مشكلة : برنامج آخر يستخدم هذا الملف

[الحالم]

تظهر لي هذي الرسالة كل ما أردت اسوي شي .. أثبت برنامج أو ادخل المسنكونفج أو الرجستري
الكاسبر توقف .. وحذفته وثبته مرة ثانية برضه ما اشتغل وكل ماضغت عليه تطلع لي هالرسالة

أرجوكم شوفوا لي حل .. حاولت أعيد التشغيل وادخل بالوضع الآمن تجيني شاشة زرقاء ويعيد التشغيل ..

 

[LINEZERO]

اداة ComboFix​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes​

اثناء الفحص ممكن يعاد تشغيل الجهاز​

وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى

وارفق التقرير بدك القادم << نسخ ولصق​

 

[الحالم]

أشكرك أخوي LINEZERO من أعماق قلبي ... وجزاك الله خير البرنامج فعلا حل مشكلتي .. وهذا التقرير بس ودي اعرف شلون جاني الفيروس وانا مركب الكاسبر سكورتي 7 ومحدثة
ComboFix 08-09-25.05 - The Dreamy 09/26/2004 16:21:28.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.189 [GMT 3:00]
Running from: C:\Documents and Settings\The Dreamy\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\The Dreamy\s\the dreamy@2o7[1].txt
C:\Documents and Settings\The Dreamy\s\the dreamy@flipcorp[1].txt
C:\j.pif
C:\Program Files\Common Files\PushWare
C:\Program Files\Common Files\PushWare\cpush.dll
C:\Program Files\Common Files\PushWare\Uninst.exe
C:\Program Files\ef.pif
C:\Program Files\zzToolBar
C:\Program Files\zzToolBar\IP.dat
C:\Program Files\zzToolBar\SearchEngineConfig
C:\Program Files\zzToolBar\ToolBand.dll
C:\Program Files\zzToolBar\Toolbar_bho.dll
C:\Program Files\zzToolBar\uISGRLFile.dat
C:\Program Files\zzToolBar\Uninstall.exe
C:\QC.PIF
C:\strategy.txt
C:\WD.PIF
C:\WINDOWS\Aseo\pbhealth.dll
C:\WINDOWS\ktd32.atm
C:\WINDOWS\system32\dllcache\wuauclt.exe
C:\WINDOWS\system32\drivers\acpidisk.sys
C:\WINDOWS\system32\drivers\beep.sys
C:\WINDOWS\system32\gprmsgse.axz
C:\WINDOWS\system32\gscpx32r.det
C:\WINDOWS\system32\mprmsgse.axz
C:\WINDOWS\system32\waclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\TEMP\~my1.tmp
D:\Autorun.inf
D:\QC.PIF
D:\WD.PIF

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ACPIDISK
-------\Service_acpidisk


((((((((((((((((((((((((( Files Created from 2004-08-26 to 2004-09-26 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 21:21 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Skype
2008-09-23 19:15 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-09-23 18:48 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\URSoft
2008-09-19 15:59 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\PC Suite
2008-09-15 23:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-09-15 23:28 --------- d-----w C:\Program Files\Nokia
2008-09-15 23:27 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-15 22:39 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-09-15 22:39 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-15 22:39 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Nokia
2008-09-15 22:37 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-09-03 23:59 --------- d-----w C:\Program Files\oovooToolbar
2008-09-03 23:59 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\oovooToolbar
2008-08-07 22:33 --------- d-----w C:\Program Files\Hotspot Shield
2008-08-06 19:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-06 18:51 --------- d-----w C:\Program Files\GVR
2008-08-05 21:28 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-08-05 20:49 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-05 20:48 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-07-25 16:23 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Media Player Classic
2008-07-19 17:00 --------- d-----w C:\Program Files\Common Files\xing shared
2008-07-19 17:00 --------- d-----w C:\Program Files\Common Files\Real
2008-07-19 16:30 --------- d-----w C:\Program Files\Gabest
2008-07-12 21:43 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\dvdcss
2008-06-06 06:24 8,064 ----a-w C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-05-31 20:49 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Vso
2008-05-08 10:12 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-05-08 10:12 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-05-07 04:38 8,064 ----a-w C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-05-07 04:38 20,864 ----a-w C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-05-07 04:38 17,536 ----a-w C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-05-04 18:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-04 18:01 --------- d-----w C:\Program Files\Vimicro
2008-05-04 18:01 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-20 19:01 --------- d-----w C:\Program Files\Mobiola Web Camera USB
2008-04-20 18:46 --------- d-----w C:\Program Files\Mobiola Web Camera for S60 3Ed
2008-04-20 18:23 --------- d-----w C:\Program Files\Mobiola Web Camera
2008-03-19 21:11 --------- d-----w C:\Program Files\WinPcap
2008-03-19 21:10 --------- d-----w C:\Program Files\netcut
2008-03-09 20:00 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\ooVoo Details
2008-03-06 21:04 --------- d-----w C:\Program Files\SecondLife
2008-03-06 21:03 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\SecondLife
2008-03-06 18:25 --------- d-----w C:\Program Files\AV Vcs 6.0 GOLD
2008-03-06 18:14 --------- d-----w C:\Program Files\AMSN
2008-03-06 18:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-06 17:18 --------- d-----w C:\Program Files\Common Files\LencomShare
2008-03-06 17:17 --------- d-----w C:\Program Files\espyder
2008-03-06 17:16 --------- d-----w C:\Program Files\Common Files\TweakMarketing
2008-03-06 17:16 --------- d-----w C:\Program Files\Advanced Email Extractor PRO
2008-03-04 18:59 --------- d-----w C:\Program Files\Mobily Connect Card
2008-03-04 18:58 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Zyzoom_Autorun_Viruses_cleaner
2008-02-09 20:04 --------- d-----w C:\Program Files\Opera
2008-02-01 13:17 8,320 ----a-w C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2008-02-01 13:17 138,112 ----a-w C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2008-01-27 14:15 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Nitro PDF
2008-01-27 14:12 --------- d-----w C:\Program Files\Nitro PDF
2008-01-27 14:12 --------- d-----w C:\Program Files\Common Files\Nitro PDF
2008-01-27 14:12 --------- d-----w C:\Program Files\Common Files\BCL Technologies
2008-01-27 14:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nitro PDF
2008-01-27 12:33 --------- d-----w C:\Program Files\SmartFTP Client 2.5 Setup Files
2008-01-27 12:33 --------- d-----w C:\Program Files\SmartFTP Client
2008-01-27 12:33 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\SmartFTP
2008-01-18 22:23 --------- d-----w C:\Program Files\Java
2007-12-27 11:06 --------- d-----w C:\Program Files\MSN Messenger
2007-12-27 11:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-26 17:02 --------- d-----w C:\Program Files\Golden Al-Wafi Translator
2007-11-29 09:43 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-29 09:43 --------- d-----w C:\Program Files\Paltalk Messenger
2007-11-03 16:18 --------- d-----w C:\Program Files\VSO
2007-11-01 17:10 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2007-11-01 17:10 172,032 ------w C:\WINDOWS\Setup1.exe
2007-10-30 20:45 --------- d-----w C:\Program Files\Speed Email Extractor
2007-10-30 20:42 --------- d-----w C:\Program Files\Lencom Software Inc
2007-10-18 16:02 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\ACD Systems
2007-10-18 16:01 --------- d-----w C:\Program Files\Common Files\ACD Systems
2007-10-18 16:01 --------- d-----w C:\Program Files\ACD Systems
2007-10-18 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2007-10-06 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2007-10-05 20:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-10-05 09:41 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Vidalia
2007-10-05 05:10 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Tor
2007-10-05 02:32 --------- d-----w C:\Program Files\iVocalize Web Conference 4
2007-10-03 01:43 --------- d-----w C:\Program Files\WIDCOMM
2007-10-02 20:04 --------- d-----w C:\Documents and Settings\The Dreamy\Application Data\Intel
2007-10-02 20:03 17,119 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2007-10-02 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Intel
2007-10-02 20:01 --------- d-----w C:\Program Files\Intel
2007-10-02 19:51 --------- d-----w C:\Program Files\acer
2007-09-27 01:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-09-27 01:02 --------- d-----w C:\Program Files\Adverts
2007-09-27 01:01 --------- d-----w C:\Program Files\Windows Live
2007-09-26 16:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
2007-09-26 16:11 --------- d-----w C:\Program Files\PC Drivers HeadQuarters
2007-09-24 00:38 --------- d-----w C:\Program Files\Skype
2007-09-24 00:38 --------- d-----w C:\Program Files\Common Files\Skype
2007-09-24 00:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2007-09-17 12:53 21,632 ----a-w C:\WINDOWS\system32\drivers\pccsmcfd.sys
2007-09-16 19:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2007-09-15 20:07 --------- d-----w C:\Program Files\videoview
2007-09-15 20:05 --------- d-----w C:\Program Files\directx
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:00 PM 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM 31016]
"acerWireless"="C:\Program Files\acer\Wireless\Utility\WlanUtil.exe" [06/09/2004 11:15 AM 417792]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [10/15/2004 11:27 AM 385024]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [10/15/2004 11:31 AM 356352]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 03:00 PM 110592 C:\WINDOWS\system32\bthprops.cpl]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-05-25 565309]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
10/15/2004 11:27 AM 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalStart.lnk]
backup=C:\WINDOWS\pss\PalStart.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^The Dreamy^Start Menu^Programs^Startup^AMSN.lnk]
backup=C:\WINDOWS\pss\AMSN.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^The Dreamy^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 02/26/2007 03:40 AM 969728 C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
-ra------ 08/18/2006 11:58 AM 49152 C:\WINDOWS\Domino.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 01/02/2007 12:22 AM 3739648 C:\Program Files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 08/26/2007 12:48 AM 887040 C:\Program Files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 08/04/2004 01:06 AM 1667584 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
--a------ 08/17/2008 04:42 PM 13498160 C:\Program Files\ooVoo\ooVoo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 08/26/2007 09:00 PM 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 07/19/2008 07:59 PM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
-ra------ 04/06/2007 06:06 AM 57344 C:\WINDOWS\ZSSnp211.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"Google Update"="C:\Documents and Settings\The Dreamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nitro PDF Printer Monitor"="C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe"
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"C:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*isabledoVoo TCP المنفذ 443
"443:UDP"= 443:UDP:*isabledoVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP:*isabledoVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP:*isabledoVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP:*isabledoVoo UDP المنفذ 37675
"37676:TCP"= 37676:TCP:*isabledoVoo TCP المنفذ 37676
"37676:UDP"= 37676:UDP:*isabledoVoo UDP المنفذ 37676
"37677:UDP"= 37677:UDP:*isabledoVoo UDP المنفذ 37677
"37678:TCP"= 37678:TCPoVoo TCP المنفذ 37678
"37678:UDP"= 37678:UDPoVoo UDP المنفذ 37678
"37679:UDP"= 37679:UDPoVoo UDP المنفذ 37679

R2 StkSSrv;USB2.0 TVBOX Service;C:\WINDOWS\System32\StkSrv2K_.exe [10/21/2005 06:30 PM 24576]
R3 BTCAMDRV;Mobiola Web Camera driver;C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys [11/01/2006 06:45 PM 219264]
R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [06/08/2007 09:52 AM 27136]
S3 bepldr;BCL easyPDF SDK 5 Loader;C:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe [11/15/2007 06:05 PM 151552]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [07/26/2005 10:46 AM 65152]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;C:\WINDOWS\system32\DRIVERS\ewusbapp.sys [07/26/2005 10:46 AM 65152]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;C:\WINDOWS\system32\DRIVERS\ewusbser.sys [07/26/2005 10:46 AM 65152]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [02/01/2008 04:17 PM 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [02/01/2008 04:17 PM 8320]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [09/26/2004 04:25 PM 42000]
S3 PNDIS5;PNDIS5 NDIS Protocol Driver;C:\DOCUME~1\THEDRE~1\Desktop\PNDIS5.SYS [ ]
S3 StkMini;USB2.0 TVBox;C:\WINDOWS\system32\Drivers\StkMini.sys [10/21/2005 06:30 PM 750303]
S3 StkScan;USB2.0 TVBox Still Image;C:\WINDOWS\system32\Drivers\StkScan.sys [10/21/2005 06:30 PM 4735]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - u.bat
\Shell\explore\Command - u.bat
\Shell\open\Command - u.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8361db-5809-11dc-b119-00c09fbfd987}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL rose.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32cd9296-725f-11dc-ab7a-000b6b59169c}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL exiplorer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e7ab4b0-9111-11dc-93a3-000b6b59169c}]
\Shell\AutoRun\command - oufddh.exe
\Shell\explore\Command - oufddh.exe
\Shell\open\Command - oufddh.exe
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{A057A204-BACC-4D26-8087-36EE87E26986} - (no file)
Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\The Dreamy\Application Data\Mozilla\Firefox\Profiles\8k4grj7n.default\
FF -: plugin - C:\Documents and Settings\The Dreamy\Local Settings\Application Data\Google\Update\1.2.131.19\npGoogleOneClick6.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.
.
------- File Associations -------
.
txtfile=C:\WINDOWS\notepad.exe %1
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2004-09-26 16:29:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 09/26/2004 16:35:06 - machine was rebooted
ComboFix-quarantined-files.txt 2004-09-26 13:34:17

Pre-Run: 24,964,993,024 bytes free
Post-Run: 25,602,457,600 bytes free

316

 

[LINEZERO]

حلو تم حذف بعض الاصابات

وش برنامج الحمايه على جهازك ؟

 

[الحالم]

الكاسبر 9

 

[LINEZERO]

محدث بتاريخ اليوم !!

اذا ايه سو فحص كامل للجهاز

وقبل اي شي خبرني هل الرساله باقي موجوده​

 

[الحالم]

ايه محدث بتاريخ اليوم .. والرسالة الحمد لله راحت ..

 

[LINEZERO]

ايه محدث بتاريخ اليوم .. والرسالة الحمد لله راحت ..

الحمد لله

الان ابيك تسوي فحص كامل للجهاز عشان نتاكد
انه ما بقى اصابات واي اصابه يصيدها الكاسبر لاوصيك حذف :q:

تامرني شي ثااني !!

بالتوفيق​

 

[الحالم]

سلامتك والله يجزاك خير ..

 

[LINEZERO]

الله يسلمك​

وتلقى خير ان شاء الله​

موفق​