مشكله في تثبيت الريل بلير

م

مشعل العتيبي

زيزوومى مميز
إنضم
13 ديسمبر 2007
المشاركات
604
مستوى التفاعل
1
النقاط
520
غير متصل
السلام عليكم

حبايبي

حذفت الريل بلير بس شكله ماانحذف مضبوط حاولت اثبته مره ثانيه يطلع لي نفس الصوره مو راضي يتثبت

وش الحل ؟؟


i17082_19061430111629.jpg
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
طيب احدفة من الوضع الامن وريح نفسك

2Aj2D-lj8I_65879520.gif
 
تأييد 0
ماحصلته بالوضع الامن عاشق

مو موجود
 
تأييد 0
تاكد من الملف التنفيذي يمكن معطوب اساساُ
 
توقيع : algnral
تأييد 0
اي ملف تنفيذي تقصد ؟
 
تأييد 0
الي تثبت به البرنامج
 
توقيع : algnral
تأييد 0
لامافيه اي مشكله البرنامج عندي في هاردسك خارجي مثبته على كذا جهاز بس في هالجهاز مانفع
 
تأييد 0
اشك ان المشكله منه
جربه على جهاز ثاني شوف
 
توقيع : algnral
تأييد 0
لا مو منه صدقني عندي تمام البرنامج المشكله من الجهاز
 
تأييد 0

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​
 
توقيع : البارون
تأييد 0
سم يابارون



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:32 م, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Documents and Settings\m\سطح المكتب\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1085031214-1935655697-839522115-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (ActiveQscan Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 6185 bytes
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : algnral
تأييد 0
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبعد انتهاء الفحص اعمل التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


انسخ ما بداخل التقرير والصقه بمشاركتك القادمة

قبل الفحص اعمل تحديث للبرنامج
 
توقيع : البارون
تأييد 0
اخوي البارون
اصبر شوي لمن نشوف تقريره
 
توقيع : algnral
تأييد 0
تفضل ياانجل

ComboFix 09-06-12.02 - m 06/12/2009 23:48.1 - NTFSx86
Running from: c:\documents and settings\m\سطح المكتب\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\QUAD Utilities
c:\docume~1\m\LOCALS~1\Temp\tmp1.tmp
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\IE4 Error Log.txt
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\mfc45.dll
c:\windows\system32\tmp.reg
c:\windows\system32\Ultra.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-12 to 2009-06-12 )))))))))))))))))))))))))))))))
.
2009-06-12 19:41 . 2009-06-12 19:49 -------- d-----w- c:\program files\Unlocker
2009-06-12 15:47 . 2009-06-12 15:48 -------- d-----w- c:\program files\RichFX
2009-06-12 15:25 . 2009-06-12 15:28 -------- d-----w- c:\documents and settings\m\Application Data\SBMAV Disk Cleaner
2009-06-12 04:03 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2009-06-12 04:03 . 2009-06-12 16:12 -------- d-----w- c:\program files\RegDoctor
2009-06-12 03:04 . 2009-06-12 03:15 -------- d-----w- c:\documents and settings\m\DoctorWeb
2009-06-12 02:47 . 2009-06-12 16:12 -------- d-----w- c:\program files\Panda Security
2009-06-11 21:43 . 2009-06-11 21:43 390664 ----a-w- c:\documents and settings\m\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-11 17:53 . 2009-06-11 21:13 -------- d-----w- c:\program files\USB Disk Security
2009-06-10 17:41 . 2009-06-10 17:42 -------- d-----w- c:\documents and settings\m\Local Settings\Application Data\Google
2009-06-10 15:51 . 2009-06-10 15:51 -------- d-----w- c:\windows\Sun
2009-06-10 15:50 . 2009-06-10 15:50 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-10 15:48 . 2009-06-10 15:48 -------- d-----w- c:\program files\Java
2009-06-10 15:47 . 2009-06-10 15:47 152576 ----a-w- c:\documents and settings\m\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-10 15:44 . 2009-06-12 02:48 -------- d-----w- c:\windows\BDOSCAN8
2009-06-10 14:41 . 2009-06-10 14:41 -------- d-----w- C:\Temp
2009-06-10 00:14 . 2009-06-10 13:51 -------- d-----w- c:\program files\Say the Time
2009-06-10 00:13 . 2009-06-10 00:13 -------- d-----w- c:\program files\UnH Solutions
2009-06-10 00:03 . 2009-06-10 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\eboostr
2009-06-09 22:38 . 2009-06-10 13:50 -------- d-----w- c:\program files\CodeStuff
2009-06-09 22:24 . 2009-06-09 22:24 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-09 00:19 . 2009-06-09 00:19 -------- d-----w- c:\documents and settings\m\Application Data\Apple Computer
2009-06-08 20:39 . 2009-06-08 20:59 -------- d-----w- c:\program files\QuickTime
2009-06-08 20:39 . 2009-06-08 20:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-08 20:39 . 2009-06-08 20:39 -------- d-----w- c:\documents and settings\m\Local Settings\Application Data\Apple
2009-06-08 20:39 . 2009-06-08 20:39 -------- d-----w- c:\program files\Apple Software Update
2009-06-08 20:39 . 2009-06-08 20:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-08 20:39 . 2009-06-08 20:39 -------- d-----w- c:\documents and settings\m\Local Settings\Application Data\Apple Computer
2009-06-07 21:29 . 2009-06-09 23:45 -------- d-----w- c:\program files\LowTek CopyFaster
2009-06-07 21:19 . 2009-06-07 21:19 -------- d-----w- c:\documents and settings\m\Application Data\GlarySoft
2009-06-06 04:45 . 2009-06-06 04:45 1251 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_D20352A90C039D93DBF6126ECE614057.dll
2009-06-06 01:40 . 2009-06-06 01:40 -------- d-----w- c:\documents and settings\m\Application Data\Avira
2009-06-06 01:24 . 2009-06-09 22:58 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-06-06 01:24 . 2009-03-30 07:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-06 01:24 . 2009-03-24 13:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-06 01:24 . 2009-02-24 10:06 69632 ------w- c:\windows\system32\drivers\avfwim.sys
2009-06-06 01:24 . 2009-02-13 09:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-06 01:24 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-06 01:24 . 2009-06-06 01:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-06 01:24 . 2009-06-06 01:24 -------- d-----w- c:\program files\Avira
2009-06-06 00:33 . 2009-06-06 00:33 -------- d-----w- c:\windows\My Optimizer
2009-06-05 20:33 . 2009-06-06 03:42 -------- d-----w- c:\program files\VS Revo Group
2009-06-04 19:25 . 2009-06-04 19:25 -------- d-----w- c:\program files\Lavalys
2009-06-04 18:41 . 2009-06-04 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\DFX
2009-06-04 18:41 . 2009-06-04 18:41 -------- d-----w- c:\program files\Common Files\DFX
2009-06-03 15:02 . 2009-06-03 15:02 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-03 15:02 . 2009-04-27 11:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-03 15:02 . 2009-06-03 15:02 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-03 15:02 . 2009-06-03 15:02 -------- d-----w- c:\documents and settings\m\Application Data\TuneUp Software
2009-06-03 15:01 . 2009-06-03 15:31 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-03 15:01 . 2009-06-03 15:01 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-06-03 15:01 . 2009-06-12 03:15 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-06-03 13:39 . 2009-06-03 13:39 -------- d-----w- c:\windows\Wlording Speedup PC
2009-06-03 13:39 . 2009-06-03 13:39 -------- d-----w- c:\program files\Wlording Speedup PC
2009-06-02 22:54 . 2009-06-02 22:54 518 ----a-w- c:\documents and settings\m\Application Data\iolo\Registry\Last\restore.bat
2009-06-02 22:38 . 2009-06-02 22:38 1519 ----a-w- c:\documents and settings\m\Application Data\iolo\restore.bat
2009-06-02 22:25 . 2009-06-02 22:25 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2009-06-02 22:23 . 2009-06-06 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-06-02 22:23 . 2009-06-02 22:38 -------- d-----w- c:\documents and settings\m\Application Data\iolo
2009-06-01 23:05 . 2009-06-12 16:15 -------- d-----w- c:\documents and settings\m\Application Data\Paltalk
2009-06-01 22:36 . 2009-06-12 20:51 136728608 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-01 21:20 . 2009-06-04 01:08 -------- d-----w- c:\documents and settings\m\Local Settings\Application Data\Adobe
2009-05-31 16:00 . 2009-05-31 16:00 -------- d-----w- c:\windows\NLDRV
2009-05-31 15:15 . 2009-05-31 15:45 -------- d-----w- c:\program files\Trojan Remover
2009-05-31 15:15 . 2009-05-31 15:15 -------- d-----w- c:\documents and settings\m\Application Data\Simply Super Software
2009-05-31 15:15 . 2009-05-31 15:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-05-31 15:03 . 2009-05-31 15:03 687104 ----a-w- c:\windows\is-UMGO2.exe
2009-05-31 13:51 . 2004-02-10 17:56 155648 ----a-r- c:\windows\system32\igfxres.dll
2009-05-31 13:22 . 2004-08-03 21:56 152064 ----a-w- c:\windows\system32\irftp.exe
2009-05-31 13:22 . 2004-08-03 21:55 26624 ----a-w- c:\windows\system32\irmon.dll
2009-05-31 13:22 . 2004-08-03 20:00 87424 ----a-w- c:\windows\system32\drivers\irda.sys
2009-05-31 13:22 . 2004-08-03 21:56 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-05-31 13:19 . 2009-05-31 13:19 -------- d-----w- c:\documents and settings\Default User\Application Data\Malwarebytes
2009-05-31 13:12 . 2001-08-17 10:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2009-05-31 13:08 . 2001-09-19 11:00 13312 ----a-w- c:\windows\system32\irclass.dll
2009-05-31 13:08 . 2001-09-19 11:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2009-05-31 02:05 . 2002-01-05 08:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-05-31 02:05 . 2002-01-05 02:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-05-31 02:04 . 2002-01-05 03:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-05-31 00:49 . 2009-05-31 12:35 -------- d-----w- c:\program files\RegistryFix7
2009-05-30 22:29 . 2009-05-30 22:29 -------- d-----w- c:\documents and settings\m\Application Data\Malwarebytes
2009-05-30 22:29 . 2009-05-26 10:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-30 22:29 . 2009-05-26 10:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-30 22:29 . 2009-05-30 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-30 22:29 . 2009-05-31 15:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-30 20:48 . 2009-05-30 20:48 -------- d-----w- c:\documents and settings\m\Local Settings\Application Data\Thinstall
2009-05-30 18:49 . 2009-05-30 18:49 -------- d-----w- c:\documents and settings\m\Application Data\CyberScrub
2009-05-30 12:49 . 2008-07-08 11:54 148496 ----a-w- c:\windows\system32\drivers\31010798.sys
2009-05-29 21:37 . 2009-06-01 01:12 -------- d-----w- c:\program files\Windows Live Safety Center
2009-05-29 18:26 . 2009-06-01 22:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-28 21:18 . 2009-06-06 21:56 -------- d-----w- c:\documents and settings\m\Application Data\dvdcss
2009-05-28 21:10 . 2009-06-12 16:56 -------- d-----w- c:\program files\VideoLAN
2009-05-28 18:32 . 2009-05-28 18:32 -------- d-----w- c:\program files\Studio V5
2009-05-28 17:18 . 2009-05-28 17:18 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-28 14:32 . 2009-06-06 02:34 -------- d-----w- c:\program files\LtUcx
2009-05-28 14:25 . 2009-06-10 15:39 -------- d-----w- c:\documents and settings\m\Application Data\QuickScan
2009-05-28 14:23 . 2009-05-28 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-28 14:22 . 2009-05-28 15:56 -------- d-----w- c:\documents and settings\m\Application Data\SUPERAntiSpyware.com
2009-05-28 14:22 . 2009-05-28 15:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-28 13:44 . 2009-05-28 13:44 -------- d-----w- c:\program files\CCleaner
2009-05-28 13:20 . 2005-06-02 09:33 86016 ----a-w- c:\windows\system32\SLIPRT.DLL
2009-05-28 03:02 . 2009-06-05 20:41 -------- d-----w- c:\program files\Hide Your IP Address
2009-05-28 02:22 . 2009-05-28 02:22 -------- d-----w- c:\windows\system32\LogFiles
2009-05-28 02:17 . 2009-05-28 02:17 -------- d-----w- c:\program files\Bodrag
2009-05-28 02:00 . 2009-05-28 02:00 1078 ----a-r- c:\documents and settings\m\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
2009-05-28 02:00 . 2009-05-28 02:00 1078 ----a-r- c:\documents and settings\m\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
2009-05-28 02:00 . 2009-05-28 02:00 1078 ----a-r- c:\documents and settings\m\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
2009-05-28 02:00 . 2009-05-28 02:00 1078 ----a-r- c:\documents and settings\m\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
2009-05-28 02:00 . 2009-05-28 02:28 -------- d-----w- c:\program files\Microsoft Bootvis
2009-05-27 20:49 . 2009-05-27 20:49 -------- d-----w- c:\program files\WIDCOMM
2009-05-27 13:09 . 2003-02-28 15:26 139536 ----a-w- c:\windows\system32\javaee.dll
2009-05-27 00:20 . 2009-05-27 00:20 -------- d-----w- c:\program files\ImageShack Corp
2009-05-26 17:59 . 2003-02-28 15:26 46352 ----a-w- c:\windows\setdebug.exe
2009-05-26 17:59 . 2003-02-28 15:26 171280 ----a-w- c:\windows\system32\jit.dll
2009-05-26 17:59 . 2003-02-28 13:35 6550 ----a-w- c:\windows\jautoexp.dat
2009-05-26 17:59 . 2003-02-28 13:34 313856 ----a-w- c:\windows\system32\dx3j.dll
2009-05-26 14:43 . 2009-05-26 14:43 -------- d-----w- c:\program files\Synaptics
2009-05-26 14:42 . 2006-10-27 11:14 179896 ----a-w- c:\windows\system32\drivers\SynTP.sys
2009-05-26 14:42 . 2006-10-27 11:11 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2009-05-26 14:42 . 2006-10-27 10:24 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
2009-05-26 14:42 . 2006-10-27 10:14 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2009-05-26 14:42 . 2006-03-09 07:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2009-05-26 14:42 . 2006-10-27 10:13 163840 ----a-w- c:\windows\system32\SynCOM.dll
2009-05-26 14:40 . 2007-04-23 10:29 812544 ----a-w- c:\windows\system32\drivers\ti21sony.sys
2009-05-26 14:34 . 2009-05-26 14:34 -------- d-----w- C:\Drivers
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 20:04 . 2009-06-01 22:36 1593668 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-12 19:08 . 2001-09-19 12:00 38084 ----a-w- c:\windows\system32\perfc001.dat
2009-06-12 19:08 . 2001-09-19 12:00 246790 ----a-w- c:\windows\system32\perfh001.dat
2009-06-12 18:57 . 2009-05-30 18:43 -------- d-----w- c:\documents and settings\m\Application Data\cleaner
2009-06-06 04:50 . 2009-06-01 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan
2009-06-03 23:31 . 2009-05-23 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-03 15:08 . 2009-05-23 18:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-03 00:24 . 2009-06-01 21:18 -------- d-----w- c:\program files\Security Task Manager
2009-06-01 23:18 . 2009-05-23 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-31 13:52 . 2009-05-23 16:37 30784 ----a-w- c:\documents and settings\m\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-28 14:30 . 2009-05-23 16:30 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-27 13:09 . 2009-05-27 13:09 2678 ----a-w- c:\windows\java\Packages\Data\RHBDN5R3.DAT
2009-05-27 13:09 . 2009-05-27 13:09 2678 ----a-w- c:\windows\java\Packages\Data\IFHBNXZT.DAT
2009-05-27 13:09 . 2009-05-27 13:09 2678 ----a-w- c:\windows\java\Packages\Data\JRTVPRRB.DAT
2009-05-27 13:09 . 2009-05-27 13:09 2678 ----a-w- c:\windows\java\Packages\Data\75J1N7L7.DAT
2009-05-27 13:09 . 2009-05-27 13:09 2678 ----a-w- c:\windows\java\Packages\Data\EIIG131V.DAT
2009-05-26 17:59 . 2009-05-26 17:59 2232 ----a-w- c:\windows\java\Packages\Data\RL31FHJH.DAT
2009-05-26 17:59 . 2009-05-26 17:59 155995 ----a-w- c:\windows\java\Packages\7ZHNN3V3.ZIP
2009-05-25 11:37 . 2009-05-23 17:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-23 19:14 . 2009-05-23 19:14 -------- d-----w- c:\program files\MSSOAP
2009-05-23 19:13 . 2009-05-23 19:13 -------- d-----w- c:\program files\Webroot
2009-05-23 19:02 . 2009-05-23 19:02 -------- d-----w- c:\documents and settings\m\Application Data\Media Player Classic
2009-05-23 18:12 . 2009-05-23 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-05-23 18:12 . 2009-05-23 18:12 -------- d-----w- c:\program files\TechSmith
2009-05-23 18:08 . 2009-05-23 18:08 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-23 18:03 . 2009-05-23 18:03 -------- d-----w- c:\program files\Windows Live
2009-05-23 18:02 . 2009-05-23 18:01 -------- d-----w- c:\program files\Common Files\Xara
2009-05-23 18:01 . 2009-05-23 18:01 -------- d-----w- c:\program files\Xara
2009-05-23 18:00 . 2009-05-23 17:11 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-23 17:58 . 2009-05-23 17:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-23 17:58 . 2009-05-23 17:58 -------- d-----w- c:\program files\Common Files\Real
2009-05-23 17:58 . 2009-05-23 17:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-23 17:58 . 2009-05-23 17:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-23 17:45 . 2009-05-23 17:45 -------- d-----w- c:\program files\CONEXANT
2009-05-23 17:14 . 2009-05-23 17:14 -------- d-----w- c:\program files\Intel
2009-05-23 16:32 . 2009-05-23 16:32 -------- d-----w- c:\program files\microsoft frontpage
2009-05-23 16:27 . 2009-05-23 16:27 22144 ----a-w- c:\windows\system32\emptyregdb.dat
.
------- Sigcheck -------
[-] 2008-04-14 15:59 1571328 6B8B7B206FA0C50B4CF99EEE2AC14BC7 c:\windows\SoftwareDistribution\Download\7ddc38335814ac754f158e6c7fa2b6cb\sfcfiles.dll
[-] 2008-11-09 14:05 1547776 B0BACE02277B1979F22CE785536F651F c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-08-16 5728112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Snagit 9.lnk]
backup=c:\windows\pss\Snagit 9.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 ryhm;ryhm; [x]
R3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\DRIVERS\br3gmdm.sys [2008-03-14 100096]
R3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter; [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-05-26 19096]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2008-06-27 332928]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2009-06-09 97608]
S1 is-V243Bdrv;is-V243Bdrv;c:\windows\system32\DRIVERS\31010798.sys [2008-07-08 148496]
S1 SMBHC;Microsoft SM Bus Host Controller Driver;c:\windows\system32\DRIVERS\SMBHC.sys [2001-09-19 6784]
S2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [2009-06-09 388865]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-06-09 194817]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-06-09 434945]
S2 BandLuxe_Service;BandLuxe Service;c:\program files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [2008-06-03 87264]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-06-03 604416]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
S3 SMBBATT;Microsoft Smart Battery Driver;c:\windows\system32\DRIVERS\SMBBATT.sys [2004-08-03 16128]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-04-23 812544]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-06-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
2009-06-12 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
2009-06-11 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD} - (no file)
Notify-WgaLogon - (no file)

.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:9666
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: Microsoft XML Parser for Java
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
txtfile=c:\windows\notepad.exe %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-12 23:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(588)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-06-12 23:52
ComboFix-quarantined-files.txt 2009-06-12 20:52
Pre-Run: 51,894,968,320 bytes free
Post-Run: 52,151,119,872 bytes free
279 --- E O F --- 2009-05-31 03:01
 
تأييد 0
انجل سحليه بس مقبوله منك يابن العم
انا الجنرال
حلو البرنامج حذف الفايروسات
جرب الحين
 
توقيع : algnral
تأييد 0
هههههههههههههه

اسف اسف والله ماانتبهت مدري وش خلاني اكتب كذا ههههه
 
تأييد 0
حصل خير يابن عمو
جرب الحين
 
توقيع : algnral
تأييد 0
وش اجرب ياجنرال ؟؟
 
تأييد 0
جرب الريل بلير
واذا مازبط نزل برنامج احسن منه
123 ميديا كليسك
 
توقيع : algnral
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى