مشكلة :فيروس يرفض ان يحتذف

I

ibrahimhoqba

زيزوومي جديد
إنضم
14 أبريل 2009
المشاركات
22
مستوى التفاعل
0
النقاط
20
الإقامة
kernel
الموقع الالكتروني
hoqb.blogspot.com
غير متصل
عندي فايرس لم يستطيع الكاسبر حذفه رغم اكتشافه له وهو موجود في الفلاش ميموري
يعتبر هذا الفيروس من فيروسات الاوتورن ويتكون من عدة فيروسات هي
DAT.exe ,gqxwy.pif(msDos shortcut) ,autorun.inf
الكود الموجودة في ملف الأوتورن


PHP: 
;2AJ34dok1LSs37aao2rf0D33a2wle2qqeil1Kks5dad09Kj0soIifAiKdrA2355iidq6
7aSK23jiAfjSLrq3m192DLss5J4liaK40cekfqwkkJ0
 
[AutoRun]
;4reswSL0s33swd4JiLssCkwk1i2o1sskK0w2a40LKkakw3Ak375aDcjJla9KKqaD5w
open=DAT.exe
;ADKlk1Aec9rl427qDLJps7j5KJk9DA2kr7k0w3d5
shell\open\Command=DAT.exe
;f2l02jwsk14iLwJaqDDsaJnC0r2mwJo4i0rf4cDw1rjFS4DKwqAojK3owA
shell\open\Default=1
;dSJ67sLsaDapr3s9a44kelDrJAerir547U4K35arkjlwF1kieLI2fkADws3iiw0092Aj
Kkk4rsKai0ws73HcKeiidl5Dd04qfijKq
shell\explore\Command=DAT.exe
;LK5Jaodljo9JisDdkelkJjcHdaw5453o3K2LarraDlDsiKiae4UAkZK4Knmqfr00sk4i
dd3sqjw2s0kq4waea1raJ2kpZl3Dsa

بالاضافة الى فيروسات بداخل المجلدات بنفس اسم المجلد الموجود فيه
عندما احاول مسحها يدوياً ياتيني خطا نصه "حدث خطا في اجهزة الادخال والاخراج"
وقد حاولت حذفه في اللينكس وعدة ادوات لحذف فيروسات الاوتورن وحاولت فرمتة الفلاش
لكن لا جدوى من هذه الطرق باكملها
ايضاً عندما احاول تغيير الاتربيوت attributes عبر الدوس ياتي خطا نصه
"unable to change the attribute of FILE_NAME.Extension "
فهل من حل وجزاكم الله خيراً
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
توقيع : abosalem88
تأييد 0
تأييد 0
توقيع : KoNaMi
تأييد 0
اخ KoNaMi مالوير بايت قضى 7 ساعات ومازال مستمرا في البحث
هل يكفي ما انقضى؟؟؟؟
 
تأييد 0
توقيع : abosalem88
تأييد 0
تقرير ال هاي جاك​

كود: 
Logfile of Trend Micro HijackThis v2.0.2 
[CENTER]Scan saved at 03:05:48 م, on 07/10/2010[/CENTER]
 
[CENTER]Platform: Unknown Windows (WinNT 6.01.3504)[/CENTER]
 
[CENTER]MSIE: Internet Explorer v8.00 (8.00.7600.16385)[/CENTER]
 
[CENTER]Boot mode: Normal[/CENTER]
 
[CENTER]Running processes:[/CENTER]
 
[CENTER]C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe
[CENTER]C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\ibrahim\Desktop\AutorunRemover.sfx.exe
C:\Users\ibrahim\AppData\Local\Temp\RarSFX1\AutorunRemover.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\explorer.exe
C:\VEXPLite\viritexp.exe
C:\Users\ibrahim\AppData\Local\Temp\zxq1\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\werfault.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Brothersoft Toolbar - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - C:\Program Files\Brothersoft\tbBrot.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Google Analytics Opt-out Browser Add-on - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: Brothersoft Toolbar - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - C:\Program Files\Brothersoft\tbBrot.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Brothersoft Toolbar - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - C:\Program Files\Brothersoft\tbBrot.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix: 
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - [URL]http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab[/URL]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [URL]http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab[/URL]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [URL]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/URL]
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - [URL]http://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldar-sa.cab[/URL]
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1C2F28E-0BD7-460E-9A8F-94651EDF53F7}: NameServer = 192.168.1.1,65.162.184.34
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: ???&?
,,,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Net Control 2 Administrator. Helper Service. (NetControl2.AdminHelper) - Net Software 2 - C:\Program Files\Net Control 2\ahs.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe
O23 - Service: VirIT eXplorer Lite (viritsvclite) - TG Soft Sas [URL="http://www.tgsoft.it"]www.tgsoft.it[/URL] - C:\VEXPLite\viritsvc.exe
--
End of file - 10987 bytes[/CENTER]
[/CENTER]


البرامج المثبتة​



كود: 
2007 Microsoft Office Suite Service Pack 1 (SP1)
 
 
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)[/CENTER]
 
 
 
 
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)[/CENTER]
 
 
 
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)[/CENTER]
 
 
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)[/CENTER]
 

[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)
 
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)
[CENTER]2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acer Backup Manager
Acer Crystal Eye webcam Ver:1.1.88.610
Acer eRecovery Management
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.4.0
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Mobile Device Support
Apple Software Update
ASUS WebStorage
Battery Doubler 1.2.1
Bonjour
Borland C++ 5.02
Brothersoft Toolbar
COWON Media Center - jetAudio Plus VX
D3DX10
Google Analytics Opt-out Browser Add-on
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HijackThis 2.0.2
HP USB Disk Storage Format Tool
Intel(R) TV Wizard
Intel® Matrix Storage Manager
Internet Download Manager
Java(TM) 6 Update 21
JMicron Flash Media Controller Driver
Kaspersky Internet Security 2011
Kaspersky Internet Security 2011
K-Lite Codec Pack 5.7.7 (Full) BETA
Lexmark Z500-Z600 Series
Messenger Companion
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 4 Client Profile
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft SQL Server Native Client
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Express Edition - ENU
Microsoft Visual C++ 2008 Express Edition - ENU
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Mozilla Firefox (3.0.19)
MSVC80_x86
MSVCRT
MyWinLocker
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton Internet Security
PC Connectivity Solution
PC Link
PDF Settings
Quran in Ms Word 1.3
RealPlayer
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver and Utility
SafeCast Shared Components
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
StarPort Lite, Version 7.2.20 (Build 2007-04-04)
SweetIM for Messenger 3.2
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TeamViewer 5
TuneUp Utilities
Ubuntu
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Outlook 2007 Junk Email Filter (kb2291599)
VC Runtimes MSI
VirtualCloneDrive
VLC media player 1.0.0-git-20090113-0005
WIDCOMM Bluetooth Software 6.0.1.6400
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR archiver
WinSoftMEsti
WinZip 12.0
Wondershare Flash Gallery Factory Deluxe 5.0.2
WPF Toolkit June 2009 (Version 3.5.40619.1)
Xilisoft Video Converter Platinum
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Software Update
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)[/CENTER]
[/CENTER]


[/CENTER]
 
تأييد 0
وهذا تقرير المالوير
كود: 
************' Anti-Malware 1.46
[URL="http://www.************.org"]www.************.org[/URL]
Database version: 4762
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
07/10/2010 08:31:10 م
mbam-log-2010-10-07 (20-31-10).txt
Scan type: Full scan (C:\|E:\|F:\|G:\|)
Objects scanned: 534027
Time elapsed: 15 hour(s), 52 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 43
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{a9722a0d-365f-47d2-b70b-37d046316d99} (Adware.EZlife) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{931c624a-1932-49f4-b1e4-b7ab60881f75} (Adware.SmartAdsSolutions) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{025b1d48-fda2-439b-a74d-ceca8b704028} (Adware.SmartAdsSolutions) -> No action taken.
HKEY_CLASSES_ROOT\adhlpr.adhlpr (Adware.Adrotator) -> No action taken.
HKEY_CLASSES_ROOT\adhlpr.adhlpr.1.0 (Adware.Adrotator) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ezLife (Adware.EzLife) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\.norton2009Reset (Trojan.Hacktool) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Common Files\PersonSecurityUninstall (Rogue.PersonalSecurity) -> No action taken.
C:\Program Files\ezLife (Adware.EzLife) -> No action taken.
C:\Program Files\ezLife\ezLife (Adware.EzLife) -> No action taken.
C:\Program Files\ezLife\ezLife\1.3.6.0 (Adware.EzLife) -> No action taken.
C:\Program Files\Smart-Ads-Solutions (Adware.SmartAds) -> No action taken.
C:\Program Files\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> No action taken.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.3.6.0 (Adware.SmartAds) -> No action taken.
Files Infected:
C:\Adobe Photoshop CS3 Extended ME\Keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Adobe Photoshop CS3 Extended ME\Keygen\Keygen2.exe (Trojan.Agent) -> No action taken.
C:\Program Files\MagicISO\magic.iso.maker.v5.5.261-nope.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Real\RealPlayer\Activator.exe (Trojan.Agent) -> No action taken.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.3.6.0\SmartAdsxtra.dll (Adware.SmartAdsSolutions) -> No action taken.
C:\Users\ibrahim\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\Users\ibrahim\Documents\Downloads\Brmoda_1.5.1.rar (Malware.Packer.Gen) -> No action taken.
E:\download\كتاب اتصالات وشبكات\12060807_to_write_quickly_on_keyboard.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Computer skills 1&2\Computer skills 2\HTML\HTML.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Computer skills 1&2\Computer skills 2\HTML\htmlكتاب عن لغة ال.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Computer skills 1&2\Computer skills 2\HTML\_html.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\software\registry\RUN.EXE (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Internet programming\HTML\HTML.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Internet programming\HTML\htmlكتاب عن لغة ال.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\MyE-Books\Internet programming\HTML\_html.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\Sites\Fourms\phpbb2-4arab\phpBB2 Books\phpBB2 Learn.exe (Spyware.AdaEbook) -> No action taken.
E:\Books\ركن عتاد الكمبيوتر\badsectors\badsectors.exe (Spyware.AdaEbook) -> No action taken.
E:\Fscommand\Abdio PDF Editor 8.8\Portable Abdio PDF Editor 8.8.exe (Trojan.Agent) -> No action taken.
E:\Fscommand\AoA Dvd Creator 2.0.6\Crack\AoADVDCreator.exe (Malware.Packer) -> No action taken.
E:\Fscommand\BitDefender Total Security 2009\Patch\Patch.exe (Malware.Tool) -> No action taken.
E:\Fscommand\Cyberlink PowerDVD Ultra 8.0.2217.50\Cyberlink PowerDVD Ultra 8.0.1730\Tweak Pack\Auto-Resume Patch\Data\PDVD8_AutoResume_Patch.exe (Trojan.FakeAlert) -> No action taken.
E:\Fscommand\Cyberlink PowerDVD Ultra 8.0.2217.50\Cyberlink PowerDVD Ultra 8.0.1730\Tweak Pack\Auto-Resume Patch\Data\PDVD8_PlayFromBeginning_Patch.exe (Trojan.FakeAlert) -> No action taken.
E:\Fscommand\Cyberlink PowerDVD Ultra 8.0.2217.50\Cyberlink PowerDVD Ultra 8.0.1730\Tweak Pack\Auto-Resume Patch\Data\PDVD8_PlayResume_Patch.exe (Trojan.FakeAlert) -> No action taken.
E:\Fscommand\Gburner 2.4\PATCH.exe (Trojan.Downloader) -> No action taken.
E:\Fscommand\iTunes 8.0.0.35\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
E:\Fscommand\Real Player v.11.0.9.372 Gold Premium Multi-Media Full 2008\Activator.exe (Trojan.Agent) -> No action taken.
E:\Fscommand\SWISH Jukebox 1.0\crack\swishzone.swish.jukebox.1.0.2007.10.20.2-NoPE.exe (Trojan.Downloader) -> No action taken.
E:\Fscommand\SWISH Pix 1.0\crack\swishzone.swishpix.1.5.2006.07.14-NoPE.exe (Trojan.Downloader) -> No action taken.
E:\TOSHIBA\Internet.Download_Manager.v5.17\Internet Download Manager v5.17\Patch 5.xx (2008-12-06).exe (Trojan.Agent) -> No action taken.
E:\TOSHIBA\Internet.Download_Manager.v5.17\Internet Download Manager v5.17\keygen\Keygen.exe (Trojan.Agent.K) -> No action taken.
F:\programs\MagicTouch2\Converters\AV Voice Changer 6.0.10 Diamond Zz.exe (Trojan.Downloader) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Compress\WinAce Archiver 2.69.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Compress\WinZip 12 Pro.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Compress\WinZip Self-Extractor3.1.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Desktop\Axialis IconWorkshop v6.10 Corporate Edition Zz.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Desktop\TuneUp Utilities\TuneUpUtilitiesPacks_Xp_Setup.exe (Rogue.ErrorRepairProfessional) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Graphic\ACD FotoSlate 4.0.66.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Graphic\ACDSee 9 Photo Manager Arabic_Setup.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Multimedia\Ashampoo Media Player 2.03.exe (Trojan.Downloader) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Multimedia\snagit9.exe (Malware.NSPack) -> No action taken.
F:\programs\MagicTouch2 2 DVD\MagicTouch2\Office\Nitro pdf express 5_Setup.exe (Malware.NSPack) -> No action taken.
C:\Program Files\Common Files\PersonSecurityUninstall\Uninstall.lnk (Rogue.PersonalSecurity) -> No action taken.
C:\Windows\winlogs.dll (Trojan.Agent) -> No action taken.
 
تأييد 0
السلام عليكم جمعة مباركة
هل من حل اخواني
لقد احضرت لكم ما طلبتموه من تقارير رغم اننا اعلم ان لا فائدة
لإن الفيروس يوجد على الفلاش ميموري وليس على الجهاز
ما اريده هو كيف اتخلص من هذا الفيروس باي طريقة
"الغريب في هذا الفيروس هو عندما اقوم بفصل الميموري كارد ثم اعيده الاحظ علا مة صفراء
على التعريف driver وكما اخبرتكم سالفا ينتج خطا في ال i/o devices"
 
تأييد 0
اخوي انت منصب برنامجين حمايه

+​

كلك يمين على جهاز الكمبيوتر>>>>> الادارة >>>> اختار ادارة الاجهزة او اعمل مثل الصورة

20b00c74a925ed518bd679d64d87ddd8.png

صور القائمة وارفع الصورة وحطها بمشاركتك الجاي
 
توقيع : abosalem88
تأييد 0
بالنسبة لبرامج الحماية انا ما عندي غير الكاسبر فقط
الصورة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى