[軟體] 使用了EFIX484後,隨身碟打不開

看板AntiVirus (防毒)作者a127n (我想要想幹嘛就幹嘛)時間17年前 (2008/10/08 18:33)推噓1(1推 0噓 1→)

留言2則, 2人參與討論串1/1

我的隨身碟是SONY MICROVAULT 4G 因為在別人家會跳出病毒然後打不開所以我就在家用EFIX484掃掃完以後出現如下的訊息 4.84 2008-10-08 10:10:52 GMT+00:00 EFix 4.84 - user 2008-10-08 18:11:32.18 - NTFS Microsoft Windows XP [版本 5.1.2600] - Service Pack 3 ======================================================= EFix刪除的檔案列表: 沒有刪除任何檔案. ======================================================= EFix刪除的登錄值列表: 沒有刪除任何登錄值. ======================================================= ****** Created 2008-09 to 2008-10 Files ****** 2008-10-08 . 2008-10-08 18:11 d-------- C:\WINDOWS\efixunt 2008-10-08 . 2008-10-08 18:11 d-------- C:\NEFix 2008-10-08 . 2008-10-08 18:06 d-------- C:\WINDOWS\system32\NtmsData 2008-10-07 . 2008-10-08 17:40 d-------- C:\Program Files\Google 2008-10-07 . 2008-10-07 14:57 d-------- C:\WINDOWS\Sun 2008-10-07 . 2008-10-07 14:56 d-------- C:\Program Files\Java 2008-10-07 . 2008-10-07 14:56 --a------ C:\WINDOWS\system32\jupdate-1.6.0_07-b06.log 2008-10-07 . 2008-06-10 02:32 --a------ C:\WINDOWS\system32\javaws.exe 2008-10-07 . 2008-06-10 01:21 --a------ C:\WINDOWS\system32\javaw.exe 2008-10-07 . 2008-06-10 01:21 --a------ C:\WINDOWS\system32\java.exe 2008-09-10 . 2008-09-10 07:22 --a------ C:\WINDOWS\system32\pvmjpg21.dll 2008-09-10 . 2008-09-10 07:22 --a------ C:\WINDOWS\system32\pv3decoder.dll 2008-09-10 . 2008-09-10 07:22 --a------ C:\WINDOWS\system32\ijl15.dll ======================================================= 執行中的程序: C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <Symantec Corporation> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <Symantec Corporation> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe <Symantec Corporation> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe <Apple, Inc.> C:\Program Files\Symantec AntiVirus\DefWatch.exe <Symantec Corporation> C:\Program Files\Symantec AntiVirus\Rtvscan.exe <Symantec Corporation> C:\Program Files\Common Files\Symantec Shared\ccApp.exe <Symantec Corporation> C:\PROGRA~1\SYMANT~1\VPTray.exe <Symantec Corporation> C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe <Lexmark International, Inc.> C:\Program Files\Lexmark 1200 Series\lxczbmon.exe <Lexmark International, Inc.> C:\Program Files\iTunes\iTunesHelper.exe <Apple Inc.> C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe <N/A> C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe <Sun Microsystems, Inc.> C:\Program Files\MSN Messenger\MsnMsgr.Exe <Microsoft Corporation> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe <Nokia.> C:\Program Files\iPod\bin\iPodService.exe <Apple Inc.> C:\Going32\Utils\Going7.exe <N/A> C:\WINDOWS\system32\cmd.exe <Microsoft Corporation> C:\NEFix\nircmd.efix <NirSoft> C:\WINDOWS\system32\cmd.exe <Microsoft Corporation> C:\WINDOWS\explorer.exe <Microsoft Corporation> ======================================================= 登錄值列表 *** 注意 : 部分正常值不會顯示 *** [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-15 00:30] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "PVR"="C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-05-20 10:33] "RTHDCPL"=RTHDCPL.EXE [2007-05-10 17:08 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"=ALCMTR.EXE [2005-05-03 17:43 C:\WINDOWS\Alcmtr.exe] "CJIMETIPSYNC"="C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.exe" [2003-07-14 22:57] "PHIMETIPSYNC"="C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.exe" [2003-07-14 22:57] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50] "StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-27 02:30] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-24 17:14] "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2006-07-25 20:27] "Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 13:18] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "QuickTime Task"="C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" [2007-12-11 10:56] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16] "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-06 09:02] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=ctfmon.exe [2008-04-15 00:30 C:\WINDOWS\system32\ctfmon.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"=advpack.dll [2008-06-24 00:15 C:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-10-22 23:08 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5366673-E8CA-11D3-9CD9-0090271D075B}] 2002-01-16 19:12 C:\PROGRA~1\FlashGet\Jccatch.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2008-10-07 15:00 c:\Program Files\Google\GoogleToolbar2.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon\Settings] "DLLName"="wlnotify.dll" --a------ 2008-04-15 00:30 C:\WINDOWS\system32\wlnotify.dll Rename operations pending: 001; C:\DOCUME~1\沛妮\LOCALS~1\Temp\nso3.tmp\System.dll ;DELETE; 002; C:\DOCUME~1\沛妮\LOCALS~1\Temp\nso3.tmp\ ;DELETE; MD5: f7a2245d8bd832d1e7a01c26d5e6efd0 2008-04-15 00:30 978,432 C:\WINDOWS\explorer.exe MD5: 50d8db3bf83670339a8616eb5a75bf06 2007-06-13 21:10 977,920 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe MD5: f7054a7191ee1e403020649aa40a23e0 2007-06-13 21:22 977,920 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe MD5: 453888766da789f18fbbf5b20e4bc17f 2007-05-20 10:33 976,896 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe MD5: f7a2245d8bd832d1e7a01c26d5e6efd0 2008-04-15 00:30 978,432 C:\WINDOWS\ServicePackFiles\i386\explorer.exe MD5: f3a20a3c6a4df7fe038f4cca70080b10 2007-05-20 10:33 23,552 C:\WINDOWS\$NtServicePackUninstall$\userinit.exe MD5: 613d7c29c9e3e2375971da7e42e4e330 2008-04-15 00:31 25,088 C:\WINDOWS\ServicePackFiles\i386\userinit.exe MD5: 613d7c29c9e3e2375971da7e42e4e330 2008-04-15 00:31 25,088 C:\WINDOWS\system32\userinit.exe MD5: 613d7c29c9e3e2375971da7e42e4e330 2008-04-15 00:31 25,088 C:\WINDOWS\system32\dllcache\userinit.exe MD5: 90463a559a0d57b5d4b3e698e1bdde92 2007-05-20 10:33 108,032 C:\WINDOWS\$NtServicePackUninstall$\services.exe MD5: 82fe81c7f30172a315ad70327b868436 2008-04-15 00:30 108,544 C:\WINDOWS\ServicePackFiles\i386\services.exe MD5: 82fe81c7f30172a315ad70327b868436 2008-04-15 00:30 108,544 C:\WINDOWS\system32\services.exe 服務 \ 驅動列表: 顯示方式 : 啟動狀態服務名稱;顯示名稱;檔案名稱啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S9 = Unknow S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-07-25 21:28] S3 napagent;Network Access Protection Agent;C:\WINDOWS\System32\svchost.exe -k netsvcs [] S3 NOWMEMDF;NOWMEMDF;C:\WINDOWS\system32\NOWMEMDF.sys [2005-11-02 19:23] napagent;Network Access Protection Agent;C:\WINDOWS\System32\qagentrt.dll [2008-04-15 00:29] ======================================================= winsock file list: autoruns List (Beta) : Scheduled Tasks List : C:\WINDOWS\tasks\AppleSoftwareUpdate.job => c:\program files\apple software update\softwareupdate.exe <Apple Inc.> Autorunsc Logon startups ( Hijackthis format ) : 04 - HKLM\...\Run: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\imjpmig.exe" <Microsoft Corporation> 04 - HKLM\...\Run: [RTHDCPL] "c:\windows\rthdcpl.exe" <Realtek Semiconductor Corp.> 04 - HKLM\...\Run: [Alcmtr] "c:\windows\alcmtr.exe" <Realtek Semiconductor Corp.> 04 - HKLM\...\Run: [CJIMETIPSYNC] "c:\program files\common files\microsoft shared\ime\imtc65\changjie\cintlcfg.exe" <Microsoft Corp.> 04 - HKLM\...\Run: [PHIMETIPSYNC] "c:\program files\common files\microsoft shared\ime\imtc65\phonetic\tintlcfg.exe" <Microsoft Corp.> 04 - HKLM\...\Run: [NeroFilterCheck] "c:\windows\system32\nerocheck.exe" <Ahead Software Gmbh> 04 - HKLM\...\Run: [StormCodec_Helper] "c:\program files\ringz studio\storm codec\stormset.exe" <N/A> 04 - HKLM\...\Run: [ccApp] "c:\program files\common files\symantec shared\ccapp.exe" <Symantec Corporation> 04 - HKLM\...\Run: [vptray] "c:\program files\symantec antivirus\vptray.exe" <Symantec Corporation> 04 - HKLM\...\Run: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe" <Lexmark International, Inc.> 04 - HKLM\...\Run: [REGSHAVE] "c:\program files\regshave\regshave.exe" <FUJI PHOTO FILM CO., LTD.> 04 - HKLM\...\Run: [QuickTime Task] "c:\program files\ringz studio\storm codec\qttask.exe" <Apple Inc.> 04 - HKLM\...\Run: [iTunesHelper] "c:\program files\itunes\ituneshelper.exe" <Apple Inc.> 04 - HKLM\...\Run: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\reader_sl.exe" <Adobe Systems Incorporated> 04 - HKLM\...\Run: [NSLauncher] "c:\program files\nokia\nokia software launcher\nslauncher.exe" <N/A> 04 - HKLM\...\Run: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe" <Sun Microsystems, Inc.> 04 - HKCU\...\Run: [ctfmon.exe] "c:\windows\system32\ctfmon.exe" <Microsoft Corporation> 04 - HKCU\...\Run: [MsnMsgr] "c:\program files\msn messenger\msnmsgr.exe" <Microsoft Corporation> 04 - HKCU\...\Run: [PVR] C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe <File Not Found> Autostart services and non-disabled drivers ( Hijackthis Format ): 023 - Services: Nowcom Memory Defender [NOWMEMDF] - c:\windows\system32\nowmemdf.sys <(c)NOWCOM> Internet Explorer addons List ( Hijackthis Format ): 02 - BHO: - Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll [Adobe Systems Incorporated] 02 - BHO: - SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll [Sun Microsystems, Inc.] 02 - BHO: - IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - c:\program files\flashget\jccatch.dll [Amaze Soft] 02 - BHO: - Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll [Google Inc.] 08 - Extens: - &FlashGet - C:\PROGRA~1\FlashGet\flashget.exe - c:\program files\flashget\flashget.exe [Amaze Soft] 08 - Extens: - _E___s_u___D... - %windir%\Network Diagnostic\xpnetdiag.exe - c:\windows\network diagnostic\xpnetdiag.exe [Microsoft Corporation] 08 - Extens: - Windows Messenger - C:\Program Files\Messenger\msmsgs.exe - c:\program files\messenger\msmsgs.exe [Microsoft Corporation] ======================================================= catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net scanning hidden files ... scanning hidden processes ... scanning hidden autostart entries ... ======================================================= 4.84 2008-10-08 09:47:35 GMT+00:00 C:\nefix\backup\log1.txt ======================================================= 可使用空間 : 13,115,232,256 位元組可用掃描結束時間: 2008-10-08 18:12:40.76 然後隨身碟就打不開了這邊的打不開的情況是看得到有一個存取硬碟（G）但點開裡面空空如也按內容可用空間跟已用空間都是0位元組看管理裡是有出現G 但是他有標駐無法開啟想請問是怎麼一回事？不知道有誰能幫幫我裡面有一些滿重要的資料說唉唉謝謝 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 122.146.55.233