مشكلة النت متصل والمواقع لا تفتخ

ع

عامر0

زيزوومى فعال
إنضم
27 نوفمبر 2008
المشاركات
202
مستوى التفاعل
3
النقاط
250
غير متصل
السلام عليكم
حدثت عندي مشكله النت منصل والمواقع لا تفتح . ثبت عدة برامج مثل موزيلا والابرا وللاسف نفس المشكله
نظام التشغيل ويندوز 7-32 بت

التقرير
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:59:44 ص, on 15/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\OMAN\AppData\Local\vjcamx.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\Cwupya.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Oman Mobile Broadband\Oman Mobile Broadband.exe
C:\Windows\system32\wuauclt.exe
D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FU_JFM] C:\Program Files\FinalUninstaller\JFM.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [wuqjfopb] C:\Users\OMAN\AppData\Local\vjcamx.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Platinum Hide IP] C:\Program Files\PlatinumHideIP\PlatinumHideIP.exe
O4 - HKCU\..\Run: [wuqjfopb] C:\Users\OMAN\AppData\Local\vjcamx.exe
O4 - HKCU\..\Run: [CE8SIIFGSU] C:\Users\OMAN\AppData\Local\Temp\Cdv.exe
O4 - HKCU\..\Run: [VXEG3ZNNE5] C:\Windows\Cwupya.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: twrra.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O17 - HKLM\System\CCS\Services\Tcpip\..\{5D5E95BA-9D9C-4808-878E-302133D82D76}: NameServer = 212.72.1.186 212.72.23.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{86953B08-62D7-4373-A31F-9C6848F56FD6}: NameServer = 212.72.1.186 212.72.23.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{A792C7BD-1D91-4985-9F5A-055ECB8EE733}: NameServer = 212.72.1.186 212.72.23.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Log Events - Globe7 HK Ltd - C:\Program Files\adobs\msats.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 13784 bytes


 

ترتيب حسب التاريخ ترتيب حسب الأصوات
توقيع : طآغي النظرهـ
تأييد 0
عطنا تقرير البرامج المثبته اخوي
 
توقيع : الوفاء طبعي
تأييد 0
تفضل
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



Database version: 6046

Windows 6.1.7600
Internet Explorer 9.0.8080.16413

15/03/2011 05:01:44 م
mbam-log-2011-03-15 (17-00-19).txt

Scan type: Full scan (C:\|)
Objects scanned: 350267
Time elapsed: 2 hour(s), 33 minute(s), 59 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 18
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 25

Memory Processes Infected:
c:\Users\OMAN\AppData\Local\vjcamx.exe (Backdoor.Bot) -> 3720 -> No action taken.
c:\Windows\Cwupya.exe (Trojan.Agent) -> 1724 -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA} (Adware.Bandoo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5} (Adware.Bandoo) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bandoo Coordinator (Adware.Bandoo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} (Adware.Bandoo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} (Adware.Bandoo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{9D71D88C-C598-4935-C5D1-43AA4DB90836} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Bifrost (Bifrose.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VXEG3ZNNE5 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Bifrose.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mycrosnft (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe (Security.Hijack) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuqjfopb (Backdoor.Bot) -> Value: wuqjfopb -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuqjfopb (Backdoor.Bot) -> Value: wuqjfopb -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\VXEG3ZNNE5 (Trojan.Agent) -> Value: VXEG3ZNNE5 -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CE8SIIFGSU (Trojan.FakeAlert) -> Value: CE8SIIFGSU -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe\Debugger (Security.Hijack) -> Value: Debugger -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe\Debugger (Security.Hijack) -> Value: Debugger -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) Good: (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) -> No action taken.

Folders Infected:
c:\Users\OMAN\AppData\Roaming\Bifrost (Backdoor.Bifrose) -> No action taken.
c:\program files\Bifrost (Backdoor.Bifrose) -> No action taken.
c:\Bifrost (Backdoor.Bifrose) -> No action taken.

Files Infected:
c:\Program Files\Bandoo\Bandoo.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Local\vjcamx.exe (Backdoor.Bot) -> No action taken.
c:\Windows\Cwupya.exe (Trojan.Agent) -> No action taken.
c:\Program Files\Bandoo\BndCore.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\Cd1.exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\Cd3.exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\Cdw.exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\Cdx.exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\Cdz.exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\ageofempires_4734308.exe (Trojan.Downloader) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\GLFB287\Bin\Bandoo.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\GLFB287\Bin\BndCore.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Local\Temp\GLFB287\Bin\extensionsmanager.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\NCLSTPKJ\inpa[1].exe (Trojan.Agent) -> No action taken.
c:\Users\OMAN\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\twrra.exe (Backdoor.Bot) -> No action taken.
c:\Users\OMAN\downloads\freesystemscan(2).exe (Trojan.FakeAlert) -> No action taken.
c:\Users\OMAN\downloads\freesystemscan.exe (Trojan.FakeAlert) -> No action taken.
c:\new folder\Windows.old\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> No action taken.
c:\new folder\Windows.old\program files\flv direct player\uninstall.exe (Adware.FLVPlayer) -> No action taken.
c:\program files\Bandoo\extensionsmanager.exe (Adware.Bandoo) -> No action taken.
c:\Users\OMAN\AppData\Roaming\addons.dat (Bifrose.Trace) -> No action taken.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
c:\Users\OMAN\AppData\Roaming\Bifrost\logg.dat (Backdoor.Bifrose) -> No action taken.
c:\program files\Bifrost\logg.dat (Backdoor.Bifrose) -> No action taken.
c:\Bifrost\logg.dat (Backdoor.Bifrose) -> No action taken.

 
تأييد 0
توقيع : علي همر
تأييد 0
تفضل اخوي طبق الشرح التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وهات التقرير بردك القادم
 
توقيع : طآغي النظرهـ
تأييد 0
احذف القيم التالية


R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll


R3 - URLSearchHook: (no name) - - (no file)


O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll


O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll



O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll


O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe



O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (file missing)


O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)


O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (file missing)



وان شاء الله تنحل المشكلة
 
توقيع : ديدودا
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى