مساعدة .. كيف أحذف worm.p2p.genric

  • بادئ الموضوع بادئ الموضوع dr_hota
  • تاريخ البدء تاريخ البدء
  • المشاهدات 899
D

dr_hota

زيزوومي جديد
إنضم
11 يوليو 2008
المشاركات
24
مستوى التفاعل
0
النقاط
20
متصل
أرجو المساعدة يا أخوان لأن الكاسبر 6 وجدو ولا يستطيع حذفه أرجو المساعدة في حذفه ولكم جزيل الشكر مقدما ................:f::f::mad::f::f:
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : Al jNtEeL
تأييد 0
ارجو العذر من الاخ الجنتل عالمداخلة


بس ممكن صورة؟
 
توقيع : العرافة
تأييد 0
شكرا لك على مساعدتك أخي الجنتل وطبقت الخطوات المطلوبة مني وهذا هو التقرير​
ComboFix 08-07-24.3 - Administrator 07/25/2008 16:35:45.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.1578 [GMT 7:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\WINDOWS\mdm.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\svchost.ini
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\winitn.dll
D:\Autorun.inf
E:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-06-25 to 2008-07-25 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-25 07:36 8,576 ----a-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-25 07:36 6,176 ----a-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-25 07:36 2,648 ----a-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-25 07:36 178,208 ----a-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-22 12:34 24,848 ----a-w C:\WINDOWS\system32\msjter35.dll
2008-07-22 12:34 123,664 ----a-w C:\WINDOWS\system32\msjint35.dll
2008-07-22 12:34 1,045,776 ----a-w C:\WINDOWS\system32\msjet35.dll
2008-07-22 12:33 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-07-22 12:33 286,720 ------w C:\WINDOWS\Setup1.exe
2008-07-22 12:33 --------- d-----w C:\Program Files\Project1
2008-07-20 18:10 --------- d-----w C:\Program Files\Real
2008-07-20 18:10 --------- d-----w C:\Program Files\Common Files\Real
2008-07-20 16:23 --------- d-----w C:\Program Files\HtmlConverter
2008-07-20 06:44 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-20 06:44 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-20 06:41 --------- d-----w C:\Program Files\MSXML 6.0
2008-07-20 05:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-07-20 05:24 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-07-20 05:24 --------- d-----w C:\Program Files\Nokia
2008-07-20 05:24 --------- d-----w C:\Program Files\DIFX
2008-07-20 05:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-20 05:24 --------- d-----w C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-07-20 05:24 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-07-20 05:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-18 08:50 --------- d-----w C:\Program Files\Demo Builder
2008-07-16 18:33 --------- d-----w C:\Program Files\InterVideo
2008-07-16 18:33 --------- d-----w C:\Program Files\Common Files\InterVideo
2008-07-16 18:15 --------- d-----w C:\Program Files\particleIllusion_3_demo
2008-07-16 18:03 --------- d-----w C:\Program Files\Total Video Converter
2008-07-16 18:02 --------- d-----w C:\Program Files\Steinberg
2008-07-16 18:00 --------- d-----w C:\Program Files\Waves
2008-07-16 18:00 --------- d-----w C:\Program Files\Antares Audio Technologies
2008-07-16 17:59 --------- d-----w C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter)
2008-07-16 17:57 344,064 ----a-w C:\WINDOWS\system32\dkll.dll
2008-07-16 17:57 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-07-16 17:57 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-07-16 17:57 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
2008-07-16 17:57 --------- d-----w C:\Program Files\Ozone
2008-07-16 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-16 14:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-07-15 18:21 --------- d-----w C:\Program Files\Magix
2008-07-15 18:18 --------- d-----w C:\Program Files\Common Files\TechSmith Shared
2008-07-15 18:08 --------- d-----w C:\Program Files\Microsoft Kids
2008-07-15 17:58 --------- d-----w C:\Program Files\WaveL Pic2Pic
2008-07-15 17:57 --------- d-----w C:\Program Files\Google
2008-07-15 17:54 --------- d-----w C:\Program Files\Common Files\GeoVid
2008-07-15 17:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ACD Systems
2008-07-15 17:28 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-07-15 17:28 --------- d-----w C:\Program Files\ACD Systems
2008-07-15 17:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-07-15 17:08 --------- d-----w C:\Program Files\TechSmith
2008-07-15 17:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-07-15 17:07 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-15 17:04 --------- d-----w C:\Program Files\intocartoonpro
2008-07-15 17:03 --------- d-----w C:\Program Files\Batch Image Resizer
2008-07-15 16:57 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-14 19:36 --------- d-----w C:\Program Files\PConPoint
2008-07-14 19:35 --------- d-----w C:\Program Files\SmartClose
2008-07-14 19:33 --------- d-----w C:\Program Files\RegCure
2008-07-14 19:30 --------- d-----w C:\Program Files\UltraISO
2008-07-14 19:30 --------- d-----w C:\Program Files\Common Files\EZB Systems
2008-07-14 19:23 --------- d-----w C:\Program Files\Reference Assemblies
2008-07-14 19:23 --------- d-----w C:\Program Files\MSBuild
2008-07-14 18:42 --------- d-----w C:\Program Files\Java
2008-07-14 18:42 --------- d-----w C:\Program Files\Common Files\Java
2008-07-14 17:56 --------- d-----w C:\Program Files\Kaspersky Lab
2008-07-14 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-14 17:50 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-07-14 17:49 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-14 17:46 --------- d-----w C:\Program Files\Internet Download Manager
2008-07-14 17:46 --------- d-----w C:\Documents and Settings\Administrator\Application Data\IDM
2008-07-14 17:46 --------- d-----w C:\Documents and Settings\Administrator\Application Data\DMCache
2008-07-14 17:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-07-14 14:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\HP
2008-07-14 14:37 --------- d-----w C:\Documents and Settings\hota\Application Data\HP
2008-07-14 14:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-07-14 14:35 --------- d-----w C:\Program Files\Hewlett-Packard
2008-07-14 14:30 --------- d-----w C:\Program Files\HP
2008-07-14 14:29 --------- d-----w C:\Program Files\Common Files\SWF Studio
2008-07-14 14:28 --------- d-----w C:\Program Files\Power Presenter RE
2008-07-14 14:27 --------- d-----w C:\Program Files\Free Notes & Office Ink
2008-07-14 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Tablet
2008-07-14 14:15 --------- d-----w C:\Documents and Settings\hota\Application Data\InstallShield
2008-07-14 14:12 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-07-14 14:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-14 14:12 --------- d-----w C:\Program Files\Realtek
2008-07-14 14:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-14 14:07 --------- d-----w C:\Program Files\Intel
2008-07-14 12:15 --------- d-----w C:\Program Files\LClock
2008-07-14 12:14 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-14 12:14 --------- d-----w C:\Program Files\Unlocker
2008-07-14 12:14 --------- d-----w C:\Program Files\Microsoft PowerToys
2008-07-14 12:14 --------- d-----w C:\Program Files\HashTab Shell Extension
2008-06-20 17:36 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:44 360,960 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:32 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\divx.dll
.
------- Sigcheck -------
11/19/2007 11:00 PM 577536 7a540726ca75e1e988d56ab69925ba79 C:\WINDOWS\system32\user32.dll
11/19/2007 11:00 PM 2182144 a09c144d8d5a460b8ebfa56f913715d2 C:\WINDOWS\system32\ntkrnlpa.exe
11/19/2007 11:00 PM 2302464 465e3e1178812be755634457f4a778bf C:\WINDOWS\system32\ntoskrnl.exe
11/19/2007 11:00 PM 1647616 3d8a3ba32663082a2256f0eb986c3025 C:\WINDOWS\explorer.exe
11/19/2007 11:00 PM 40448 e00dfa816fa5521eb44c5d63109de2a9 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [11/19/2007 11:00 PM 40448]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [05/05/2008 09:00 PM 2594224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="C:\WINDOWS\VistaDrive\VistaDrive.exe" [10/05/2006 08:56 PM 280779]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [09/07/2006 01:19 PM 15872]
"LClock"="C:\Program Files\LClock\LClock.exe" [09/19/2004 12:27 PM 65536]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 12:55 PM 98304]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 12:52 PM 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 12:55 PM 118784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [11/19/2007 11:00 PM 40448]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"= 0 (0x0)
"NoDispScrSavPage"= 0 (0x0)
"NoDispSettingsPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoClose"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoRun"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"VIDC.ACDV"= ACDV.dll
"MSVideo"= CSvidcap.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 02/16/2005 11:11 PM 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
--a------ 06/09/2006 11:23 AM 36864 C:\Program Files\HP\HP UT\bin\hppusg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 05/05/2008 09:00 PM 2594224 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 06/10/2008 04:27 AM 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
--a------ 06/15/2006 08:43 AM 49152 C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-r------- 05/03/2005 05:43 PM 69632 C:\WINDOWS\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacrokeyManager]
--a------ 05/29/2007 08:55 AM 1969824 C:\WINDOWS\system32\WTMKM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 07/05/2007 03:08 PM 16380416 C:\WINDOWS\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 06/15/2007 03:45 PM 1826816 C:\WINDOWS\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R2 WTService;WTService;C:\WINDOWS\system32\atwtusb.exe [05/29/2007 04:40 PM]
R3 DLKRTS;D-Link DFE-538TX 10/100 Adapter;C:\WINDOWS\system32\DRIVERS\DLKRTS.SYS [10/17/2001 07:59 PM]
S3 HPFXBULK;HPFXBULK;C:\WINDOWS\system32\drivers\hpfxbulk.sys [06/12/2006 05:36 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14f3908a-561c-11dd-8b23-0055d0c31711}]
\Shell\AutoRun\command - H:\RavMon.exe
\Shell\explore\Command - H:\RavMon.exe -e
\Shell\open\Command - H:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4816cd20-58bd-11dd-8b2e-0055d0c31711}]
\Shell\AutoRun\command - H:\RavMon.exe
\Shell\explore\Command - H:\RavMon.exe -e
\Shell\open\Command - H:\RavMon.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
s of the 'Scheduled Tasks' folder
"2008-07-16 20:02:28 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-25 09:32:10 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKLM-Run-SystemInit - (no file)
HKLM-Run-Karen - (no file)
HKLM-Run-raVe - (no file)
HKLM-Run-Win32BaseServiceMOD - (no file)
HKLM-Run-startIE - (no file)
HKLM-RunServices-raVe - (no file)
HKLM-RunServices-Driver32 - (no file)
MSConfigStartUp-PCSuiteTrayApplication - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = about:blank
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm

**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-07-25 16:37:00
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
.
Completion time: 07/25/2008 16:37:22
ComboFix-quarantined-files.txt 2008-07-25 09:37:22
Pre-Run: 14,363,852,800 bytes free
Post-Run: 14,460,452,864 bytes free
277 --- E O F --- 2008-07-24 20:31:39
 
تأييد 0
وهذي أختي صورة للفيروس من برنامج الكاسبر أتمنى أن أجد حلا لحذفه
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
تم حذف بعض الفايروسات والحمد لله :::

اتبع الآتي ويفضل بل يستحسن وبشده أن يكون في الوضع الآمن ::


حمل هذه الاداة ,,
واتبع الشرح التالي ,, لتنظيف جهازك من الفيروسات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,


رابط الاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




شرح الاستخدام ,,,,,,



000.png




ولحفظ التقرير اعمل التالي ,,


001.png





002.png





بعدهاا ارفع التقرير على هذا الموقع ,, وارفق الرابط بردك القادم
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 
التعديل الأخير بواسطة المشرف:
توقيع : Al jNtEeL
تأييد 0
سأنفذ أستاذي الجنتل ما قلت لي وأرفق التقرير شاكر ردك ومساعدتك الله يوفقك
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى