[中毒] 疑似中隨身碟病毒

看板AntiVirus作者 (小小妞)時間15年前 (2008/12/01 21:40), 編輯推噓1(101)
留言2則, 2人參與, 最新討論串1/1
1.問題描述: 請在下面說明碰到的中毒情形,越詳細越好(可貼圖說明): 我下午幫老爹接相機到我電腦 幫他上傳三張照片寄出 之後他帶相機到相館沖洗(因為他喜歡洗照片 就算是數位也一樣 每次都洗一兩千塊) 打電話回來跟我說相機照片少了 只剩下100多張(原有500多張) 讀不出來 我說不可能 我都沒有動到他的記憶卡囧 但他拿回來我再接到我電腦時 的確只剩下100多張照片 同時我的小紅傘程式跳出病毒警示 我懷疑是相館的電腦中毒 所以照片會不見 剛相館老闆打給我 說不可能 說他們柯達公司裝的防毒很強什麼的 我說我一接回來我的電腦我的電腦就出現病毒警示 他就說可能是我電腦原本就有毒剛好跳出來...brah brah anyway 他說還有一個原因是記憶卡需要重組 所以他叫我把記憶卡帶過去他用救援程式救救看 首先就是 真的不是我對照片作了什麼... 再來就是 相機我下午插到我電腦沒事 從相館回來就中毒了 害我現在全機在掃囧 我有交代我爸重要檔案要備份 要去用公用電腦帶CD片 不要用活動硬碟 但是一切都太遲了=.=他說之前都沒有這樣過 我爸關心的一件事是 他的照片救得回來嗎?他很懊惱 請各位幫忙 現在我的電腦該怎麼做呢?還有他的記憶卡有可能是因為中毒嗎? 謝謝! 2.掃毒報告: 線上掃毒使用方式請看精華區 我是使用avira 有出現兩個警示檔案 看防護區出現一個受感染的 就是剛剛看跳出來的視窗病毒 我當時是按deny access 然後把相機移除再進行全機掃毒 受感染檔案: C:\WINDOWS\system32\jwedsfdo0.dll 3.系統輔助分析軟體掃描報告: Avira AntiVir Personal Report file date: 2008年12月1日 20:48 Scanning for 1062011 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: YOUR-ACCC57202D Version information: BUILD.DAT : 8.2.0.337 16934 Bytes 2008/11/18 13:05:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008/11/26 02:40:54 AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008/7/19 14:22:14 LUKE.DLL : 8.1.4.5 164097 Bytes 2008/7/19 14:22:14 LUKERES.DLL : 8.1.4.0 12033 Bytes 2008/7/19 14:22:14 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008/10/27 16:25:12 ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 2008/11/9 15:34:24 ANTIVIR2.VDF : 7.1.0.160 571392 Bytes 2008/11/30 09:35:20 ANTIVIR3.VDF : 7.1.0.163 24064 Bytes 2008/12/1 09:35:22 Engineversion : 8.2.0.36 AEVDF.DLL : 8.1.0.6 102772 Bytes 2008/10/15 13:13:26 AESCRIPT.DLL : 8.1.1.15 332156 Bytes 2008/11/12 15:35:08 AESCN.DLL : 8.1.1.5 123251 Bytes 2008/11/8 15:35:10 AERDL.DLL : 8.1.1.3 438645 Bytes 2008/11/5 15:35:50 AEPACK.DLL : 8.1.3.4 393591 Bytes 2008/11/11 15:35:14 AEOFFICE.DLL : 8.1.0.30 196986 Bytes 2008/11/8 15:35:08 AEHEUR.DLL : 8.1.0.71 1487222 Bytes 2008/11/8 15:35:06 AEHELP.DLL : 8.1.2.0 119159 Bytes 2008/11/19 15:36:28 AEGEN.DLL : 8.1.1.6 323955 Bytes 2008/11/29 09:35:28 AEEMU.DLL : 8.1.0.9 393588 Bytes 2008/10/15 13:12:54 AECORE.DLL : 8.1.5.2 172405 Bytes 2008/11/29 09:35:24 AEBB.DLL : 8.1.0.3 53618 Bytes 2008/10/15 13:12:50 AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008/7/19 14:22:14 AVPREF.DLL : 8.0.2.0 38657 Bytes 2008/7/19 14:22:14 AVREP.DLL : 8.0.0.2 98344 Bytes 2008/8/2 16:11:42 AVREG.DLL : 8.0.0.1 33537 Bytes 2008/7/19 14:22:14 AVARKT.DLL : 1.0.0.23 307457 Bytes 2008/4/24 17:12:02 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008/7/19 14:22:14 SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008/4/24 17:12:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008/7/19 14:22:14 NETNT.DLL : 8.0.0.1 7937 Bytes 2008/4/24 17:12:02 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008/7/19 14:22:12 RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008/7/19 14:22:12 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: C:, D:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: 2008年12月1日 20:48 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'livecall.exe' - '1' Module(s) have been scanned Scan process 'NclRSSrv.exe' - '1' Module(s) have been scanned Scan process 'NclIrSrv.exe' - '1' Module(s) have been scanned Scan process 'NclUSBSrv.exe' - '1' Module(s) have been scanned Scan process 'PCMan.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'skypePM.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned Scan process 'ATKOSD.EXE' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'Monitor.exe' - '1' Module(s) have been scanned Scan process 'ChkMail.exe' - '1' Module(s) have been scanned Scan process 'PcSync2.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned Scan process 'MSNMSGR.EXE' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'IGFXPERS.EXE' - '1' Module(s) have been scanned Scan process 'HKCMD.EXE' - '1' Module(s) have been scanned Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned Scan process 'BatteryLife.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'ALU.EXE' - '1' Module(s) have been scanned Scan process 'SoundMan.exe' - '1' Module(s) have been scanned Scan process 'HControl.exe' - '1' Module(s) have been scanned Scan process 'ALG.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'SCHED.EXE' - '1' Module(s) have been scanned Scan process '1XConfig.exe' - '1' Module(s) have been scanned Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned Scan process 'EvtEng.exe' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned Scan process 'LSASS.EXE' - '1' Module(s) have been scanned Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned Scan process 'SMSS.EXE' - '1' Module(s) have been scanned 59 processes with 59 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '62' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\hiberfil.sys [WARNING] The file could not be opened! Begin scan in 'D:\' End of the scan: 2008年12月1日 21:16 Used time: 28:04 Minute(s) The scan has been done completely. 6114 Scanning directories 251828 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 251826 Files not concerned 6831 Archives were scanned 2 Warnings 0 Notes ※ 編輯: leona10 來自: 59.112.227.27 (12/01 21:45)
12/01 22:04, , 1F
怎不用它檢測一下?? Wow! USB VirusKiller
12/01 22:04, 1F
12/01 22:09, , 2F
我目前計憶卡已經送到相館了@@掃USB的程式我已經下載好了
12/01 22:09, 2F
更多 leona10 的文章
文章代碼(AID): #19C-bVOo (AntiVirus)