. There is an autorun.inf in F and autorun.exe in G.
This is the standard procedure to delete the Autorun.inf file
Normally when a virus infects a windows system which causes a drive opening problem, it automatically creates a file named autorun.inf in the root directory of each drive.
This autorun.inf file is a read only ,hidden and a system file and the folder option is also disabled by the virus. This is deliberately done by the virus in order to protect itself. autorun.inf initiates all the activities that the virus performs when you try to open any drive.
You have to just delete this file and restart your system to correct this problem.
Follow the set of commands below to show and delete the autorun.inf
1. Go to Start then Run and type cmd and press enter. This will open a command prompt window. On this command prompt window type the following steps.
2. type cd\ press enter
3. type attrib -r -h -s autorun.inf press enter
please note the spacing: no space between the dash and the letter & a space after the r h and s
4. type del autorun.inf press enter
if the PC returns a "file not found" message - check the spelling for autorun.inf
in step 4 above, if its displays Could Not Find D:\autorun.inf thats mean the autorun.inf doesn't exist in that drive
5. if you have a d drive: type d: and press enter for d: drive partition. Now repeat steps 3 and 4. Similarly repeat step 5 for all your hard disk partition.
Restart your system and your trouble will be fixed. Except the program that caused the problem is still in your computer.
Make sure you are connected to the Internet. and download Malwarebytes' Anti-Malware program.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish. MBAM will automatically start and you will be asked to update the program
before performing a scan. If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
You log definately shows autorun files in F and G. There is an autorun.inf in F and autorun.exe in G.
This is the standard procedure to delete the Autorun.inf file
Normally when a virus infects a windows system which causes a drive opening problem, it automatically creates a file named autorun.inf in the root directory of each drive.
This autorun.inf file is a read only ,hidden and a system file and the folder option is also disabled by the virus. This is deliberately done by the virus in order to protect itself. autorun.inf initiates all the activities that the virus performs when you try to open any drive.
You have to just delete this file and restart your system to correct this problem.
Follow the set of commands below to show and delete the autorun.inf
1. Go to Start then Run and type cmd and press enter. This will open a command prompt window. On this command prompt window type the following steps.
2. type cd\ press enter
3. type attrib -r -h -s autorun.inf press enter
please note the spacing: no space between the dash and the letter & a space after the r h and s
4. type del autorun.inf press enter
if the PC returns a "file not found" message - check the spelling for autorun.inf
in step 4 above, if its displays Could Not Find D:\autorun.inf thats mean the autorun.inf doesn't exist in that drive
5. if you have a d drive: type d: and press enter for d: drive partition. Now repeat steps 3 and 4. Similarly repeat step 5 for all your hard disk partition.
Restart your system and your trouble will be fixed. Except the program that caused the problem is still in your computer.
Make sure you are connected to the Internet. and download Malwarebytes' Anti-Malware program.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish. MBAM will automatically start and you will be asked to update the program
before performing a scan. If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 6, 2013 at 06:43 AM
Jan 6, 2013 at 06:43 AM
Well sir,
I followed your steps to delete autorun.inf and I found something strange:
http://speedy.sh/nFsYr/Capture.PNG
In this picture I want to draw your attention towards the commands under drive F: and G:
Both say the AUTORUN.inf access is denied.
Could this be the problem?
I also want to tell you that F: is my CD ROM drive and G: is a drive that is created by a software called Daemon Tools. This mounts images and helps making copying of CDs. Kindly look into this matter and guide me if this was just me or is there something wrong in these drives.
I followed your steps to delete autorun.inf and I found something strange:
http://speedy.sh/nFsYr/Capture.PNG
In this picture I want to draw your attention towards the commands under drive F: and G:
Both say the AUTORUN.inf access is denied.
Could this be the problem?
I also want to tell you that F: is my CD ROM drive and G: is a drive that is created by a software called Daemon Tools. This mounts images and helps making copying of CDs. Kindly look into this matter and guide me if this was just me or is there something wrong in these drives.
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 6, 2013 at 04:42 PM
Jan 6, 2013 at 04:42 PM
Hi
Have you deleted:
G:\Razor1911\The_Sims_3_Keygen.exe ?
Have you deleted:
G:\Razor1911\The_Sims_3_Keygen.exe ?
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 6, 2013 at 05:01 PM
Jan 6, 2013 at 05:01 PM
1. Open my computer
2. Go to tools, folder options
3. Select "show hidden files"
4. Uncheck "show system files"
5. Go to each drive by right clicking Explore only. DO NOT double click drives.
6. Delete the file with the name "autorun.inf"
7. Restart computer
2. Go to tools, folder options
3. Select "show hidden files"
4. Uncheck "show system files"
5. Go to each drive by right clicking Explore only. DO NOT double click drives.
6. Delete the file with the name "autorun.inf"
7. Restart computer
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 8, 2013 at 06:15 AM
Jan 8, 2013 at 06:15 AM
Well sir,
I found out that there were folders with the name of Autorun.inf in each drive and contained a file named "lpt1.UsbFix" . When I tried to delete this folder it asked for administrator permission. After permitting, the folders deleting progress got completed but the folder is still there in each drive.
:/
I found out that there were folders with the name of Autorun.inf in each drive and contained a file named "lpt1.UsbFix" . When I tried to delete this folder it asked for administrator permission. After permitting, the folders deleting progress got completed but the folder is still there in each drive.
:/
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,170
Jan 8, 2013 at 05:12 PM
Jan 8, 2013 at 05:12 PM
I will transfer that case to a good friend of mine. He has more expertise than I on removing autorun. His user name is jack4rall.
P.S. I told you they were present in F and G.
P.S. I told you they were present in F and G.
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 9, 2013 at 02:21 AM
Jan 9, 2013 at 02:21 AM
Hello,
Thank you my friend "Ambucias".
Try this 1
The "Autorun.inf" folders are created by the USBFIX application in all the drives.
The reason behind this is to stop the malicious autorun.inf file from getting copied
itself to the drives. With the existing of the "Autorun.inf" folder, there is a less
chance for the autorun.inf file with code of running malicious application to exist
in the drive. At the end of performing the operation by clicking on the "Deletion"
button in the USBFIX, you should have noticed a a log file. At the end of that log
file it will mention that it had created a "Autorun.inf" folders in all the drives. The
log file will be saved in your C drive. In case you want to remove it then enter the
below commands.
Here I assume you drive letter as "F". The text with bold letters
are the commands.
F:\> attrib -r -s -h autorun.inf ---> Press Enter.
This will remove the read-only, system and hidden attributes from the folder.
F:\>del autorun.inf --> Press Enter.
When it prompts for confirmation, press "Y" key and press "Enter".
This will delete all the files within the folder.
F:\>rd autorun.inf ---> Press Enter.
This will remove the directory "Autorun.inf".
Repeat the above commands for the remaining drives also.
Good Luck.
Thank you my friend "Ambucias".
Try this 1
The "Autorun.inf" folders are created by the USBFIX application in all the drives.
The reason behind this is to stop the malicious autorun.inf file from getting copied
itself to the drives. With the existing of the "Autorun.inf" folder, there is a less
chance for the autorun.inf file with code of running malicious application to exist
in the drive. At the end of performing the operation by clicking on the "Deletion"
button in the USBFIX, you should have noticed a a log file. At the end of that log
file it will mention that it had created a "Autorun.inf" folders in all the drives. The
log file will be saved in your C drive. In case you want to remove it then enter the
below commands.
Here I assume you drive letter as "F". The text with bold letters
are the commands.
F:\> attrib -r -s -h autorun.inf ---> Press Enter.
This will remove the read-only, system and hidden attributes from the folder.
F:\>del autorun.inf --> Press Enter.
When it prompts for confirmation, press "Y" key and press "Enter".
This will delete all the files within the folder.
F:\>rd autorun.inf ---> Press Enter.
This will remove the directory "Autorun.inf".
Repeat the above commands for the remaining drives also.
Good Luck.
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 10, 2013 at 08:34 AM
Jan 10, 2013 at 08:34 AM
Well thank you Ambucias and jack4rall for the help.
I followed your steps jack4rall but the autorun.inf folder didn't get deleted. I also tried to transfer files but still no progress. :/
Kindly help :)
I followed your steps jack4rall but the autorun.inf folder didn't get deleted. I also tried to transfer files but still no progress. :/
Kindly help :)
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 10, 2013 at 01:52 PM
Jan 10, 2013 at 01:52 PM
Hello,
Let me know the error message when you are trying to delete it manually.
Good Luck.
Let me know the error message when you are trying to delete it manually.
Good Luck.
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 12, 2013 at 03:52 AM
Jan 12, 2013 at 03:52 AM
Well, sir I am not getting any error message as such. It just shows the deletion progress bar completed and still the file remains.
Moreover, I somehow think that this not the thing that is causing the problem :/
Also I wanted to draw your attention to the fact that my windows clock also doesn't work properly :)
Kindly help.
Moreover, I somehow think that this not the thing that is causing the problem :/
Also I wanted to draw your attention to the fact that my windows clock also doesn't work properly :)
Kindly help.
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 15, 2013 at 08:45 AM
Jan 15, 2013 at 08:45 AM
Sir??? Any further help>? would be much appreciated...
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 15, 2013 at 10:01 AM
Jan 15, 2013 at 10:01 AM
Hello,
Sorry for the late reply, just lost your thread. Does the autorun.inf folder exists in all your drivers with a file? Let me know what happens when you are trying to open the Windows clock.
Good Luck
Sorry for the late reply, just lost your thread. Does the autorun.inf folder exists in all your drivers with a file? Let me know what happens when you are trying to open the Windows clock.
Good Luck
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 16, 2013 at 05:18 AM
Jan 16, 2013 at 05:18 AM
Yes sir, it exists in all the major drives C, D and E.
There problem with my windows clock is that it resets itself automatically to a previous time. For example the current time (IST) is 4:50 on 16th Jan. But my clock is showing 15th Jan 7:16.
I tried replacing CMOS battery but that didn't work.
There problem with my windows clock is that it resets itself automatically to a previous time. For example the current time (IST) is 4:50 on 16th Jan. But my clock is showing 15th Jan 7:16.
I tried replacing CMOS battery but that didn't work.
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 16, 2013 at 07:30 AM
Jan 16, 2013 at 07:30 AM
Hello,
Try this 1
Go to Safe mode and check if you are able to delete those folders.
After replacing the CMOS battery, you need to set the correct date and time in CMOS.
Go to your CMOS settings --> Set the correct date and time --> Save the settings and exit from the BIOS.
Good Luck
Try this 1
Go to Safe mode and check if you are able to delete those folders.
After replacing the CMOS battery, you need to set the correct date and time in CMOS.
Go to your CMOS settings --> Set the correct date and time --> Save the settings and exit from the BIOS.
Good Luck
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 16, 2013 at 09:17 AM
Jan 16, 2013 at 09:17 AM
No sir, none of your solutions worked :/
I am still having the same problems in both the cases...
I am still having the same problems in both the cases...
juju666
Posts
35445
Registration date
Wednesday December 17, 2008
Status
Security contributor
Last seen
May 5, 2017
Jan 16, 2013 at 07:45 PM
Jan 16, 2013 at 07:45 PM
Sir,
Have you tried that solution ? https://ccm.net/forum/affich-681277-copying-usb-problem#21
This is a simple solution for remove the "Autorun.inf" folders created by USBFIX ...
Cordially,
Juju666 - Security Contributor
Have you tried that solution ? https://ccm.net/forum/affich-681277-copying-usb-problem#21
This is a simple solution for remove the "Autorun.inf" folders created by USBFIX ...
Cordially,
Juju666 - Security Contributor
juju666
Posts
35445
Registration date
Wednesday December 17, 2008
Status
Security contributor
Last seen
May 5, 2017
Jan 15, 2013 at 10:42 AM
Jan 15, 2013 at 10:42 AM
Hi all,
For remove the vaccination use this tool : Make Kill Vaccin by El_Desaparecido.
This tool remove the vaccination created by USBFix
Run this, plug in all of your usb devices and click "Supprimer la vaccination"
Look this : http://speedy.sh/zJysp/MKV.PNG
Please be patient, I'm french. Thx :)
Cordially,
Juju666 - Security Contributor
For remove the vaccination use this tool : Make Kill Vaccin by El_Desaparecido.
This tool remove the vaccination created by USBFix
Run this, plug in all of your usb devices and click "Supprimer la vaccination"
Look this : http://speedy.sh/zJysp/MKV.PNG
Please be patient, I'm french. Thx :)
Cordially,
Juju666 - Security Contributor
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 17, 2013 at 08:59 AM
Jan 17, 2013 at 08:59 AM
Thank you juju666 for the solution. I am sorry to inform you that it didn't help me as I am still having problems while copying files and also the Autorun.inf folder is now not accessible.
Well I also want to ask you to rather concentrate on the transfer problem instead of the vaccine folder.
Kind Regards
Chinmaya
Well I also want to ask you to rather concentrate on the transfer problem instead of the vaccine folder.
Kind Regards
Chinmaya
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 17, 2013 at 10:49 AM
Jan 17, 2013 at 10:49 AM
Greetings,
Please do let us know the complete error message and the issue you are having in brief to you help further.
Regards
Please do let us know the complete error message and the issue you are having in brief to you help further.
Regards
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 17, 2013 at 11:17 AM
Jan 17, 2013 at 11:17 AM
jack4all, when I try to transfer a file the Windows copy bar opens up but it remains 0% and the "Time Remaining" remains "Calculating..."
For a clearer view:
http://speedy.sh/b4z9H/Problem.jpg
Kindly help :)
For a clearer view:
http://speedy.sh/b4z9H/Problem.jpg
Kindly help :)
juju666
Posts
35445
Registration date
Wednesday December 17, 2008
Status
Security contributor
Last seen
May 5, 2017
Jan 17, 2013 at 05:14 PM
Jan 17, 2013 at 05:14 PM
Greeting,
I don't understand why "MKV" does not work...
I'll ask the designer.
For your problem of copy, is the original Windows copier tool ?
Cordially
I don't understand why "MKV" does not work...
I'll ask the designer.
For your problem of copy, is the original Windows copier tool ?
Cordially
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Jan 17, 2013 at 11:47 PM
Jan 17, 2013 at 11:47 PM
Hello,
Try this 1
While copying your files check your CPU & RAM usage in the Task Manager.
Try to repair the Windows. Follow the below steps since you are using a Windows 8.
1)When the "Start" window appears with the tile icons, Press "Windows Key" + F key for the search option. Another way is to place the mouse pointer at the top-right corner. You can see a small "Zoom Icon" tool, click on it.
2) In the "Search" box, type advance and select the option "Settings".
3) Now select the option "Advanced Startup Options" at the left.
4) When "PC Settings" window appears, at the left side, scroll down for the "Advanced Startup" option and click on "Restart Now" button.
5) When the "Choose an option" window appears, select the option "Troubleshoot".
6) When the "Troubleshoot" window appears, select the option "Advanced Option".
7) When the "Advanced Option" window appears, select the option "Automatic Repair".
8) Now the "Preaparing Automatic Repair" message will appears and after that it will prompt you to choose your "User account" and to enter the password.
9) Then a message "Diagnosing your PC" will appear and wait for the process to get
completed.
Regarding date and time, are you sure that the time zone is set according to your location. Let me know when the time is getting change? Will the location of time zone is same even after and before the changes made. Let me know when the problem had started. Did you made any changes before having a copying and Date & Time changing problem ?
Good Luck
Try this 1
While copying your files check your CPU & RAM usage in the Task Manager.
Try to repair the Windows. Follow the below steps since you are using a Windows 8.
1)When the "Start" window appears with the tile icons, Press "Windows Key" + F key for the search option. Another way is to place the mouse pointer at the top-right corner. You can see a small "Zoom Icon" tool, click on it.
2) In the "Search" box, type advance and select the option "Settings".
3) Now select the option "Advanced Startup Options" at the left.
4) When "PC Settings" window appears, at the left side, scroll down for the "Advanced Startup" option and click on "Restart Now" button.
5) When the "Choose an option" window appears, select the option "Troubleshoot".
6) When the "Troubleshoot" window appears, select the option "Advanced Option".
7) When the "Advanced Option" window appears, select the option "Automatic Repair".
8) Now the "Preaparing Automatic Repair" message will appears and after that it will prompt you to choose your "User account" and to enter the password.
9) Then a message "Diagnosing your PC" will appear and wait for the process to get
completed.
Regarding date and time, are you sure that the time zone is set according to your location. Let me know when the time is getting change? Will the location of time zone is same even after and before the changes made. Let me know when the problem had started. Did you made any changes before having a copying and Date & Time changing problem ?
Good Luck
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 18, 2013 at 10:30 AM
Jan 18, 2013 at 10:30 AM
I tried your solution sir jack4all but the Automatic Repair failed with a log (download link below).
P.S. I have already reinstalled and installed new windows many times after the failure but still no benefit. So maybe it isn't in the windows.
@juju666 I am sorry I did not understand the last sentence you wrote.
http://speedy.sh/RANAg/SrtTrail.txt (log download link)
Kind Regards
Chinmaya
P.S. I have already reinstalled and installed new windows many times after the failure but still no benefit. So maybe it isn't in the windows.
@juju666 I am sorry I did not understand the last sentence you wrote.
http://speedy.sh/RANAg/SrtTrail.txt (log download link)
Kind Regards
Chinmaya
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 19, 2013 at 06:58 AM
Jan 19, 2013 at 06:58 AM
Guess u haven't lost the link to the problem again, sir...
chinmayathebest
Posts
28
Registration date
Wednesday November 28, 2012
Status
Member
Last seen
February 21, 2013
2
Jan 19, 2013 at 10:11 AM
Jan 19, 2013 at 10:11 AM
Dear Sir(s),
Many people have suggested me to COMPLETELY format my hard disk and then install fresh Windows.
What do you have to say about this.. ?? Will it solve my problem.. ??
Or have you got a better solution.
P.S. Kindly keep in mind that I will suffer a lot of data loss while formatting my HDD. If you have a better solution kindly let me know.
Warm Regards
Chinmaya
Many people have suggested me to COMPLETELY format my hard disk and then install fresh Windows.
What do you have to say about this.. ?? Will it solve my problem.. ??
Or have you got a better solution.
P.S. Kindly keep in mind that I will suffer a lot of data loss while formatting my HDD. If you have a better solution kindly let me know.
Warm Regards
Chinmaya
