هل هذا فايروس

[alabdali]

اخواني هل هذا فايروس حاولت اتخلص منه لكن لافائده
سويت ريموف ويرجع
اذا فايروس كيف ازيله؟

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

 

[Mazn_TNT]

اخي الكريم ادخل على الوضع الامن و اعمل فحص لكامل الجهاز بالبرنامج التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

و ضع التقرير الناتج بردك القادم .

 

[alabdali]

تسلم يالغالي هذا التقرير
ولكنه في الوضع العادي وليس الامن

Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 7622

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21/08/2013 01:21:30 ص
mbam-log-2013-08-21 (01-21-24).txt

Scan type: Quick scan
Objects scanned: 195088
Time elapsed: 7 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\Baidu (PUP.Baidu) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-sa (PUP.Baidu) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\administrator\application data\baidu (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu\hao123-sa (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu security (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu security\pc faster (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu security\pc faster\1.19.0.2 (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu security\pc faster\1.19.0.2\RpData (PUP.Baidu) -> No action taken.

Files Infected:
c:\documents and settings\administrator\application data\baidu\hao123-sa\hao123.1.0.0.1106.exe (PUP.Baidu) -> No action taken.
c:\documents and settings\administrator\application data\baidu security\pc faster\1.19.0.2\RpData\2013-08-11 19_27_29_rpdata.dat (PUP.Baidu) -> No action taken.

 

[alabdali]

بعدين يأخي مشكلة التوقيت كل مأثبته واطفي الجهاز يرجع لتوقيت اخر غلط

شوفه في التقرير فوق انا الان (( الواحده وخمسون دقيقة مساء ))

 

[Mazn_TNT]

اخي الغالي جهازك هل هو لابتوب ام ديسك توب !!!!

و تفضل حمل

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

و اضغط على clean ووافق على جميع الرسائل الواردة منها

بالنهاية سيطلب منك اعادة التشغيل وافق عليها و بعدها سيظهر تقرير من الاداة txt انسخه و ضعه بردك القادم

محلولة باذن الله .

 

[alabdali]

هلا يالغالي
جهازي دسك توب ويندوز اكس بي

هذا التقرير اخي

# AdwCleaner v3.000 - Report created21/08/2013at03:43:41
# Updated 13/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - PC-2D2CB0F2352E
# Running from : C:\Documents and Settings\Administrator\سطح المكتب\adwcleaner_2\adwcleaner_2.exe

***** [ Services ] *****

[#] Service Deleted : WebCakeUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Program Files\Web Cake
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\B1E
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\B1Toolbar
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Web Cake
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

-\\ Google Chrome v28.0.1500.95

[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[OK] No bad entry found.

*************************

AdwCleaner[0].txt - [3936 octets] - [21/08/2013 03:43:41]

########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [3995 octets] ##########

 

[Mazn_TNT]

اخي باذن الله المشكلة الاساسية حلت و لكن يفضل تحديث الافيرا الذي لديك لاخر اصدار و تحديثه من الانترنت بعدها

ثم عمل سكان للقرص c كامل .

الان من اجل مشكلة الوقت اخي انت لديك بطارية البيوس تالفة او فارغة و يجب تغييرها

هل لديك اي استفسار اخر اخي الغالي !!!!

 

[alabdali]

الف شكر يالغالي
عساني مأعدمك
رحم الله والديك

اذا ممكن رقم اخر اصدار من افيرا