لدي فايروسين بالفلاش ميموري ولم يستطع حذفه الكاسبر سكاي ( يوجد تقرير هيجاك)

المصدر: لدي فايروسين بالفلاش ميموري ولم يستطع حذفه الكاسبر سكاي ( يوجد تقرير هيجاك)
في منتدى : منتدى مشاكـل وحلول الحـاسب

السلام عليكم ورحمة الله وبركاته
أخواني الأعزاء
لدي فايروسين في الفلاش ميموري ولم استطع حذفها
اسماء هذه الفايروسات هي​

الفايروس الاول
detected:trojan program trojan-psw32.delf.lh
الفايروس الثاني
detected:trojan program trojan.win32.vb.aqt​

لم استطع حذفها من الفلاش ميموري بالكاسبر سكاي 7
وهذا هو التقرير بالهيجاك​

كود:

 
 
[CENTER][SIZE=4][COLOR=royalblue]Logfile of HijackThis v1.99.1[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]Scan saved at 12:49:18 م, on 12/10/2007[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]Platform: Windows XP SP2 (WinNT 5.01.2600)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]Running processes:[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\System32\smss.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\winlogon.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\services.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\lsass.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\svchost.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\System32\svchost.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\spoolsv.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Common Files\Real\Update_OB\realsched.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\ctfmon.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\WinZip\WZQKPICK.EXE[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\system32\msiexec.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\WINDOWS\explorer.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\MSN Messenger\msnmsgr.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Internet Explorer\iexplore.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\Program Files\Real\RealPlayer\RealPlay.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]C:\DOCUME~1\WINXP~1\LOCALS~1\Temp\الدليل المؤقت 1 لـ hijackthis_199.zip\HijackThis.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://www.goo12.com/[/URL][/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 212.11.191.11:8080[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL (file missing)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: A2NPopUpKiller Class - {8A321C7D-9CED-45A8-870D-DAE843A45FD0} - C:\Program Files\Armor2net\Armor2net Personal Firewall\PopUpKiller.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware349\bin\Starware349.dll (file missing)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O3 - Toolbar: Starware Horoscopes Toolbar - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware349\bin\Starware349.dll (file missing)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKLM\..\Run: [Armor2net] C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL (file missing)[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - [URL]http://66.252.1.213/talk.cab[/URL][/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [URL]http://update.microsoft.com/microsof...?1178893592995[/URL][/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O16 - DPF: {8C159DFD-DC9C-4077-B3B6-114A8D64B6D2} (UserAuthenticate Class) - [URL]http://voda.emkanat.com/cp/files/talk08.cab[/URL][/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe[/COLOR][/SIZE]
[SIZE=4][COLOR=royalblue]O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[/COLOR][/SIZE][/CENTER]
 
 

وعشان تكونون بالصوره جربت هذي الاداه وما نفعت
http://nadertm.googlepages.com/PRT.rar​

ياليت الحل يا اخوان​

 

مرحبا

جهازك مافيه شيء

تخلص من القيم التالية

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware349\bin\Starware349.dll (file missing)

O3 - Toolbar: Starware Horoscopes Toolbar - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware349\bin\Starware349.dll (file missing)

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL (file missing)

O16 - DPF: {8C159DFD-DC9C-4077-B3B6-114A8D64B6D2} (UserAuthenticate Class) - http://voda.emkanat.com/cp/files/talk08.cab

بالنسبة للفلاش ... حاول بالكاسبر عن طريق الوضع الامن ..
لعله يحذفهم لك ..

واذا مانفع ان شاء الله الغالي زيزوووم ,,والا اي واحد من الاخوان يعطيك ان شاء الله حل نهائي للمشكلة

تحياتي

 

^
^
^

فديته اناا ,

------------------


ياغالي ,, جهازك ماعليه ,, انتي فايروس

انصحك بتركيب الكاسبر ,,, انترنت سيكيوريتي


وبخصوص الفايروس الموجود بالفلااش ,, امره سهل ان شاء الله

ركب الفلااش ميموري ,, بعدها حمل الملف هذا وقم بتشغيله
http://www.zshare.net/download/36376172bd2262/

\\\\\\\\\\\\\\\\


ومثل ماقلت لك تحتاج تركب برنامج حمايه على جهازك


بالتوفيق وكل عام وانت بخير

 

جزاكم الله خير

ومشكورين على الردود

وجاري تجربة الحلول وسأوافيكم بالنتيجه