ارجو المساعدة في تقرير الهايجك

  • بادئ الموضوع بادئ الموضوع legends
  • تاريخ البدء تاريخ البدء
L

legends

زيزوومي جديد
إنضم
4 نوفمبر 2008
المشاركات
32
مستوى التفاعل
1
النقاط
40
غير متصل
Scan saved at 01:28:29 ص, on 05/21/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16968)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\ProgramData\50de5teeyx.exe
C:\Windows\System32\a2.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Windows\system32\taskeng.exe
C:\Zyzoom_Forum_Tools\zHijak.com

F3 - REG:win.ini: load=C:\Users\user\LOCALS~1\Temp\msqbwvkwf.pif
O4 - HKLM\..\Run: [50de5teeyx] C:\ProgramData\50de5teeyx.exe
O4 - HKLM\..\Run: [l3yg2h61ay] C:\ProgramData\l3yg2h61ay.exe
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKLM\..\Run: [rinetd] C:\Windows\system32\ActionCenterCPL.exe
O4 - HKLM\..\Run: [smwcore] C:\Windows\system32\adsldpc.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKCU\..\Run: [50de5teeyx] C:\Users\user\50de5teeyx.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\Policies\Explorer\Run: [55471] C:\PROGRA~2\LOCALS~1\Temp\mszatyym.scr
O4 - HKUS\S-1-5-18\..\Run: [Windows Time] rundll32.exe "C:\ProgramData\UtzavvAmsicr.dll",EntryPoint (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Classes] C:\Windows\system32\config\systemprofile\AppData\Roaming\9AFBC1.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Windows Time] rundll32.exe "C:\ProgramData\UtzavvAmsicr.dll",EntryPoint (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Classes] C:\Windows\system32\config\systemprofile\AppData\Roaming\9AFBC1.exe (User 'Default user')
O4 - Startup: ryhvmpdw.exe
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Users\user\AppData\Local\Temp\zxq2\\mbamservice.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Syntek STK1150 Service (StkASSrv) - Syntek America Inc. - C:\Windows\System32\StkASv2K.exe

--
End of file - 3698 bytes
Runscanner logfile

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



* = signed file
- = file not found

General info
------------
Computer name : USER-PC
Creation time : 05/20/2012 10:04:27 م
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Ultimate
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : العربية (السعودية)‏
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
C:\Users\user\50de5teeyx.exe
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
C:\Windows\System32\conhost.exe (Microsoft Corporation)
C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
* C:\Program Files\Hotspot Shield\bin\hsswd.exe
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Program Files\Hotspot Shield\bin\openvpnas.exe
* C:\Program Files\Hotspot Shield\bin\openvpntray.exe
* C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
C:\Program Files\s3graphics\chrome3\S3Funkey.svc (S3 Graphics Co., Ltd.)
C:\Program Files\s3graphics\chrome3\S3Funkey.svc (S3 Graphics Co., Ltd.)
C:\Program Files\s3graphics\chrome3\s3loadsv.svc (S3 Graphics Co., Inc.)
C:\Program Files\s3graphics\chrome3\s3loadsv.svc (S3 Graphics Co., Inc.)
* C:\Windows\System32\services.exe (Microsoft Corporation)
C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
C:\Windows\System32\StkASv2K.exe (Syntek America Inc.)
C:\Windows\Temp\VRT186.tmp
C:\Windows\Temp\VRT2EFD.tmp
C:\Windows\Temp\VRTBAB8.tmp
* C:\Windows\System32\smss.exe (Microsoft Corporation)
C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
C:\Windows\System32\rundll32.exe (Microsoft Corporation)
C:\Windows\explorer.exe (Microsoft Corporation)
C:\Windows\explorer.exe (Microsoft Corporation)

Unrated items
-------------
002 C:\ProgramData\50de5teeyx.exe
002 C:\ProgramData\l3yg2h61ay.exe
003 C:\Users\user\50de5teeyx.exe
004 C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ryhvmpdw.exe
007 C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ryhvmpdw.exe
008 C:\ProgramData\UtzavvAmsicr.dll
010 C:\Windows\system32\Alg.exe (Application Layer Gateway Service)
010 C:\Windows\system32\dwm.exe (Desktop Window Manager)
010 * C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (hsssrv.exe)
010 * C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE (HssTrayService.EXE)
010 * C:\Program Files\Hotspot Shield\bin\hsswd.exe (hsswd.exe)
010 * C:\Users\user\AppData\Local\Temp\zxq2\\mbamservice.exe (Malwarebytes' Anti-Malware)
010 C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer)
010 C:\Windows\system32\wbengine.exe (‎‎Microsoft® Block Level Backup Engine Service EXE)
010 C:\Windows\system32\vssvc.exe (Microsoft® Volume Shadow Copy Service)
010 * C:\Program Files\Hotspot Shield\bin\openvpnas.exe (openvpnas.exe)
010 C:\Program Files\s3graphics\chrome3\s3funkey.svc (s3funkey)
010 C:\Program Files\s3graphics\chrome3\s3loadsv.svc (Service and HPD loader)
010 C:\Windows\system32\snmptrap.exe (SNMP Trap)
010 C:\Windows\system32\spoolsv.exe (Spooler SubSystem App)
010 C:\Windows\System32\StkASv2K.exe (Syntek Hardware Snapshot Launch Application Services)
010 C:\Windows\ehome\ehrecvr.exe (Windows Media Center Receiver Service)
010 C:\Windows\ehome\ehsched.exe (Windows Media Center Scheduler Service)
010 C:\Program Files\Windows Media Player\wmpnetwk.exe (Windows Media Player Network Sharing Service)
010 C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer)
010 C:\Windows\system32\wbem\wmiapsrv.exe (WMI Performance Reverse Adapter)
010 C:\Windows\system32\ui0detect.exe (‎‎اكتشاف الخدمات التفاعلية)
010 C:\Windows\system32\vds.exe (‎‎خدمة الأقراص الظاهرية)
010 C:\Windows\system32\sppsvc.exe (‎‎خدمة النظام الأساسي لحماية البرامج لـ Microsoft)
010 C:\Windows\system32\Locator.exe (‎‎محدد موقع Rpc)
011 c:\windows\system32\DRIVERS\AgileVpn.sys (AgileVpn.sys)
011 * C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender AntiVirus FS filter driver)
011 c:\windows\system32\drivers\ccdcmb.sys (ccdcmb.sys)
011 c:\windows\system32\drivers\ccdcmbo.sys (ccdcmbo.sys)
011 C:\Users\user\AppData\Local\Temp\{3E8CD5B4-7C62-4818-8B44-55EF67505BDB}\fsgk.sys (fsgk.sys)
011 * C:\Windows\system32\DRIVERS\HssDrv.sys (Hotspot Shield Routing Driver)
011 C:\Windows\system32\drivers\BIOS.sys (I/O Interface driver file)
011 * C:\Windows\system32\DRIVERS\KMWDFILTER.sys (KMWDFilter Driver from UASSOFT.COM)
011 * C:\Windows\system32\drivers\mbam.sys (MBAMProtector)
011 C:\Windows\system32\drivers\MSTEE.sys (MSTEE.sys)
011 c:\windows\system32\DRIVERS\MTConfig.sys (MTConfig.sys)
011 C:\Windows\system32\drivers\mup.sys (mup.sys)
011 C:\Windows\system32\drivers\NDProxy.sys (NDIS Proxy)
011 C:\Windows\system32\drivers\ndis.sys (ndis.sys)
011 c:\windows\system32\DRIVERS\ndiscap.sys (ndiscap.sys)
011 c:\windows\system32\DRIVERS\ndisuio.sys (ndisuio.sys)
011 c:\windows\system32\DRIVERS\netbios.sys (netbios.sys)
011 C:\Windows\system32\drivers\netbt.sys (netbt.sys)
011 c:\windows\system32\DRIVERS\nfrd960.sys (nfrd960)
011 C:\Windows\system32\drivers\Npfs.sys (Npfs)
011 C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy.sys)
011 C:\Windows\system32\drivers\Ntfs.sys (Ntfs.sys)
011 c:\windows\system32\DRIVERS\NuidFltr.sys (NuidFltr.sys)
011 C:\Windows\system32\drivers\Null.sys (Null)
011 c:\windows\system32\DRIVERS\nv_agp.sys (nv_agp.sys)
011 c:\windows\system32\DRIVERS\nvraid.sys (nvraid)
011 c:\windows\system32\DRIVERS\nvstor.sys (nvstor)
011 c:\windows\system32\DRIVERS\nwifi.sys (nwifi.sys)
011 c:\windows\system32\DRIVERS\ohci1394.sys (ohci1394.sys)
011 C:\Windows\System32\drivers\pacer.sys (pacer.sys)
011 c:\windows\system32\DRIVERS\parport.sys (parport.sys)
011 C:\Windows\system32\drivers\partmgr.sys (partmgr.sys)
011 c:\windows\system32\DRIVERS\parvdm.sys (Parvdm)
011 c:\windows\system32\DRIVERS\pccsmcfd.sys (pccsmcfd.sys)
011 c:\windows\system32\DRIVERS\pci.sys (pci.sys)
011 c:\windows\system32\DRIVERS\pciide.sys (pciide)
011 c:\windows\system32\DRIVERS\pcmcia.sys (pcmcia)
011 c:\windows\system32\drivers\peauth.sys (peauth.sys)
011 c:\windows\system32\DRIVERS\point32k.sys (point32k.sys)
011 c:\windows\system32\DRIVERS\processr.sys (processr.sys)
011 c:\windows\system32\DRIVERS\ql2300.sys (ql2300)
011 c:\windows\system32\DRIVERS\ql40xx.sys (ql40xx)
011 C:\Windows\system32\drivers\qwavedrv.sys (qwavedrv.sys)
011 c:\windows\system32\DRIVERS\rdpbus.sys (rdpbus.sys)
011 C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD.sys)
011 C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD.sys)
011 C:\Windows\system32\drivers\RdpRefMp.sys (RdpRefMp.sys)
011 C:\Windows\system32\drivers\RDPWD.sys (RDPWD.sys)
011 c:\windows\system32\DRIVERS\rfcomm.sys (rfcomm.sys)
011 c:\windows\system32\DRIVERS\rspndr.sys (rspndr.sys)
011 c:\windows\system32\DRIVERS\RTL8187.sys (RTL8187.sys)
011 c:\windows\system32\DRIVERS\vms3cap.sys (s3cap)
011 c:\windows\system32\DRIVERS\VTGKModeDX32.sys (S3GIGP)
011 c:\windows\system32\DRIVERS\sbp2port.sys (sbp2port)
011 C:\Windows\System32\drivers\scfilter.sys (scfilter.sys)
011 C:\Windows\system32\drivers\secdrv.sys (secdrv.sys)
011 c:\windows\system32\DRIVERS\serenum.sys (serenum.sys)
011 c:\windows\system32\DRIVERS\serial.sys (serial.sys)
011 c:\windows\system32\DRIVERS\sermouse.sys (sermouse.sys)
011 c:\windows\system32\DRIVERS\sffdisk.sys (sffdisk.sys)
011 c:\windows\system32\DRIVERS\sffp_mmc.sys (sffp_mmc.sys)
011 c:\windows\system32\DRIVERS\sffp_sd.sys (sffp_sd.sys)
011 c:\windows\system32\DRIVERS\sfloppy.sys (sfloppy.sys)
011 c:\windows\system32\DRIVERS\SiSRaid2.sys (SiSRaid2)
011 c:\windows\system32\DRIVERS\sisraid4.sys (SiSRaid4)
011 C:\Windows\system32\drivers\spldr.sys (spldr.sys)
011 c:\windows\system32\DRIVERS\VSTBS23.SYS (SrvHsfPCI)
011 c:\windows\system32\DRIVERS\VSTDPV3.SYS (SrvHsfV92)
011 c:\windows\system32\DRIVERS\VSTCNXT3.SYS (SrvHsfWinac)
011 c:\windows\system32\DRIVERS\stexstor.sys (stexstor)
011 c:\windows\system32\DRIVERS\storvsc.sys (storvsc)
011 c:\windows\system32\DRIVERS\swenum.sys (swenum.sys)
011 c:\windows\system32\DRIVERS\taphss.sys (taphss.sys)
011 c:\windows\system32\DRIVERS\tcpip.sys (tcpip.sys)
011 c:\windows\system32\drivers\tdpipe.sys (tdpipe.sys)
011 c:\windows\system32\drivers\tdtcp.sys (tdtcp.sys)
011 c:\windows\system32\DRIVERS\termdd.sys (termdd.sys)
011 * C:\Windows\system32\DRIVERS\trufos.sys (Trufos Kernel Module)
011 C:\Windows\System32\DRIVERS\tssecsrv.sys (tssecsrv.sys)
011 c:\windows\system32\DRIVERS\tunnel.sys (tunnel.sys)
011 c:\windows\system32\DRIVERS\uagp35.sys (uagp35.sys)
011 c:\windows\system32\DRIVERS\uliagpkx.sys (uliagpkx.sys)
011 c:\windows\system32\DRIVERS\umbus.sys (umbus.sys)
011 c:\windows\system32\DRIVERS\umpass.sys (umpass.sys)
011 c:\windows\system32\DRIVERS\usbser_lowerflt.sys (upperdev)
011 c:\windows\system32\DRIVERS\usb8023.sys (usb8023.sys)
011 c:\windows\system32\drivers\usbaudio.sys (usbaudio.sys)
011 c:\windows\system32\DRIVERS\usbccgp.sys (usbccgp.sys)
011 c:\windows\system32\DRIVERS\usbcir.sys (usbcir.sys)
011 c:\windows\system32\DRIVERS\usbehci.sys (usbehci.sys)
011 c:\windows\system32\DRIVERS\usbhub.sys (usbhub.sys)
011 c:\windows\system32\DRIVERS\usbohci.sys (usbohci.sys)
011 c:\windows\system32\DRIVERS\usbprint.sys (usbprint.sys)
011 c:\windows\system32\DRIVERS\usbscan.sys (usbscan.sys)
011 c:\windows\system32\drivers\usbser.sys (usbser.sys)
011 c:\windows\system32\DRIVERS\usbser_lowerfltj.sys (UsbserFilt)
011 c:\windows\system32\DRIVERS\USBSTOR.SYS (USBSTOR.SYS)
011 c:\windows\system32\DRIVERS\usbuhci.sys (usbuhci.sys)
011 c:\windows\system32\DRIVERS\VComm.sys (VComm.sys)
011 c:\windows\system32\DRIVERS\vdrvroot.sys (vdrvroot.sys)
011 c:\windows\system32\DRIVERS\vgapnp.sys (vga)
011 c:\windows\System32\drivers\vga.sys (vga.sys)
011 c:\windows\system32\DRIVERS\vhdmp.sys (vhdmp)
011 c:\windows\system32\DRIVERS\viaagp.sys (viaagp.sys)
011 c:\windows\system32\DRIVERS\viac7.sys (viac7.sys)
011 c:\windows\system32\DRIVERS\viaide.sys (viaide)
011 c:\windows\system32\DRIVERS\videX32.sys (videX32)
011 c:\windows\system32\DRIVERS\vmbus.sys (vmbus.sys)
011 c:\windows\system32\DRIVERS\VMBusHID.sys (VMBusHID)
011 c:\windows\system32\DRIVERS\vmstorfl.sys (vmstorfl.sys)
011 c:\windows\system32\DRIVERS\volmgr.sys (volmgr.sys)
011 C:\Windows\system32\drivers\volmgrx.sys (volmgrx.sys)
011 c:\windows\system32\DRIVERS\volsnap.sys (volsnap.sys)
011 c:\windows\system32\DRIVERS\vsmraid.sys (vsmraid)
011 C:\Windows\System32\drivers\vwifibus.sys (vwifibus.sys)
011 c:\windows\system32\DRIVERS\vwififlt.sys (vwififlt.sys)
011 c:\windows\system32\DRIVERS\wacompen.sys (wacompen.sys)
011 c:\windows\system32\DRIVERS\wd.sys (wd.sys)
011 c:\windows\system32\drivers\Wdf01000.sys (Wdf01000.sys)
011 c:\windows\system32\DRIVERS\wfplwf.sys (wfplwf.sys)
011 c:\windows\system32\drivers\wimmount.sys (wimmount.sys)
011 c:\windows\system32\DRIVERS\WinUsb.sys (WinUsb.sys)
011 c:\windows\system32\DRIVERS\wmiacpi.sys (wmiacpi.sys)
011 c:\windows\system32\drivers\WudfPf.sys (WudfPf.sys)
011 c:\windows\system32\DRIVERS\WUDFRd.sys (WUDFRd)
011 c:\windows\system32\DRIVERS\xfilt.sys (xfilt.sys)
012 C:\ProgramData\UtzavvAmsicr.dll
032 C:\Windows\system32\rdpclip.exe (Microsoft Corporation)
033 C:\Windows\system32\userinit.exe (Microsoft Corporation)
034 C:\Windows\explorer.exe (Microsoft Corporation)
035 C:\Windows\system32\cmd.exe (Microsoft Corporation) {2D46B6DC-2207-486B-B523-A557E6D54B47}
035 C:\Windows\System32\ie4uinit.exe (Microsoft Corporation) >{26923b43-4d38-484f-9b9e-de460746276c}
035 C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation) {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
035 C:\Windows\system32\unregmp2.exe (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6}
035 C:\Windows\system32\unregmp2.exe (Microsoft Corporation) >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
035 C:\Windows\system32\regsvr32.exe (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
035 C:\Windows\System32\ie4uinit.exe (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4383}
035 C:\Windows\system32\regsvr32.exe (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4340}
045 * C:\Program Files\Ask.com\GenericAskToolbar.dll (Search-Results) {D4027C7F-154A-4066-A1AD-4243D8127440}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 * C:\PROGRA~1\PERFEC~1\CONTEX~1.DLL {84058084-7609-44D1-B3CC-7A9436CB6D92}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 GUID / CLSID not found {0561EC90-CE54-4f0c-9C55-E226110A740C}
069 C:\Windows\system32\BsMonSvr.dll (IVT Corporation.)
069 * C:\Windows\system32\dopdfmn7.dll (Softland)
071 C:\Windows\system32\22md.dll
071 C:\Windows\system32\2dwg.dll
071 C:\Windows\system32\2faed9wq.dll
071 C:\Windows\system32\2y63.dll
071 C:\Windows\system32\a2.dll
071 C:\Windows\system32\a44qp81n.dll
071 C:\Windows\system32\a5.dll
071 C:\Windows\system32\av6krzui.dll
100 Start Page HKCU :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


100 Start Page HKLM :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


102 GUID / CLSID not found {555D4D79-4BD2-4094-A395-CFC534424A05}
102 GUID / CLSID not found {555D4D79-4BD2-4094-A395-CFC534424A05}
105 Download with IDM : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
146 C:\Windows\system32\cmd.exe (Microsoft Corporation)
167 C:\PROGRA~2\LOCALS~1\Temp\msijouaai.pif
170 K : K:\setup.exe
173 GUID / CLSID not found {7E41911F-13AA-11D3-A831-00104B9E30B5}
173 * C:\Program Files\Pando Networks\Pando\PandoShellExt.dll (Pando Networks) {9C150845-2A2D-44CC-90B3-AA03480AA3D2}
173 * C:\PROGRA~1\PERFEC~1\CONTEX~1.DLL {84058084-7609-44D1-B3CC-7A9436CB6D92}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
174 C:\Windows\system32\SystemPropertiesPerformance.exe (Microsoft Corporation)
210 C:\Windows\system32\sdclt.exe (Microsoft Corporation)
211 C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
212 C:\Windows\system32\dfrgui.exe (Microsoft Corporation)
221 GUID / CLSID not found {7E41911F-13AA-11D3-A831-00104B9E30B5}
221 * C:\Program Files\Pando Networks\Pando\PandoShellExt.dll (Pando Networks) {9C150845-2A2D-44CC-90B3-AA03480AA3D2}
221 * C:\PROGRA~1\PERFEC~1\CONTEX~1.DLL {84058084-7609-44D1-B3CC-7A9436CB6D92}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Users\user\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Users\user\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Users\user\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found {7E41911F-13AA-11D3-A831-00104B9E30B5}
227 * C:\Program Files\Pando Networks\Pando\PandoShellExt.dll (Pando Networks) {9C150845-2A2D-44CC-90B3-AA03480AA3D2}
227 * C:\PROGRA~1\PERFEC~1\CONTEX~1.DLL {84058084-7609-44D1-B3CC-7A9436CB6D92}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 GUID / CLSID not found {1D0A702E-DBF1-46a6-8DDB-716535E24F75}
231 GUID / CLSID not found Haali Column Provider
241 GUID / CLSID not found {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
254 GUID / CLSID not found {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
254 GUID / CLSID not found {CAE41CE0-1855-4985-A332-7D83704A45B6}
254 C:\Windows\system32\BsShell.dll {F40807E9-BFD1-44F6-AEB0-27E063BD14CA}

Missing files
-------------
002 C:\Windows\system32\regedit.exe
003 C:\Windows\system32\regedit.exe
010 C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
010 C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
010 C:\Windows\TEMP\DAT30B0.tmp.exe
011 System32\Drivers\btcombus.sys
011 c:\windows\system32\DRIVERS\btcomport.sys
011 C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
011 C:\Windows\system32\drivers\FileMonitor.sys
011 C:\Windows\system32\drivers\mbamswissarmy.sys
011 System32\drivers\pcw.sys
011 System32\DRIVERS\rasacd.sys
011 System32\drivers\rdpdr.sys
011 System32\drivers\rdyboost.sys
011 C:\Windows\system32\drivers\RegistryMonitor.sys
011 System32\Drivers\RootMdm.sys
011 System32\DRIVERS\srvnet.sys
011 System32\Drivers\StkAMini.sys
011 System32\Drivers\StkScan.sys
011 System32\drivers\tcpipreg.sys
011 System32\Drivers\usbvideo.sys
011 System32\Drivers\VcommMgr.sys
061 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll
061 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll
071 ad.dll
139 C:\Users\user\LOCALS~1\Temp\msqbwvkwf.pif
241 C:\Program Files\4Sync\ShellExt.dll
241 C:\Program Files\4Sync\ShellExt.dll




====== معلومات نظام التشغيل ======

X86 WIN_7 7600


====== قائمة البرامج المثبتة ======

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
AC3Filter 1.63b
Acc
ACDSee Photo Manager 2009
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1
Alarm Clock v1.0
Ashampoo Photo Commander 9 v.9.4.0
Babylon toolbar on IE
Bass Audio Decoder (remove only)
Boilsoft Video Joiner 5.32
BufferChm
CD Audio Reader Filter (remove only)
Collage Maker
D3DX10
DCoder Image Source (remove only)
DirectVobSub (remove only)
DJ_AIO_06_F4500_SW_MIN
doPDF 7.1 printer
Driver Checker v2.7.4
Driver Genius Professional 11.0.0.1112
Driver Genius Professional Edition
DScaler 5 Mpeg Decoders
Easy Video Joiner 5.21
EasyForYou version 8
Excel Invoice Manager 2.21.1024
express-files Toolbar
F4500
F4500_NCL_Help
FekraAccounting
ffdshow v1.1.3760 [2011-02-18]
FFMPEG Core Files (remove only)
Flash Memory Toolkit 1.20
FlashMemoryMaigc 1.3.16.1
FormatFactory 2.60
Gabest MPEG Splitter (remove only)
GOM Player
Haali Media Splitter
Hard Disk Low Level Format Tool 4.25
Hotspot Shield 2.18
HPPhotoGadget
HPSSupply
iCare Data Recovery 3.8.1
Internet Download Manager
InterVideo DeviceService
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
K-Lite Codec Pack 4.8.5 (Full)
Mesh Runtime
Messenger Companion
Messenger Companion
MessengerDiscovery 3.1.167
Microsoft Application Error Reporting
Microsoft IntelliPoint 7.1
Microsoft IntelliType Pro 8.2
Microsoft IntelliType Pro 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MONOGRAM AMR Splitter/Decoder (remove only)
Mozilla Firefox 10.0.2 (x86 ar)
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Lite 8.3.6.0
Network
Nokia Connectivity Cable Driver
Nokia Ovi Suite Software Updater
Nokia PC Suite
Nokia PC Suite
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
OviMPlatform
Paint.NET v3.5.8
Pando
PC Connectivity Solution
Perfect Uninstaller v6.3.3.8
Photo Art Studio 3.25
PhotoInstrument 5.2
Platform
Project1
Project1 (C:\Program Files\Project1\)
QuickTime
RealMedia (remove only)
RealPlayer
Scan
SDFormatter
Search-Results Toolbar
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Shape Collage
Shop for HP Supplies
SHOUTcast Source (remove only)
SopCast 3.3.2
SoundInDepth Audio CD Ripper 1.0.0.15
Toolbox
Ultra Video Joiner 6.2.0411
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
VB Decompiler Lite
VIA Chrome9 HC IGP Family Display Driver
VideoStudio
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Live Writer Resources
WinRAR archiver
Xtreme SuitePro ActiveX v12.1.1
Yahoo! Toolbar
Your Uninstaller! 7
Youtube Music Downloader V3.7.0
النظام الشامل - الإصدار الثاني
بريد Windows Live
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 4.7)
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 7.01.0.9)
حزمة برامج تشغيل Windows - Nokia Modem (03/05/2008 3.7)
حزمة برامج تشغيل Windows - Nokia Modem (03/13/2008 6.86.0.1)
حزمة برامج تشغيل Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
حزمة برامج تشغيل Windows - U.S. Robotics Corporation (USB_RNDIS) Net (02/08/2007 6.01.19.10)
رديو أف أم 2 2.32
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
معرض صور Windows Live
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
اخوي عندك اي مشكلة ولا مجرد تشييييك
 
توقيع : الوفاء طبعي
تأييد 0
والله في مشكله الجهاز بطيئ وكان مليان فايروسات وحذفتها
 
تأييد 0
توقيع : الوفاء طبعي
تأييد 0
Malwarebytes' Anti-Malware 1.60.1.1000

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



Database version:

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05/21/2012 07:41:00 ص
mbam-log-2012-05-21 (07-39-54).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 379892
Time elapsed: 1 hour(s), 9 minute(s), 34 second(s)

Memory Processes Infected: 3
Memory Modules Infected: 0
Registry Keys Infected: 108
Registry Values Infected: 35
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 85

Memory Processes Infected:
c:\Windows\System32\a2.exe (Spyware.Agent.RedNet) -> 1464 -> No action taken.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> 3220 -> No action taken.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> 4052 -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1CF839F4-C36D-4454-8DB5-968EEB9B0CF0} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{1D269F0A-C260-40DD-916E-523BDC819208} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{B2D0778B-AC99-4C58-A5C8-E7724E5316B5} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{96DE3C65-D16B-4D1C-A28B-6117A52648AB} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{AA8E6272-3E29-488D-B8F7-FDDEDADBFABB} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1C9742E7-CA7A-43ea-842C-6E2CC031D2B6} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{2381B489-0B2F-49F3-B304-0D057D847B7A} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2f20ddfa-0d19-463a-ab46-e5d8ef6efd60} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{A83E4A55-29AD-4422-80CB-DF2828F0C78A} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{29226228-80EA-4d2f-A43F-2C106E0BCC2C} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{963B70D2-280B-4EBB-BED8-8EC00D194F66} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7157DAB0-A50D-4C2B-8E77-045AFD15EC29} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{179B8421-A174-4be0-9E4B-913C751938A5} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{BFB4CACD-660F-4D40-A602-5F88DFABC561} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0E1CC6FD-065B-4BCC-9A0A-E4DE187E06FE} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4E7BB80F-2245-4483-ACC5-3A2EFDE0ACA6} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7377D50C-483F-4F60-A434-E2CFC5B147FA} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{B667A41E-E41C-402D-A7B3-C7C1D962D26F} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{824E3284-6AF1-48ed-A127-0FF550FB6480} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5758A1F6-F6A9-4716-B320-BC3A26A50450} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0AB65D06-C2B5-4735-BD45-EF0336B59185} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{462A5686-BBF4-42E9-9B6A-F047D201A3D0} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3662BE38-7322-4e73-A760-B4AE38707613} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{21DD4B8F-68AE-4A51-AF48-067A5A1C645B} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MAtom.MShareOnline3x.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MAtom.MShareOnline3x (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{350386EA-9A85-4941-B16D-69C77D515726} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{A2FB447F-B024-45F3-8D6F-CF3EA7056885} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{03EA23FF-0B23-4B32-AC04-661AC7BB8549} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MDataStore.MDataStoreTransaction.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MDataStore.MDataStoreTransaction (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3D75336D-B0F6-49B2-AE34-A8D10256086F} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MDatastorePH.MDatastorePHManage.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MDatastorePH.MDatastorePHManage (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{49070224-C1E7-46FE-94B9-F20C6D629347} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{9EAF539D-0DDB-48D1-B8F7-E1A9866837D0} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{152F77AB-ED38-4F6D-A722-0FD3F9184EF9} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MEvent._MInnerEventListener.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MEvent._MInnerEventListener (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C391D95E-6606-4B31-A2D5-0AA6EF482E77} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{F81FDDE2-7C27-43EC-BE17-022B45FE87CC} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{A562B72D-B034-447B-823A-6B1309F2B0D5} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MFileSystemTransfer.MFileSystemTransf.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MFileSystemTransfer.MFileSystemTransfer (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1670B447-A999-4650-8907-15FCB82C27AE} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{98D2513E-9505-4C8A-B860-059C77573396} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3FB546F9-6DB5-472A-8800-E32AFDE1C121} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MItemPlugins.MItemMMS.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MItemPlugins.MItemMMS (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0969A3D2-3A5B-47A7-88CD-34A6F3C77CF3} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{60022071-F4AD-40B1-86A9-23968A931C95} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{34EB9D8D-F27A-4794-B281-C3B306A40887} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MItems.MEnumProperty.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MItems.MEnumProperty (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{54F606F8-58AE-46F0-A066-2099C422762D} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{51EE1F23-A022-41B5-A300-B2A7E31F29A0} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{0BCF4256-C582-46B8-96B1-E212E7D26DA4} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MMediaReader.MITunesPlugin.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MMediaReader.MITunesPlugin (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9427EE3C-216D-4D2A-B52A-D9E46A02F375} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{9B6AA379-2462-4B82-BA48-274B22BD7C81} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{69884ED1-7BF0-435D-A97D-FDC4C4F96E9D} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MMTPTransfer.MMTPTransferEnum.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MMTPTransfer.MMTPTransferEnum (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{501C1BCF-1CF8-47E4-9713-978B25400896} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{80482EB1-0DF0-4C0E-BBF8-729A5FD71BDF} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1EDF1045-016C-490D-AC86-5535F79C73CF} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MRemoteDataStore.MRemoteDataStore.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MRemoteDataStore.MRemoteDataStore (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{02870C92-3E1D-4AEE-9BF7-6CCD126A4FAB} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{777286D3-672A-447B-89E6-23D87DB0F074} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6AA2AFA5-26CF-4E3D-8D87-6630498107A8} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSynchronizationService.MSingleClickS.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSynchronizationService.MSingleClickSyn (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{473019F2-A6FE-4AC6-81E8-54728E5B8DB1} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{D4E9FC3F-F6A4-4DFC-A5E2-AE2386514B66} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5397CF21-23C9-4D5D-B41A-9FDA2BADF6BD} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSynchronizationService.LifeblogSyncServer.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSynchronizationService.LifeblogSyncServer (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1E374BCA-95BF-4E50-9DC8-9D893413DE15} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7918C45B-3EE7-4EAC-AF57-3DD76B7B3D53} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{A54A788E-1B3E-483A-B500-5DF5CB96DB79} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSyncMLTransfer.MSyncMLTransfer2X.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MSyncMLTransfer.MSyncMLTransfer2X (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0A7F8E67-1A0C-424A-85FB-FA70F0DF9539} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{9345475D-46AF-45DA-9EE1-A754B570F784} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{009A41B3-6B59-4645-ABE4-9F7E6E9F8569} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MThumbnailService.MThumbnailService.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MThumbnailService.MThumbnailService (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{30007B70-76CC-4CAB-A2C6-B3B3A9B52086} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{D5B081BC-6888-4AEE-BED4-803E43D43038} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3539A4CA-5B57-431F-8535-B1E765508994} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MTranscoder.MTranscoder.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MTranscoder.MTranscoder (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{26114015-FDD2-4651-BB1E-05F26D564468} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{68662F5E-1BA0-4AA5-9512-24B145115222} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{35F0538B-924D-4BDC-ABAF-4E8BAADA8F22} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MTransfer.MXMLSerializer.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MTransfer.MXMLSerializer (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{EE1B887F-E6EE-45BF-A049-3D64169CE58D} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5B2E4868-D913-4543-AC60-EE54C19500EF} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9923883E-4F36-40A6-AA35-0D3F9C3996B5} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MVersion.MVersion.1 (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\MVersion.MVersion (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{D1353368-EC0B-413E-97C1-B55F5740716C} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{B6F0176C-C37B-41DD-A6F0-7D113C6F2DAE} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{FB6EF9E4-F71C-49CB-B6C5-8D30ACC0BF78} (Virus.Ramnit) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4B72D8F2-B06E-4C31-B476-2304C5BC4FCA} (Virus.Ramnit) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smwcore (Trojan.Scar) -> Value: smwcore -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rinetd (Spyware.Agent.RedNet) -> Value: rinetd -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Time (Trojan.Passwords) -> Value: Windows Time -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MATOM.DLL (Virus.Ramnit) -> Value: MATOM.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MDATASTORE.DLL (Virus.Ramnit) -> Value: MDATASTORE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MDATASTOREPH.DLL (Virus.Ramnit) -> Value: MDATASTOREPH.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MEVENT.DLL (Virus.Ramnit) -> Value: MEVENT.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MFILESYSTEMTRANSFER.DLL (Virus.Ramnit) -> Value: MFILESYSTEMTRANSFER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MITEMPLUGINS.DLL (Virus.Ramnit) -> Value: MITEMPLUGINS.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MITEMS.DLL (Virus.Ramnit) -> Value: MITEMS.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MMEDIAREADER.DLL (Virus.Ramnit) -> Value: MMEDIAREADER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MMTPTRANSFER.DLL (Virus.Ramnit) -> Value: MMTPTRANSFER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MREMOTEDATASTORE.DLL (Virus.Ramnit) -> Value: MREMOTEDATASTORE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCHRONIZATIONSERVICE.DLL (Virus.Ramnit) -> Value: MSYNCHRONIZATIONSERVICE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCMLDL.DLL (Virus.Ramnit) -> Value: MSYNCMLDL.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCMLTRANSFER.DLL (Virus.Ramnit) -> Value: MSYNCMLTRANSFER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTHUMBNAILSERVICE.DLL (Virus.Ramnit) -> Value: MTHUMBNAILSERVICE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTRANSCODER.DLL (Virus.Ramnit) -> Value: MTRANSCODER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTRANSFER.DLL (Virus.Ramnit) -> Value: MTRANSFER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MVERSION.DLL (Virus.Ramnit) -> Value: MVERSION.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMSERVER.EXE (Virus.Ramnit) -> Value: NOKIAMSERVER.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMTRANSCODESERVER.EXE (Virus.Ramnit) -> Value: NOKIAMTRANSCODESERVER.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\SML.DLL (Virus.Ramnit) -> Value: SML.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\CRYPTODLL.DLL (Virus.Ramnit) -> Value: CRYPTODLL.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\LIBEAY32.DLL (Virus.Ramnit) -> Value: LIBEAY32.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTCORE4.DLL (Virus.Ramnit) -> Value: QTCORE4.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTGUI4.DLL (Virus.Ramnit) -> Value: QTGUI4.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTNETWORK4.DLL (Virus.Ramnit) -> Value: QTNETWORK4.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTSECURESTORAGE.DLL (Virus.Ramnit) -> Value: QTSECURESTORAGE.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTSECURESTORAGESERVER.DLL (Virus.Ramnit) -> Value: QTSECURESTORAGESERVER.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTXML4.DLL (Virus.Ramnit) -> Value: QTXML4.DLL -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\SSLEAY32.DLL (Virus.Ramnit) -> Value: SSLEAY32.DLL -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Value: Regedit32 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\55471 (Trojan.Agent) -> Value: 55471 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Value: Regedit32 -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\System32\a2.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> No action taken.
c:\Windows\System32\actioncentercpl.exe (Spyware.Agent.RedNet) -> No action taken.
c:\programdata\utzavvamsicr.dll (Trojan.Passwords) -> No action taken.
c:\program files\common files\Nokia\Codecs\arcappdmo.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzaacenc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzamrnbdec.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzamrnbenc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzamrwbenc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzdecmp4_h263.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzmp3encdmo.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzmp3sourcefilter.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\emzmp4videoenc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\ezdh264dectfilter.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\ezdh264enc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\ezdmp4muxfilter.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\image_dec.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\Codecs\image_proc.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\MAtom.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mdatastore.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mdatastoreph.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\MEvent.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mfilesystemtransfer.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mitemplugins.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\MItems.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mmediareader.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mmtptransfer.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mremotedatastore.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\msynchronizationservice.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\msyncmldl.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\msyncmltransfer.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mthumbnailservice.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mtranscoder.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\mtransfer.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\MVersion.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\nokiamserver.exe (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\nokiamtranscodeserver.exe (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\mplatform\sml.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\cryptodll.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\libeay32.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\QtCore4.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\QtGui4.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\qtnetwork4.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\qtsecurestorage.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\qtsecurestorageserver.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\QtXml4.dll (Virus.Ramnit) -> No action taken.
c:\program files\common files\Nokia\NoA\ssleay32.dll (Virus.Ramnit) -> No action taken.
c:\Users\user\AppData\Local\Temp\nsmC8DB.tmp\moreinfo_u.dll (Virus.Ramnit) -> No action taken.
c:\Users\user\AppData\Local\Temp\pftf529~tmp\Vista\dtsu2pausrv32.exe (Virus.Ramnit) -> No action taken.
c:\Users\user\AppData\Roaming\runscanner.net\virustotalupload.exe (Virus.Ramnit) -> No action taken.
c:\Windows\System32\22md.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\2y63.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\a44qp81n.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\a5.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\aaclient.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\acbidi32.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\acledit.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\acppage.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\acproxy.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\actioncenter.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\activeds.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\adprovider.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\adsldp.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\adsmsext.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\adtschema.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\aeevts.exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\AltTab.exe (Trojan.Agent) -> No action taken.
c:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\77Y0L4J4\rinetd[2].exe (Spyware.Agent.RedNet) -> No action taken.
c:\Windows\System32\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\CUBYWF8A\ins[1].exe (Trojan.Dropper) -> No action taken.
c:\Windows\System32\drivers\658.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRT496C.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRT5EB2.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRT5FDA.tmp (Trojan.Scar) -> No action taken.
c:\Windows\Temp\VRT918A.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRT9C8C.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRTC9CE.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRTCBAA.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRTE3DC.tmp (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\VRTE761.tmp (Trojan.Dropper) -> No action taken.
c:\zyzoom_forum_tools\appcrashz.exe (Virus.Ramnit) -> No action taken.
c:\zyzoom_forum_tools\Bluez.exe (Virus.Ramnit) -> No action taken.
c:\zyzoom_forum_tools\nircmd.dll (Virus.Ramnit) -> No action taken.
c:\Windows\System32\config\systemprofile\application data\9AFBC1.exe (Trojan.Agent) -> No action taken.
c:\programdata\local settings\Temp\mszatyym.scr (Trojan.Agent) -> No action taken.
 
تأييد 0
هذا التقرير بعد التنظيف

Malwarebytes' Anti-Malware 1.60.1.1000

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



Database version:

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05/21/2012 08:03:19 ص
mbam-log-2012-05-21 (08-03-19).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 379892
Time elapsed: 1 hour(s), 9 minute(s), 34 second(s)

Memory Processes Infected: 3
Memory Modules Infected: 0
Registry Keys Infected: 108
Registry Values Infected: 35
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 85

Memory Processes Infected:
c:\Windows\System32\a2.exe (Spyware.Agent.RedNet) -> 1464 -> Unloaded process successfully.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> 3220 -> Unloaded process successfully.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> 4052 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1CF839F4-C36D-4454-8DB5-968EEB9B0CF0} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{1D269F0A-C260-40DD-916E-523BDC819208} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{B2D0778B-AC99-4C58-A5C8-E7724E5316B5} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96DE3C65-D16B-4D1C-A28B-6117A52648AB} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{AA8E6272-3E29-488D-B8F7-FDDEDADBFABB} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1C9742E7-CA7A-43ea-842C-6E2CC031D2B6} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2381B489-0B2F-49F3-B304-0D057D847B7A} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2f20ddfa-0d19-463a-ab46-e5d8ef6efd60} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{A83E4A55-29AD-4422-80CB-DF2828F0C78A} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{29226228-80EA-4d2f-A43F-2C106E0BCC2C} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{963B70D2-280B-4EBB-BED8-8EC00D194F66} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7157DAB0-A50D-4C2B-8E77-045AFD15EC29} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{179B8421-A174-4be0-9E4B-913C751938A5} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{BFB4CACD-660F-4D40-A602-5F88DFABC561} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0E1CC6FD-065B-4BCC-9A0A-E4DE187E06FE} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4E7BB80F-2245-4483-ACC5-3A2EFDE0ACA6} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7377D50C-483F-4F60-A434-E2CFC5B147FA} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B667A41E-E41C-402D-A7B3-C7C1D962D26F} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{824E3284-6AF1-48ed-A127-0FF550FB6480} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5758A1F6-F6A9-4716-B320-BC3A26A50450} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0AB65D06-C2B5-4735-BD45-EF0336B59185} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{462A5686-BBF4-42E9-9B6A-F047D201A3D0} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3662BE38-7322-4e73-A760-B4AE38707613} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21DD4B8F-68AE-4A51-AF48-067A5A1C645B} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MAtom.MShareOnline3x.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MAtom.MShareOnline3x (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{350386EA-9A85-4941-B16D-69C77D515726} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{A2FB447F-B024-45F3-8D6F-CF3EA7056885} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{03EA23FF-0B23-4B32-AC04-661AC7BB8549} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MDataStore.MDataStoreTransaction.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MDataStore.MDataStoreTransaction (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3D75336D-B0F6-49B2-AE34-A8D10256086F} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MDatastorePH.MDatastorePHManage.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MDatastorePH.MDatastorePHManage (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{49070224-C1E7-46FE-94B9-F20C6D629347} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9EAF539D-0DDB-48D1-B8F7-E1A9866837D0} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{152F77AB-ED38-4F6D-A722-0FD3F9184EF9} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MEvent._MInnerEventListener.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MEvent._MInnerEventListener (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C391D95E-6606-4B31-A2D5-0AA6EF482E77} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F81FDDE2-7C27-43EC-BE17-022B45FE87CC} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{A562B72D-B034-447B-823A-6B1309F2B0D5} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MFileSystemTransfer.MFileSystemTransf.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MFileSystemTransfer.MFileSystemTransfer (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1670B447-A999-4650-8907-15FCB82C27AE} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{98D2513E-9505-4C8A-B860-059C77573396} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3FB546F9-6DB5-472A-8800-E32AFDE1C121} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MItemPlugins.MItemMMS.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MItemPlugins.MItemMMS (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0969A3D2-3A5B-47A7-88CD-34A6F3C77CF3} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{60022071-F4AD-40B1-86A9-23968A931C95} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34EB9D8D-F27A-4794-B281-C3B306A40887} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MItems.MEnumProperty.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MItems.MEnumProperty (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54F606F8-58AE-46F0-A066-2099C422762D} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{51EE1F23-A022-41B5-A300-B2A7E31F29A0} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0BCF4256-C582-46B8-96B1-E212E7D26DA4} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MMediaReader.MITunesPlugin.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MMediaReader.MITunesPlugin (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9427EE3C-216D-4D2A-B52A-D9E46A02F375} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9B6AA379-2462-4B82-BA48-274B22BD7C81} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{69884ED1-7BF0-435D-A97D-FDC4C4F96E9D} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MMTPTransfer.MMTPTransferEnum.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MMTPTransfer.MMTPTransferEnum (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{501C1BCF-1CF8-47E4-9713-978B25400896} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{80482EB1-0DF0-4C0E-BBF8-729A5FD71BDF} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1EDF1045-016C-490D-AC86-5535F79C73CF} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MRemoteDataStore.MRemoteDataStore.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MRemoteDataStore.MRemoteDataStore (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02870C92-3E1D-4AEE-9BF7-6CCD126A4FAB} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{777286D3-672A-447B-89E6-23D87DB0F074} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6AA2AFA5-26CF-4E3D-8D87-6630498107A8} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSynchronizationService.MSingleClickS.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSynchronizationService.MSingleClickSyn (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{473019F2-A6FE-4AC6-81E8-54728E5B8DB1} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{D4E9FC3F-F6A4-4DFC-A5E2-AE2386514B66} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5397CF21-23C9-4D5D-B41A-9FDA2BADF6BD} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSynchronizationService.LifeblogSyncServer.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSynchronizationService.LifeblogSyncServer (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E374BCA-95BF-4E50-9DC8-9D893413DE15} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7918C45B-3EE7-4EAC-AF57-3DD76B7B3D53} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{A54A788E-1B3E-483A-B500-5DF5CB96DB79} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSyncMLTransfer.MSyncMLTransfer2X.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MSyncMLTransfer.MSyncMLTransfer2X (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0A7F8E67-1A0C-424A-85FB-FA70F0DF9539} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9345475D-46AF-45DA-9EE1-A754B570F784} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{009A41B3-6B59-4645-ABE4-9F7E6E9F8569} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MThumbnailService.MThumbnailService.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MThumbnailService.MThumbnailService (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{30007B70-76CC-4CAB-A2C6-B3B3A9B52086} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{D5B081BC-6888-4AEE-BED4-803E43D43038} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3539A4CA-5B57-431F-8535-B1E765508994} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MTranscoder.MTranscoder.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MTranscoder.MTranscoder (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{26114015-FDD2-4651-BB1E-05F26D564468} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{68662F5E-1BA0-4AA5-9512-24B145115222} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{35F0538B-924D-4BDC-ABAF-4E8BAADA8F22} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MTransfer.MXMLSerializer.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MTransfer.MXMLSerializer (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{EE1B887F-E6EE-45BF-A049-3D64169CE58D} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5B2E4868-D913-4543-AC60-EE54C19500EF} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9923883E-4F36-40A6-AA35-0D3F9C3996B5} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MVersion.MVersion.1 (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MVersion.MVersion (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{D1353368-EC0B-413E-97C1-B55F5740716C} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{B6F0176C-C37B-41DD-A6F0-7D113C6F2DAE} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{FB6EF9E4-F71C-49CB-B6C5-8D30ACC0BF78} (Virus.Ramnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4B72D8F2-B06E-4C31-B476-2304C5BC4FCA} (Virus.Ramnit) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smwcore (Trojan.Scar) -> Value: smwcore -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rinetd (Spyware.Agent.RedNet) -> Value: rinetd -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Time (Trojan.Passwords) -> Value: Windows Time -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MATOM.DLL (Virus.Ramnit) -> Value: MATOM.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MDATASTORE.DLL (Virus.Ramnit) -> Value: MDATASTORE.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MDATASTOREPH.DLL (Virus.Ramnit) -> Value: MDATASTOREPH.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MEVENT.DLL (Virus.Ramnit) -> Value: MEVENT.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MFILESYSTEMTRANSFER.DLL (Virus.Ramnit) -> Value: MFILESYSTEMTRANSFER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MITEMPLUGINS.DLL (Virus.Ramnit) -> Value: MITEMPLUGINS.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MITEMS.DLL (Virus.Ramnit) -> Value: MITEMS.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MMEDIAREADER.DLL (Virus.Ramnit) -> Value: MMEDIAREADER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MMTPTRANSFER.DLL (Virus.Ramnit) -> Value: MMTPTRANSFER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MREMOTEDATASTORE.DLL (Virus.Ramnit) -> Value: MREMOTEDATASTORE.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCHRONIZATIONSERVICE.DLL (Virus.Ramnit) -> Value: MSYNCHRONIZATIONSERVICE.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCMLDL.DLL (Virus.Ramnit) -> Value: MSYNCMLDL.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MSYNCMLTRANSFER.DLL (Virus.Ramnit) -> Value: MSYNCMLTRANSFER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTHUMBNAILSERVICE.DLL (Virus.Ramnit) -> Value: MTHUMBNAILSERVICE.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTRANSCODER.DLL (Virus.Ramnit) -> Value: MTRANSCODER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MTRANSFER.DLL (Virus.Ramnit) -> Value: MTRANSFER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\MVERSION.DLL (Virus.Ramnit) -> Value: MVERSION.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMSERVER.EXE (Virus.Ramnit) -> Value: NOKIAMSERVER.EXE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\NOKIAMTRANSCODESERVER.EXE (Virus.Ramnit) -> Value: NOKIAMTRANSCODESERVER.EXE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\MPLATFORM\SML.DLL (Virus.Ramnit) -> Value: SML.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\CRYPTODLL.DLL (Virus.Ramnit) -> Value: CRYPTODLL.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\LIBEAY32.DLL (Virus.Ramnit) -> Value: LIBEAY32.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTCORE4.DLL (Virus.Ramnit) -> Value: QTCORE4.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTGUI4.DLL (Virus.Ramnit) -> Value: QTGUI4.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTNETWORK4.DLL (Virus.Ramnit) -> Value: QTNETWORK4.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTSECURESTORAGE.DLL (Virus.Ramnit) -> Value: QTSECURESTORAGE.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTSECURESTORAGESERVER.DLL (Virus.Ramnit) -> Value: QTSECURESTORAGESERVER.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\QTXML4.DLL (Virus.Ramnit) -> Value: QTXML4.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\NOKIA\NOA\SSLEAY32.DLL (Virus.Ramnit) -> Value: SSLEAY32.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Value: Regedit32 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\55471 (Trojan.Agent) -> Value: 55471 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Value: Regedit32 -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\System32\a2.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\adsldpc.exe (Trojan.Scar) -> Quarantined and deleted successfully.
c:\Windows\System32\actioncentercpl.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\programdata\utzavvamsicr.dll (Trojan.Passwords) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\arcappdmo.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzaacenc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzamrnbdec.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzamrnbenc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzamrwbenc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzdecmp4_h263.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzmp3encdmo.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzmp3sourcefilter.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\emzmp4videoenc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\ezdh264dectfilter.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\ezdh264enc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\ezdmp4muxfilter.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\image_dec.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\Codecs\image_proc.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\MAtom.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mdatastore.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mdatastoreph.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\MEvent.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mfilesystemtransfer.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mitemplugins.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\MItems.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mmediareader.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mmtptransfer.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mremotedatastore.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\msynchronizationservice.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\msyncmldl.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\msyncmltransfer.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mthumbnailservice.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mtranscoder.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\mtransfer.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\MVersion.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\nokiamserver.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\nokiamtranscodeserver.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\mplatform\sml.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\cryptodll.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\libeay32.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\QtCore4.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\QtGui4.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\qtnetwork4.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\qtsecurestorage.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\qtsecurestorageserver.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\QtXml4.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\program files\common files\Nokia\NoA\ssleay32.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Local\Temp\nsmC8DB.tmp\moreinfo_u.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Local\Temp\pftf529~tmp\Vista\dtsu2pausrv32.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Roaming\runscanner.net\virustotalupload.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\Windows\System32\22md.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\2y63.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\a44qp81n.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\a5.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\aaclient.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\acbidi32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\acledit.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\acppage.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\acproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\actioncenter.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\activeds.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\adprovider.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\adsldp.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\adsmsext.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\adtschema.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\aeevts.exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\AltTab.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\77Y0L4J4\rinetd[2].exe (Spyware.Agent.RedNet) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\CUBYWF8A\ins[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\drivers\658.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRT496C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRT5EB2.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRT5FDA.tmp (Trojan.Scar) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRT918A.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRT9C8C.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRTC9CE.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRTCBAA.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRTE3DC.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\VRTE761.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\zyzoom_forum_tools\appcrashz.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\zyzoom_forum_tools\Bluez.exe (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\zyzoom_forum_tools\nircmd.dll (Virus.Ramnit) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\application data\9AFBC1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\local settings\Temp\mszatyym.scr (Trojan.Agent) -> Quarantined and deleted successfully.
 
تأييد 0

تمام الحين اعمل اعادة تشغيل للجهاز

حتى يتم الحذف بالكامل

..

بعدها اعمل فحص بالبرنامج التالي :

حمل احدث اصدار من الرابط التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



نسخة محمولة محدثة لاخر اصدار دوما من موقع الشركة​

ثم تابع شرح الفحص​

fa33497a6dcbc00f7125a5e9c86b875f.png

1b26353b418be3416040fee21b21b01d.png

متوفر اللغة العربية ضمن الخيارات لمن يرغب​

2b3141e312786215b6a60257f3d9dfe0.png

448c36b550c2236d07532f02624d2081.png

7f6dcf346a0abf125fbae716f1e13f15.png

59b265496c6617a722a5af31bffa4ff7.png

735f1ae4bd65702946a06ceb09197b84.png

3f2ac4c37775a1613d11553ca0ea8f3c.png

3dfb590f69fbd192e4ee43657e1ddd59.png

اختر اعادة التشغيل لاحقا حتى تتمكن من حفظ التقرير وعرضه على قسم الصيانة كما الشرح التالي​

3711e467b86a834fd3db5a3504359c0d.png

18808771241b82993b5820aafa4b6e82.png

تخرج لك مفكرة تحتوي على التقرير .. انسخها كاملة وضعها بمشاركتك بقسم الصيانة​


=============​

التالي هو شرح استعادة ما اتلفته الفيروسات بواسطة البرنامج​

274560a7f832e136a876de6177601748.png

400c6517cfd890124bf40bad5809ddef.png

5267f2c37ce4bced56bed98679e77fe9.png

ثم اغلق البرنامج .. سيطلب منك اعادة تشغيل الجهاز
وافق للضرورة حتى يكمل الاصلاح وتنظيف الاصابات​

.​

 
توقيع : الخفـوق
تأييد 0
اخي الكريم الجهاز يقوم بالفحص منذا 21 ساعه ولم ينتهي الى الان
عناصر الذاكر صفر
عناصر الريجيستري 12
الملفات المصابه 408

هل هذا الوقت طبيعي
 
تأييد 0
يا غالي الجهاز كان مصاب ب فايروس

Ramnit

قام بحقــن النظام
وتم التخلص بالمالوير بايت

عطل فحص السوبر انتي سباي وير

وافحص بـ

حمل اداة الدكتور ويب من الرابط التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


واتبع الشرح لتنظيف جهازك وحفظ التقرير
شغل الاداة بدبل كلك ثم​

b5dab16e5de5db4c417d7e1ab6b709b3.png

847eae702c34ef1d29a04af1298e7b03.png

ecc038b9c85d240b50a43862cb30e207.png

43466e8c885decc132292f4775ab5406.png

7a64850e491bc4a0cfde49fe6ce2b732.png

d94825bc8efd42d3ebe27b9355384552.png

c087a58c8977afc70982b0d4c8dfbb5f.png

94801656e22a41fb257a588985ae63ad.png

d292894cb52978fa70594a666ef6ffcc.png


5897a14b095fe829ee3920215b50dc38.png

قم بضغط التقارير >>>

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


وارفع الملف هنا

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




(( تحمل يا غالي الجهاز تعرض للحقن ))

وارفق التقرير >> ضروري :q:
 
توقيع : الخفـوق
تأييد 0
اخي الكريم لم ينجح الفحص بدكتور ويب بعد حوالي 22 ساعه اصبح الجهاز لا يتحرك

حاولت عن طريق النورتون اقلاع من السيدي وايضا علق
رجعت مره ثانيه وعملت فحص سريع بعد مافصلب احد الهارديسكات وابقيت الهارد اللي عليه الويندوز
فحص سريع ب سوبر انتي فايروس
SUPERAntiSpyware Scan Log

هل اعمل ريبير الان ام بعد الريبوت
 
تأييد 0
مره اخرى يالغالي .. اعمل فحص بالدكتور ويب ..
 
توقيع : format
تأييد 0
اخي الكريم بعد يومين من الفحص الجهاز عمل ريستار من تلقاء نفسه

ما العمل
 
تأييد 0
بعد محاولات مضنيه عدة برامج استطعت ان اعمل سكام بسوبر انتي فايرس وهذا هو التقرير


C:\USERS\USER\DOCUMENTS\DOWNLOADS\PROGRAMS

\CNET_AGSETUP183SE_EXE.EXE

Trojan.Agent/Gen-Faker
C:\USERS\USER\DOCUMENTS\DOWNLOADS\PROGRAMS\PHOTOINSTRUMENT_SETUP.EXE
C:\USERS\USER\DOCUMENTS\DOWNLOADS\PROGRAMS\PHOTOINSTRUMENT_SETUP_2.EXE

Trojan.Agent/Gen-Dropper
C:\USERS\USER\DOCUMENTS\DOWNLOADS\PROGRAMS\TFCMGR.EXE
C:\WINDOWS\EXPLORERMGR.EXE
C:\WINDOWS\SYSTEM32\MSIEXECMGR.EXE
C:\WINDOWS\TEMP\VRT3217.TMP
C:\WINDOWS\TEMP\VRT69AA.TMP
C:\WINDOWS\TEMP\VRTD6B8.TMP
C:\WINDOWS\TEMP\VRTEECD.TMP
C:\Windows\Prefetch\VRTD6B8.TMP-B0CE5F32.pf
C:\Windows\Prefetch\VRTEECD.TMP-63E3C533.pf

Trojan.Agent/Gen-Dlg
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\TEMP\VRT8F72.TMP
C:\WINDOWS\TEMP\VRTB0FD.TMP

Trojan.Dropper/Gen-NV
C:\WINDOWS\SVCHOSST.EXE
C:\Windows\Prefetch\SVCHOSST.EXE-6591F8EE.pf

Rogue.Agent/Gen-Nullo[EXE]
C:\WINDOWS\SYSTEM32\A0ICMUD4.EXE
C:\WINDOWS\SYSTEM32\ACBIDI32.EXE
C:\WINDOWS\SYSTEM32\ACPPAGE.EXE
C:\WINDOWS\SYSTEM32\ACTIONCENTER.EXE

Rogue.Agent/Gen-Nullo[EXE-Spec]
C:\WINDOWS\SYSTEM32\API-MS-WIN-SERVICE-WINSVC-L1-1-0.EXE

Trojan.Agent/Gen-Faldesc[Cont]
C:\WINDOWS\TEMP\6BC6.TMP
C:\Windows\Prefetch\6BC6.TMP-4255B0F7.pf

Trojan.Agent/Gen-Tooler
C:\WINDOWS\TEMP\VRT18AE.TMP
C:\WINDOWS\TEMP\VRT7A2E.TMP
C:\WINDOWS\TEMP\VRT7E2.TMP

Trojan.Agent/Gen-Kryptik
C:\WINDOWS\TEMP\VRT3C63.TMP
 
تأييد 0

ادخل هذه الصفحة


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




وحمل اداة المكافي
شغلها بدبل كلك واتركها حتى تنتهي صفحة الدوس من الفحص والتنظيف
ثم توجه الى القرص c ،، وقم

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

التقرير noor_re.txt

وارفعه على اي موقع

وارفق رابط التحميل بمشاركتك القادمة
 
توقيع : البارون
تأييد 0
اشكر اخي البارون والشكر موصول لاخي فورمات والخفوق والوفا طبعي


هذا هو تقرير المكافي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

 
تأييد 0
هل من مساعده
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى