استخدمت الامر sfc /scannow فماذا حصل؟؟؟؟

  • بادئ الموضوع بادئ الموضوع SALEM666
  • تاريخ البدء تاريخ البدء
  • المشاهدات 6,100
S

SALEM666

زيزوومى محترف
إنضم
2 أغسطس 2008
المشاركات
3,966
مستوى التفاعل
37
النقاط
830
غير متصل
اخواني الاعزاء لقد استخدمت لامر sfc /scannow لاجل عمل اصلاح للويندوز اذا في ملفات معطوبة وذلك حسب الموضوع الذي قراته في منتديات زيزوم وادخلت السيدي xp وبعد الانتهاء من ذلك فوجئت بان اقلاع الويندوز بطيئ وكذلك عناصر سطح المكب .بينما كانت قبل ذلك اسرع!!!!
فما العمل لحل هذه المشكلة مع الشكر والتقدير

والله برعاكم
 

توقيع : SALEM666
ترتيب حسب التاريخ ترتيب حسب الأصوات
SALEM666 قال:
اخي ماكس اذا كانت وظيفة هذه الاداه الكشف عن الفيروسات وتصفيتها فما الفرق بينها وبين الكاسبر انتي فيروس حتى ان حجمها مقارب له مع الشكر لك
أنقر للتوسيع...

مافي فرق
بس عشانك مو مثبت الكاسبر ومثبت الافيرا
انا ما اغصبك على استخدام الكاسبر ولكن اعطيك اداة محمولة وخلاص :d:
 

تأييد 0
اخي maax انا عندي كاسبرسكي 7.0.0.125 وهو محفوظ في قرص D ولكن نتيجة لمشاكل مفتاح الكاسبر استعظت عنه بالافيرا لكن اذا كان ممكن احمله في الجهاز بدلا عن تنزيل الاداه لان تنزيلها يحتاج وقت لضعف الاتصال عندي كما ان عندي ايضا كاسبر 6 فاذا تنصح وهل لديك مفاتيح فعاله للكاسبر كما ايش رايك بالكاسبر 8 هل افضل من سابقه ولك خالص شكري
 
توقيع : SALEM666
تأييد 0
SALEM666 قال:
اخي maax انا عندي كاسبرسكي 7.0.0.125 وهو محفوظ في قرص D ولكن نتيجة لمشاكل مفتاح الكاسبر استعظت عنه بالافيرا لكن اذا كان ممكن احمله في الجهاز بدلا عن تنزيل الاداه لان تنزيلها يحتاج وقت لضعف الاتصال عندي كما ان عندي ايضا كاسبر 6 فاذا تنصح وهل لديك مفاتيح فعاله للكاسبر كما ايش رايك بالكاسبر 8 هل افضل من سابقه ولك خالص شكري
أنقر للتوسيع...

هلااا بك اخي
ممكن نستغني عن الاداة بالكاسبر اللي عندك مع ملف اعدادات معين
والكاسبر8 طبعا افضل كثير عن 7

انت الان لازم تقولي ايش بتسوي عشان اقدر اساعدك
 
تأييد 0
الان ممكن انزل الاصدار 8 بس ترشدني الى رابط فعال والى مفتاح شغال ثم اقوم بفحص الجهاز بالكاسبر 8 ثم اعمل لك تقرير الهاي جاك لكي تلاحظ اذا في مشكله والله يرعاك
 
توقيع : SALEM666
تأييد 0
تأييد 0
جزاك الله الف خير على تواصلك وصبرك اخي ماكس
 
توقيع : SALEM666
تأييد 0
اخي ماكس حاولت تحميل الكاسبر في الرابط الذي اعطيتني بواسطة ال IDM لكن لم يتم التحميل ما ادري ويش السبب اما الرابط حق المفتاح تحمل 0000 لكن ويش الفايده واذا كان لا بد منه ساحمله في مقهى نت.
المهم كان معي سيدي فيه كاسبرسكاي انترنت سكيورتي نسخة 8.0.0.138 حاولت انزلها لاجل الوقت نزلتها لكن المفتاح هو المشكلة الامر الاخر تظهر لي رسالة من الكاسبر ببعض البرامج الذي اريد فتحها كما في الصورة فماذا تنصحني بارك الله فيك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : SALEM666
تأييد 0
منتظر ردك اخي ماكس في الغد وليلتك سعيده
 
توقيع : SALEM666
تأييد 0
اخي ماكس هذه صورة الكاسبر الذي نزلته وفي تحديث مباشر غير انه يطلب المفتاح للتنشيط المهم اعطني رايك ماذا افعل ولاحظت انه قفل علي بعض البرامج كما في الرسالة السابقة الي يظهر فيها ال IDM
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهذه ايضا صورة الاصدار مع الشكر
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : SALEM666
تأييد 0
وهذا تقرير الهاي جاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:52 ص, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winsersec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\avp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\sdaemon.exe
C:\WINDOWS\winwd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\avp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\avp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\FSCapture.exe
C:\Documents and Settings\salem\Desktop\برامج\Zyzoom_FSCapture2.exe
D:\downloads\hijack this\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SDaemon] C:\WINDOWS\sdaemon.exe
O4 - HKLM\..\Run: [SWd] C:\WINDOWS\winwd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\avp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\SCIEPlgn.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 8.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: winser - Unknown owner - C:\WINDOWS\system32\winsersec.exe
--
End of file - 8162 bytes
 
توقيع : SALEM666
تأييد 0
تصبح على خير والله يرعاك
 
توقيع : SALEM666
تأييد 0
وانت من اهل الخير

حمل الاداة التالية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها بدبل كلك ،، ثواني يظهر المفكرة وفيها تقرير ،، اعمل تحديد الكل وانسخه والصقه بمشاركتك القادمة
 
تأييد 0
اخي ماكس هذا التقرير الذي طلبت واقول ان المشكلة التي اعاني منها هي البطء في اقلاع الويندوز وخصوصا عند ظهور عناصر سطح المكتب فانها تتاخر في الظهور عن المعتاد وهذا كان بعد ان استخدمت الامر stc /scannow حسبما شرحته من سابق= = = = = = = = = = = == = ================ ==================.--------------------------\\\ Start Report Of HijackThis --------------- .Logfile of Trend Micro HijackThis v2.0.2Scan saved at 07:21:30 ص, on 17/08/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\winsersec.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\STacSV.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\sdaemon.exeC:\WINDOWS\winwd.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\salem\Local Settings\temp\FSCapture.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\internet explorer\iexplore.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeG:\boot.exeG:\kingpro9.exeC:\Program Files\Internet Download Manager\IDMan.exeC:\Program Files\Internet Download Manager\IEMonitor.exeC:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exeC:\WINDOWS\system32\cmd.exeC:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\autorunsc.exeC:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exeC:\WINDOWS\system32\cmd.exeC:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet ExplorerR3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [SDaemon] C:\WINDOWS\sdaemon.exeO4 - HKLM\..\Run: [SWd] C:\WINDOWS\winwd.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimizedO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onbootO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.htmlO8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htmO8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htmO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exeO23 - Service: winser - Unknown owner - C:\WINDOWS\system32\winsersec.exe--End of file - 7519 bytes..--------------------------\\\ End Report Of Of HijackThis --------------- ....--------------------------\\\ Start Report Of Running Processes --------------- .==================================================Process Name : smss.exeProcessID : 576Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Windows NT Session ManagerCompany : Microsoft CorporationWindow Title : File Size : 50,688File Created Date : 26/04/2008 11:00:09 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\System32\smss.exeBase Address : 0x48580000Created On : 17/08/2008 06:17:19 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 400 KMem Usage Peak : 480 KPage Faults : 223Pagefile Usage : 168 KPagefile Peak Usage : 1676 KFile Attributes : A====================================================================================================Process Name : csrss.exeProcessID : 640Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Client Server Runtime ProcessCompany : Microsoft CorporationWindow Title : File Size : 6,144File Created Date : 26/04/2008 11:00:24 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\csrss.exeBase Address : 0x4A680000Created On : 17/08/2008 06:17:36 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 4752 KMem Usage Peak : 4900 KPage Faults : 6536Pagefile Usage : 2180 KPagefile Peak Usage : 2180 KFile Attributes : A====================================================================================================Process Name : winlogon.exeProcessID : 664Priority : HighProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Windows NT Logon ApplicationCompany : Microsoft CorporationWindow Title : File Size : 502,272File Created Date : 26/04/2008 11:00:25 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\winlogon.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:38 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 3976 KMem Usage Peak : 12376 KPage Faults : 6037Pagefile Usage : 10048 KPagefile Peak Usage : 13396 KFile Attributes : A====================================================================================================Process Name : services.exeProcessID : 708Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Services and Controller appCompany : Microsoft CorporationWindow Title : File Size : 108,032File Created Date : 26/04/2008 11:00:28 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\services.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:42 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 4588 KMem Usage Peak : 4624 KPage Faults : 1816Pagefile Usage : 2492 KPagefile Peak Usage : 3076 KFile Attributes : A====================================================================================================Process Name : lsass.exeProcessID : 720Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : LSA Shell (Export Version)Company : Microsoft CorporationWindow Title : File Size : 13,312File Created Date : 26/04/2008 11:00:28 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\lsass.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:43 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 1892 KMem Usage Peak : 6380 KPage Faults : 8424Pagefile Usage : 4664 KPagefile Peak Usage : 4940 KFile Attributes : A====================================================================================================Process Name : winsersec.exeProcessID : 868Priority : NormalProduct Name : Version : Description : Company : Window Title : File Size : 53,248File Created Date : 26/04/2008 11:04:38 صFile Modified Date : 13/04/2005 10:37:34 مFilename : C:\WINDOWS\system32\winsersec.exeBase Address : 0x00400000Created On : 17/08/2008 06:17:44 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 1552 KMem Usage Peak : 1552 KPage Faults : 383Pagefile Usage : 508 KPagefile Peak Usage : 508 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 880Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:45 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 5176 KMem Usage Peak : 5232 KPage Faults : 1439Pagefile Usage : 5348 KPagefile Peak Usage : 25636 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 996Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:48 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 4944 KMem Usage Peak : 4944 KPage Faults : 1371Pagefile Usage : 5656 KPagefile Peak Usage : 5656 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 1036Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\System32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:49 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 28032 KMem Usage Peak : 28092 KPage Faults : 19536Pagefile Usage : 20408 KPagefile Peak Usage : 20720 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 1124Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:49 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 3812 KMem Usage Peak : 3920 KPage Faults : 1108Pagefile Usage : 1596 KPagefile Peak Usage : 1700 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 1188Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:17:50 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 3940 KMem Usage Peak : 3948 KPage Faults : 1033Pagefile Usage : 4464 KPagefile Peak Usage : 4488 KFile Attributes : A====================================================================================================Process Name : aawservice.exeProcessID : 1268Priority : NormalProduct Name : Ad-Aware ServiceVersion : 7,1,0,12Description : Ad-Aware ServiceCompany : LavasoftWindow Title : File Size : 611,664File Created Date : 12/05/2008 09:38:28 صFile Modified Date : 04/06/2008 06:26:38 مFilename : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeBase Address : 0x00400000Created On : 17/08/2008 06:17:55 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 1744 KMem Usage Peak : 157404 KPage Faults : 76188Pagefile Usage : 16980 KPagefile Peak Usage : 167312 KFile Attributes : A====================================================================================================Process Name : Explorer.EXEProcessID : 1428Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)Description : Windows ExplorerCompany : Microsoft CorporationWindow Title : ProgramsFile Size : 1,033,216File Created Date : 31/08/2004 09:00:00 مFile Modified Date : 13/06/2007 10:23:08 صFilename : C:\WINDOWS\Explorer.EXEBase Address : 0x01000000Created On : 17/08/2008 06:18:03 صVisible Windows : 4Hidden Windows : 63User Name : SALEM-AF3E45DCF\salemMem Usage : 17492 KMem Usage Peak : 44420 KPage Faults : 131050Pagefile Usage : 46820 KPagefile Peak Usage : 51624 KFile Attributes : A====================================================================================================Process Name : spoolsv.exeProcessID : 1536Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)Description : Spooler SubSystem AppCompany : Microsoft CorporationWindow Title : File Size : 57,856File Created Date : 26/04/2008 11:00:33 صFile Modified Date : 10/06/2005 11:53:32 مFilename : C:\WINDOWS\system32\spoolsv.exeBase Address : 0x01000000Created On : 17/08/2008 06:18:09 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 5548 KMem Usage Peak : 5800 KPage Faults : 1981Pagefile Usage : 6848 KPagefile Peak Usage : 7176 KFile Attributes : A====================================================================================================Process Name : guard.exeProcessID : 1688Priority : NormalProduct Name : AVG Anti-SpywareVersion : 7, 5, 1, 22Description : AVG Anti-Spyware guardCompany : GRISOFT s.r.o.Window Title : File Size : 312,880File Created Date : 30/05/2007 12:31:10 مFile Modified Date : 30/05/2007 12:31:10 مFilename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:12 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 19960 KMem Usage Peak : 49684 KPage Faults : 113474Pagefile Usage : 44148 KPagefile Peak Usage : 55108 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 1704Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:18:13 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 3496 KMem Usage Peak : 3496 KPage Faults : 916Pagefile Usage : 2832 KPagefile Peak Usage : 2856 KFile Attributes : A====================================================================================================Process Name : MDM.EXEProcessID : 1744Priority : NormalProduct Name : Microsoft® Visual Studio .NETVersion : 7.00.9466Description : Machine Debug ManagerCompany : Microsoft CorporationWindow Title : File Size : 322,120File Created Date : 19/06/2003 08:25:00 مFile Modified Date : 19/06/2003 08:25:00 مFilename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEBase Address : 0x00400000Created On : 17/08/2008 06:18:14 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 3312 KMem Usage Peak : 3320 KPage Faults : 882Pagefile Usage : 3928 KPagefile Peak Usage : 3940 KFile Attributes : A====================================================================================================Process Name : STacSV.exeProcessID : 1812Priority : NormalProduct Name : C-Major AudioVersion : 1.0.5143.0 nd491 cp1Description : STacSV ModuleCompany : SigmaTel, Inc.Window Title : File Size : 86,016File Created Date : 26/04/2008 11:02:29 صFile Modified Date : 27/07/2006 06:23:34 صFilename : C:\WINDOWS\system32\STacSV.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:16 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 4084 KMem Usage Peak : 4092 KPage Faults : 1067Pagefile Usage : 5780 KPagefile Peak Usage : 5840 KFile Attributes : A====================================================================================================Process Name : svchost.exeProcessID : 1852Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Generic Host Process for Win32 ServicesCompany : Microsoft CorporationWindow Title : File Size : 14,336File Created Date : 26/04/2008 11:00:31 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\svchost.exeBase Address : 0x01000000Created On : 17/08/2008 06:18:17 صVisible Windows : 0Hidden Windows : 0User Name : NT AUTHORITY\SYSTEMMem Usage : 4600 KMem Usage Peak : 4644 KPage Faults : 1370Pagefile Usage : 5972 KPagefile Peak Usage : 6084 KFile Attributes : A====================================================================================================Process Name : igfxtray.exeProcessID : 2024Priority : NormalProduct Name : Intel(R) Common User InterfaceVersion : 3.0.0.4497Description : igfxTray ModuleCompany : Intel CorporationWindow Title : File Size : 94,208File Created Date : 26/04/2008 11:03:49 صFile Modified Date : 07/02/2006 12:39:20 صFilename : C:\WINDOWS\system32\igfxtray.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:24 صVisible Windows : 0Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 3932 KMem Usage Peak : 3940 KPage Faults : 1021Pagefile Usage : 3988 KPagefile Peak Usage : 5376 KFile Attributes : A====================================================================================================Process Name : hkcmd.exeProcessID : 2044Priority : NormalProduct Name : Intel(R) Common User InterfaceVersion : 3.0.0.4497Description : hkcmd ModuleCompany : Intel CorporationWindow Title : File Size : 77,824File Created Date : 26/04/2008 11:03:49 صFile Modified Date : 07/02/2006 12:36:06 صFilename : C:\WINDOWS\system32\hkcmd.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:24 صVisible Windows : 0Hidden Windows : 12User Name : SALEM-AF3E45DCF\salemMem Usage : 3240 KMem Usage Peak : 3248 KPage Faults : 826Pagefile Usage : 3736 KPagefile Peak Usage : 3764 KFile Attributes : A====================================================================================================Process Name : igfxpers.exeProcessID : 156Priority : NormalProduct Name : Intel(R) Common User InterfaceVersion : 3.0.0.4497Description : persistence ModuleCompany : Intel CorporationWindow Title : File Size : 118,784File Created Date : 26/04/2008 11:03:50 صFile Modified Date : 07/02/2006 12:40:02 صFilename : C:\WINDOWS\system32\igfxpers.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:24 صVisible Windows : 0Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 3216 KMem Usage Peak : 3228 KPage Faults : 829Pagefile Usage : 3720 KPagefile Peak Usage : 3744 KFile Attributes : A====================================================================================================Process Name : sdaemon.exeProcessID : 240Priority : NormalProduct Name : Tropical Software sdaemonVersion : 6.4Description : sdaemonCompany : Tropical SoftwareWindow Title : File Size : 111,104File Created Date : 18/04/2005 09:57:14 مFile Modified Date : 18/04/2005 09:57:16 مFilename : C:\WINDOWS\sdaemon.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:25 صVisible Windows : 0Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 3096 KMem Usage Peak : 3096 KPage Faults : 822Pagefile Usage : 976 KPagefile Peak Usage : 976 KFile Attributes : A====================================================================================================Process Name : winwd.exeProcessID : 340Priority : NormalProduct Name : Version : Description : Company : Window Title : File Size : 26,624File Created Date : 18/04/2005 09:56:41 مFile Modified Date : 18/04/2005 09:56:42 مFilename : C:\WINDOWS\winwd.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:26 صVisible Windows : 0Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 1984 KMem Usage Peak : 1984 KPage Faults : 508Pagefile Usage : 544 KPagefile Peak Usage : 544 KFile Attributes : A====================================================================================================Process Name : realsched.exeProcessID : 360Priority : NormalProduct Name : RealPlayer (32-bit)Version : 0.1.0.4279Description : RealNetworks SchedulerCompany : RealNetworks, Inc.Window Title : File Size : 185,896File Created Date : 03/03/2008 04:10:03 صFile Modified Date : 03/03/2008 04:10:04 صFilename : C:\Program Files\Common Files\Real\Update_OB\realsched.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:27 صVisible Windows : 0Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 180 KMem Usage Peak : 3204 KPage Faults : 17287Pagefile Usage : 4396 KPagefile Peak Usage : 4408 KFile Attributes : A====================================================================================================Process Name : GoogleToolbarNotifier.exeProcessID : 400Priority : NormalProduct Name : GoogleToolbarNotifierVersion : 2, 0, 301, 1654Description : GoogleToolbarNotifierCompany : Google Inc.Window Title : File Size : 68,856File Created Date : 02/06/2008 07:15:19 مFile Modified Date : 02/06/2008 07:15:20 مFilename : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:28 صVisible Windows : 0Hidden Windows : 4User Name : SALEM-AF3E45DCF\salemMem Usage : 1940 KMem Usage Peak : 6036 KPage Faults : 5031Pagefile Usage : 6852 KPagefile Peak Usage : 6864 KFile Attributes : A====================================================================================================Process Name : ctfmon.exeProcessID : 428Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : CTF LoaderCompany : Microsoft CorporationWindow Title : File Size : 15,360File Created Date : 26/04/2008 11:02:09 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\ctfmon.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:29 صVisible Windows : 0Hidden Windows : 5User Name : SALEM-AF3E45DCF\salemMem Usage : 3620 KMem Usage Peak : 3624 KPage Faults : 1023Pagefile Usage : 1532 KPagefile Peak Usage : 1532 KFile Attributes : A====================================================================================================Process Name : FSCapture.exeProcessID : 468Priority : NormalProduct Name : Version : Description : Company : Window Title : File Size : 1,123,840File Created Date : 16/08/2008 04:18:05 مFile Modified Date : 24/05/2007 06:35:06 مFilename : C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exeBase Address : 0x00400000Created On : 17/08/2008 06:18:33 صVisible Windows : 0Hidden Windows : 16User Name : SALEM-AF3E45DCF\salemMem Usage : 2396 KMem Usage Peak : 12116 KPage Faults : 7956Pagefile Usage : 16892 KPagefile Peak Usage : 20636 KFile Attributes : A====================================================================================================Process Name : alg.exeProcessID : 1224Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Application Layer Gateway ServiceCompany : Microsoft CorporationWindow Title : File Size : 44,544File Created Date : 26/04/2008 11:00:57 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\System32\alg.exeBase Address : 0x01000000Created On : 17/08/2008 06:19:12 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 3856 KMem Usage Peak : 3864 KPage Faults : 997Pagefile Usage : 4200 KPagefile Peak Usage : 4220 KFile Attributes : A====================================================================================================Process Name : igfxsrvc.exeProcessID : 2712Priority : NormalProduct Name : Intel(R) Common User InterfaceVersion : 3.0.0.4497Description : igfxsrvc ModuleCompany : Intel CorporationWindow Title : File Size : 163,840File Created Date : 26/04/2008 11:03:48 صFile Modified Date : 07/02/2006 12:35:58 صFilename : C:\WINDOWS\system32\igfxsrvc.exeBase Address : 0x00400000Created On : 17/08/2008 06:23:24 صVisible Windows : 0Hidden Windows : 0User Name : SALEM-AF3E45DCF\salemMem Usage : 3400 KMem Usage Peak : 3400 KPage Faults : 863Pagefile Usage : 3952 KPagefile Peak Usage : 3952 KFile Attributes : A====================================================================================================Process Name : iexplore.exeProcessID : 3304Priority : NormalProduct Name : Windows® Internet ExplorerVersion : 7.00.6000.16674 (vista_gdr.080415-1732)Description : Internet ExplorerCompany : Microsoft CorporationWindow Title : استخدمت الامر sfc /scannow فماذا حصل؟؟؟؟ - الصفحة 5 - زيزوووم للأمن والحمايه - Microsoft Internet ExplorerFile Size : 625,664File Created Date : 02/12/2007 03:54:28 مFile Modified Date : 22/04/2008 07:40:18 صFilename : C:\Program Files\internet explorer\iexplore.exeBase Address : 0x00400000Created On : 17/08/2008 07:02:54 صVisible Windows : 2Hidden Windows : 66User Name : SALEM-AF3E45DCF\salemMem Usage : 5576 KMem Usage Peak : 34708 KPage Faults : 56584Pagefile Usage : 44036 KPagefile Peak Usage : 48068 KFile Attributes : A====================================================================================================Process Name : WLLoginProxy.exeProcessID : 3368Priority : NormalProduct Name : Microsoft® Windows Live Login HelperVersion : 4.100.313.1Description : WLLoginProxy.exeCompany : Microsoft CorporationWindow Title : File Size : 115,024File Created Date : 31/08/2006 05:33:02 مFile Modified Date : 31/08/2006 05:33:02 مFilename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeBase Address : 0x01000000Created On : 17/08/2008 07:02:57 صVisible Windows : 0Hidden Windows : 0User Name : SALEM-AF3E45DCF\salemMem Usage : 7692 KMem Usage Peak : 7700 KPage Faults : 2020Pagefile Usage : 7944 KPagefile Peak Usage : 8008 KFile Attributes : A====================================================================================================Process Name : boot.exeProcessID : 3572Priority : NormalProduct Name : Version : 1.0.0.0Description : Company : Window Title : الملك للبرمجيات 9File Size : 892,717File Created Date : 26/12/2007 06:33:58 صFile Modified Date : 26/12/2007 06:33:58 صFilename : G:\boot.exeBase Address : 0x00400000Created On : 17/08/2008 07:04:42 صVisible Windows : 1Hidden Windows : 3User Name : SALEM-AF3E45DCF\salemMem Usage : 3556 KMem Usage Peak : 11776 KPage Faults : 60977Pagefile Usage : 17352 KPagefile Peak Usage : 18264 KFile Attributes : R====================================================================================================Process Name : kingpro9.exeProcessID : 3636Priority : NormalProduct Name : Version : Description : Company : Window Title : KingPro 9File Size : 8,775,268File Created Date : 09/01/2008 08:56:25 مFile Modified Date : 09/01/2008 08:56:25 مFilename : G:\kingpro9.exeBase Address : 0x00400000Created On : 17/08/2008 07:04:47 صVisible Windows : 1Hidden Windows : 6User Name : SALEM-AF3E45DCF\salemMem Usage : 2572 KMem Usage Peak : 118324 KPage Faults : 166697Pagefile Usage : 99884 KPagefile Peak Usage : 107316 KFile Attributes : R====================================================================================================Process Name : IDMan.exeProcessID : 2124Priority : NormalProduct Name : Internet Download Manager (IDM)Version : 5.14.3.0Description : Internet Download Manager (IDM)Company : Tonec Inc.Window Title : File Size : 2,610,608File Created Date : 29/07/2008 02:07:45 مFile Modified Date : 14/08/2008 07:44:48 مFilename : C:\Program Files\Internet Download Manager\IDMan.exeBase Address : 0x00400000Created On : 17/08/2008 07:11:40 صVisible Windows : 0Hidden Windows : 7User Name : SALEM-AF3E45DCF\salemMem Usage : 15000 KMem Usage Peak : 15536 KPage Faults : 6192Pagefile Usage : 19252 KPagefile Peak Usage : 19768 KFile Attributes : A====================================================================================================Process Name : IEMonitor.exeProcessID : 2008Priority : NormalProduct Name : IEMonitor ApplicationVersion : 5, 12, 8, 0Description : Internet Download Manager agent for click monitoring in IE-based browsersCompany : Tonec Inc.Window Title : File Size : 251,312File Created Date : 29/07/2008 02:03:26 مFile Modified Date : 18/02/2008 01:01:02 مFilename : C:\Program Files\Internet Download Manager\IEMonitor.exeBase Address : 0x00400000Created On : 17/08/2008 07:11:44 صVisible Windows : 0Hidden Windows : 3User Name : SALEM-AF3E45DCF\salemMem Usage : 5436 KMem Usage Peak : 5440 KPage Faults : 1512Pagefile Usage : 5008 KPagefile Peak Usage : 5016 KFile Attributes : A====================================================================================================Process Name : runn.exeProcessID : 3236Priority : NormalProduct Name : Version : Description : Company : Window Title : File Size : 71,680File Created Date : 17/08/2008 04:21:02 صFile Modified Date : 31/01/2008 10:24:26 مFilename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exeBase Address : 0x00400000Created On : 17/08/2008 07:21:03 صVisible Windows : 0Hidden Windows : 0User Name : SALEM-AF3E45DCF\salemMem Usage : 2304 KMem Usage Peak : 2304 KPage Faults : 654Pagefile Usage : 924 KPagefile Peak Usage : 928 KFile Attributes : A====================================================================================================Process Name : cmd.exeProcessID : 3228Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Windows Command ProcessorCompany : Microsoft CorporationWindow Title : File Size : 388,608File Created Date : 26/04/2008 11:00:43 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\cmd.exeBase Address : 0x4AD00000Created On : 17/08/2008 07:21:03 صVisible Windows : 0Hidden Windows : 1User Name : SALEM-AF3E45DCF\salemMem Usage : 3304 KMem Usage Peak : 3368 KPage Faults : 943Pagefile Usage : 2160 KPagefile Peak Usage : 2236 KFile Attributes : A====================================================================================================Process Name : wmiprvse.exeProcessID : 3064Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : WMICompany : Microsoft CorporationWindow Title : File Size : 218,112File Created Date : 26/04/2008 10:51:09 صFile Modified Date : 01/09/2004 12:00:00 صFilename : C:\WINDOWS\system32\wbem\wmiprvse.exeBase Address : 0x01000000Created On : 17/08/2008 07:21:07 صVisible Windows : 0Hidden Windows : 0User Name : Mem Usage : 5968 KMem Usage Peak : 5968 KPage Faults : 1522Pagefile Usage : 6488 KPagefile Peak Usage : 6488 KFile Attributes : A====================================================================================================Process Name : autorunsc.exeProcessID : 2436Priority : NormalProduct Name : Sysinternals autorunsVersion : 9.02Description : Autostart program viewerCompany : Sysinternals -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Title : AutoRuns License AgreementFile Size : 504,872File Created Date : 17/08/2008 04:21:02 صFile Modified Date : 09/01/2008 12:32:44 مFilename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\autorunsc.exeBase Address : 0x00400000Created On : 17/08/2008 07:21:20 صVisible Windows : 1Hidden Windows : 2User Name : SALEM-AF3E45DCF\salemMem Usage : 4248 KMem Usage Peak : 4248 KPage Faults : 1087Pagefile Usage : 1088 KPagefile Peak Usage : 1088 KFile Attributes : A====================================================================================================Process Name : runn.exeProcessID : 812Priority : NormalProduct Name : Version : Description : Company : Window Title : File Size : 71,680File Created Date : 17/08/2008 04:21:02 صFile Modified Date : 31/01/2008 10:24:26 مFilename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exeBase Address : 0x00400000Created On : 17/08/2008 07:21:28 صVisible Windows : 0Hidden Windows : 0User Name : SALEM-AF3E45DCF\salemMem Usage : 2304 KMem Usage Peak : 2304 KPage Faults : 654Pagefile Usage : 924 KPagefile Peak Usage : 928 KFile Attributes : A====================================================================================================Process Name : cmd.exeProcessID : 3088Priority : NormalProduct Name : Microsoft® Windows® Operating SystemVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)Description : Windows Command ProcessorCompany : Microsoft CorporationWindow Title : File Size : 388,608File Created Date : 26/04/2008 11:00:43 صFile Modified Date : 31/08/2004 09:00:00 مFilename : C:\WINDOWS\system32\cmd.exeBase Address : 0x4AD00000Created On : 17/08/2008 07:21:28 صVisible Windows : 0Hidden Windows : 1User Name : SALEM-AF3E45DCF\salemMem Usage : 3320 KMem Usage Peak : 3384 KPage Faults : 922Pagefile Usage : 2156 KPagefile Peak Usage : 2232 KFile Attributes : A====================================================================================================Process Name : CProcess.exeProcessID : 2892Priority : NormalProduct Name : CurrProcessVersion : 1.11Description : CurrProcessCompany : NirSoftWindow Title : File Size : 35,840File Created Date : 17/08/2008 04:21:02 صFile Modified Date : 14/07/2005 04:46:34 صFilename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\CProcess.exeBase Address : 0x00400000Created On : 17/08/2008 07:21:30 صVisible Windows : 0Hidden Windows : 0User Name : SALEM-AF3E45DCF\salemMem Usage : 2288 KMem Usage Peak : 2352 KPage Faults : 954Pagefile Usage : 956 KPagefile Peak Usage : 1624 KFile Attributes : A==================================================..--------------------------\\\ End Report Of Running Processes --------------- ....--------------------------\\\ Windows XP Startup List --------------- .
 
توقيع : SALEM666
تأييد 0
انشاء الله اخي ماكس تجد حل لمشكلة البطء هذه
 
توقيع : SALEM666
تأييد 0
التقرير منسوخ بشكل خاطىء
اعد نسخه مرة ثانية
 
تأييد 0
خيرا انشاء الله
 
توقيع : SALEM666
تأييد 0
السلام عليكم

عذرا أخى الكريم ماكس لردى, فقط عانيت من تلك المشكلة سابقا. و على حسب علمى ان الملفات ليعمل الويندوز بطبيعته يجب ان تنصب فى الـ DLL cache. و ارى انها لم تُنصب صحيحا لأمر ما. عليك أخى الكريم سالم ان تعلم ان الويندوز نتيجة هذا الامر يتحقق من الملفات المحميه بواسطة النظام. الان عليك بالاتى:

[FONT=Verdana, Arial, Helvetica, sans-serif]My Computer > Tools > Folder Options > View > "ْْْX" Hide protected operating system files[/FONT]

[FONT=Verdana, Arial, Helvetica, sans-serif]لنرى الملفات المحمية بواسطة الويندوز, علامة الاكس الحمراء معناها ان تزيل علامة الصح من امام المربع. [/FONT]الان ابحث عن الملف [FONT=Verdana, Arial, Helvetica, sans-serif]I386 و استبدله من قرص الويندوز الذى لديك. فقط قبل تلك العمليه يجب اخبار الويندوز انك لا تخرب النظام ليدعك تعمل فى هدوء. ادخل تلك الاسطر من قائمة[/FONT]

[FONT=Verdana, Arial, Helvetica, sans-serif]start ثم run ثم اكتب [/FONT][FONT=Verdana, Arial, Helvetica, sans-serif]regedit[/FONT]

[FONT=Verdana, Arial, Helvetica, sans-serif]ادخل هذا السطر الان فى مربع الحوار[/FONT]

[FONT=Verdana, Arial, Helvetica, sans-serif]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\[/FONT]
[FONT=Verdana, Arial, Helvetica, sans-serif] CurrentVersion\Setup[/FONT]

[FONT=Verdana, Arial, Helvetica, sans-serif]لا تنسى ان قرص الويندوز بمشغل الاقراص. بعدها اعد تشغيل الجهاز ثم اعد الامر [/FONT][FONT=Verdana, Arial, Helvetica, sans-serif]sfc /scannow ستجد بإذن الله الويندوز كأنه جديد تماما. [/FONT]
 
توقيع : ibis
تأييد 0
شكرا للاخ Ibis على ما تكرم به لمساعدتي وسارد عليك بالنتائج لاحقا ارجو التواصل
 
توقيع : SALEM666
تأييد 0
اخي ماكس اليك هذا التقرير مره اخرى مع الشكر

.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:05:23 م, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winsersec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\sdaemon.exe
C:\WINDOWS\winwd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\autorunsc.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SDaemon] C:\WINDOWS\sdaemon.exe
O4 - HKLM\..\Run: [SWd] C:\WINDOWS\winwd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: winser - Unknown owner - C:\WINDOWS\system32\winsersec.exe
--
End of file - 8382 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 26/04/2008 11:00:09 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 18/08/2008 01:10:12 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 400 K
Mem Usage Peak : 480 K
Page Faults : 223
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 640
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 26/04/2008 11:00:24 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 18/08/2008 01:13:10 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4760 K
Mem Usage Peak : 4772 K
Page Faults : 6372
Pagefile Usage : 2208 K
Pagefile Peak Usage : 2208 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 664
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 26/04/2008 11:00:25 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3688 K
Mem Usage Peak : 12412 K
Page Faults : 6015
Pagefile Usage : 10072 K
Pagefile Peak Usage : 13404 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 708
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 26/04/2008 11:00:28 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:17 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5396 K
Mem Usage Peak : 5588 K
Page Faults : 1893
Pagefile Usage : 2484 K
Pagefile Peak Usage : 3232 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 720
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 26/04/2008 11:00:28 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:17 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1644 K
Mem Usage Peak : 6820 K
Page Faults : 8866
Pagefile Usage : 4688 K
Pagefile Peak Usage : 4936 K
File Attributes : A
==================================================
==================================================
Process Name : winsersec.exe
ProcessID : 864
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 53,248
File Created Date : 26/04/2008 11:04:38 ص
File Modified Date : 13/04/2005 10:37:34 م
Filename : C:\WINDOWS\system32\winsersec.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:13:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1552 K
Mem Usage Peak : 1552 K
Page Faults : 383
Pagefile Usage : 508 K
Pagefile Peak Usage : 508 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 876
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5180 K
Mem Usage Peak : 5232 K
Page Faults : 1437
Pagefile Usage : 5372 K
Pagefile Peak Usage : 25712 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 980
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:23 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4760 K
Mem Usage Peak : 4760 K
Page Faults : 1328
Pagefile Usage : 5600 K
Pagefile Peak Usage : 5648 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1036
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:24 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 21568 K
Mem Usage Peak : 22864 K
Page Faults : 13897
Pagefile Usage : 18836 K
Pagefile Peak Usage : 20292 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1136
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:25 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3848 K
Mem Usage Peak : 3932 K
Page Faults : 1194
Pagefile Usage : 1632 K
Pagefile Peak Usage : 1808 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1184
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:13:26 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3940 K
Mem Usage Peak : 3948 K
Page Faults : 1035
Pagefile Usage : 4464 K
Pagefile Peak Usage : 4488 K
File Attributes : A
==================================================
==================================================
Process Name : aawservice.exe
ProcessID : 1264
Priority : Normal
Product Name : Ad-Aware Service
Version : 7,1,0,12
Description : Ad-Aware Service
Company : Lavasoft
Window Title :
File Size : 611,664
File Created Date : 12/05/2008 09:38:28 ص
File Modified Date : 04/06/2008 06:26:38 م
Filename : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:13:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1656 K
Mem Usage Peak : 157404 K
Page Faults : 76166
Pagefile Usage : 16976 K
Pagefile Peak Usage : 167312 K
File Attributes : A
==================================================
==================================================
Process Name : aswUpdSv.exe
ProcessID : 1292
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : avast! Antivirus updating service
Company : ALWIL Software
Window Title :
File Size : 16,248
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 09:54:58 ص
Filename : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:13:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 264 K
Mem Usage Peak : 2020 K
Page Faults : 541
Pagefile Usage : 656 K
Pagefile Peak Usage : 656 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1468
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : hijack this
File Size : 1,033,216
File Created Date : 31/08/2004 09:00:00 م
File Modified Date : 13/06/2007 10:23:08 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 18/08/2008 01:13:39 م
Visible Windows : 3
Hidden Windows : 46
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 44064 K
Mem Usage Peak : 46036 K
Page Faults : 84061
Pagefile Usage : 46220 K
Pagefile Peak Usage : 48476 K
File Attributes : A
==================================================
==================================================
Process Name : ashServ.exe
ProcessID : 1464
Priority : High
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : avast! antivirus service
Company : ALWIL Software
Window Title :
File Size : 132,472
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 10:06:04 ص
Filename : C:\Program Files\Alwil Software\Avast4\ashServ.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:13:39 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 14548 K
Mem Usage Peak : 51728 K
Page Faults : 236656
Pagefile Usage : 29812 K
Pagefile Peak Usage : 33448 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1772
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 26/04/2008 11:00:33 ص
File Modified Date : 10/06/2005 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:14:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5480 K
Mem Usage Peak : 5516 K
Page Faults : 1953
Pagefile Usage : 6800 K
Pagefile Peak Usage : 7040 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 1812
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 94,208
File Created Date : 26/04/2008 11:03:49 ص
File Modified Date : 07/02/2006 12:39:20 ص
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:06 م
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3992 K
Mem Usage Peak : 4000 K
Page Faults : 1033
Pagefile Usage : 4016 K
Pagefile Peak Usage : 5456 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 1820
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 77,824
File Created Date : 26/04/2008 11:03:49 ص
File Modified Date : 07/02/2006 12:36:06 ص
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:07 م
Visible Windows : 0
Hidden Windows : 12
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3244 K
Mem Usage Peak : 3252 K
Page Faults : 829
Pagefile Usage : 3768 K
Pagefile Peak Usage : 3848 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 1828
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 26/04/2008 11:03:50 ص
File Modified Date : 07/02/2006 12:40:02 ص
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:07 م
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3264 K
Mem Usage Peak : 3272 K
Page Faults : 830
Pagefile Usage : 3736 K
Pagefile Peak Usage : 3764 K
File Attributes : A
==================================================
==================================================
Process Name : sdaemon.exe
ProcessID : 1836
Priority : Normal
Product Name : Tropical Software sdaemon
Version : 6.4
Description : sdaemon
Company : Tropical Software
Window Title :
File Size : 111,104
File Created Date : 18/04/2005 09:57:14 م
File Modified Date : 18/04/2005 09:57:16 م
Filename : C:\WINDOWS\sdaemon.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:08 م
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3180 K
Mem Usage Peak : 3180 K
Page Faults : 832
Pagefile Usage : 1004 K
Pagefile Peak Usage : 1004 K
File Attributes : A
==================================================
==================================================
Process Name : winwd.exe
ProcessID : 1856
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 26,624
File Created Date : 18/04/2005 09:56:41 م
File Modified Date : 18/04/2005 09:56:42 م
Filename : C:\WINDOWS\winwd.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:10 م
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2084 K
Mem Usage Peak : 2084 K
Page Faults : 534
Pagefile Usage : 572 K
Pagefile Peak Usage : 572 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 1904
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.0.4279
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 03/03/2008 04:10:03 ص
File Modified Date : 03/03/2008 04:10:04 ص
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:12 م
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 208 K
Mem Usage Peak : 3308 K
Page Faults : 8137
Pagefile Usage : 4408 K
Pagefile Peak Usage : 4432 K
File Attributes : A
==================================================
==================================================
Process Name : zyzoom.exe
ProcessID : 180
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 43
Description : AVG Anti-Spyware
Company : GRISOFT s.r.o.
Window Title :
File Size : 6,731,312
File Created Date : 06/08/2008 11:59:21 ص
File Modified Date : 03/11/2007 01:50:42 ص
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:15 م
Visible Windows : 0
Hidden Windows : 25
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 11044 K
Mem Usage Peak : 50804 K
Page Faults : 29753
Pagefile Usage : 61956 K
Pagefile Peak Usage : 63232 K
File Attributes : A
==================================================
==================================================
Process Name : ashDisp.exe
ProcessID : 196
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : avast! service GUI component
Company : ALWIL Software
Window Title :
File Size : 79,224
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 10:06:10 ص
Filename : C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:16 م
Visible Windows : 0
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2604 K
Mem Usage Peak : 6216 K
Page Faults : 13972
Pagefile Usage : 3836 K
Pagefile Peak Usage : 4696 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 224
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 2, 0, 301, 1654
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 68,856
File Created Date : 02/06/2008 07:15:19 م
File Modified Date : 02/06/2008 07:15:20 م
Filename : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:17 م
Visible Windows : 0
Hidden Windows : 4
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 1980 K
Mem Usage Peak : 6128 K
Page Faults : 2608
Pagefile Usage : 6548 K
Pagefile Peak Usage : 6564 K
File Attributes : A
==================================================
==================================================
Process Name : guard.exe
ProcessID : 236
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 22
Description : AVG Anti-Spyware guard
Company : GRISOFT s.r.o.
Window Title :
File Size : 312,880
File Created Date : 30/05/2007 12:31:10 م
File Modified Date : 30/05/2007 12:31:10 م
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:17 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 19308 K
Mem Usage Peak : 49948 K
Page Faults : 85851
Pagefile Usage : 43596 K
Pagefile Peak Usage : 51908 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 256
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 26/04/2008 11:02:09 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:18 م
Visible Windows : 0
Hidden Windows : 5
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3704 K
Mem Usage Peak : 3704 K
Page Faults : 1039
Pagefile Usage : 1556 K
Pagefile Peak Usage : 1556 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 312
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.14.3.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,610,608
File Created Date : 29/07/2008 02:07:45 م
File Modified Date : 14/08/2008 07:44:48 م
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:22 م
Visible Windows : 0
Hidden Windows : 7
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 10688 K
Mem Usage Peak : 10688 K
Page Faults : 3910
Pagefile Usage : 15912 K
Pagefile Peak Usage : 16064 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 412
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:14:32 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3484 K
Mem Usage Peak : 3492 K
Page Faults : 913
Pagefile Usage : 2832 K
Pagefile Peak Usage : 2856 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 460
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/06/2003 08:25:00 م
File Modified Date : 19/06/2003 08:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 18/08/2008 01:14:33 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3312 K
Mem Usage Peak : 3320 K
Page Faults : 880
Pagefile Usage : 3928 K
Pagefile Peak Usage : 3940 K
File Attributes : A
==================================================
==================================================
Process Name : STacSV.exe
ProcessID : 500
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5143.0 nd491 cp1
Description : STacSV Module
Company : SigmaTel, Inc.
Window Title :
File Size : 86,016
File Created Date : 26/04/2008 11:02:29 ص
File Modified Date : 27/07/2006 06:23:34 ص
Filename : C:\WINDOWS\system32\STacSV.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4128 K
Mem Usage Peak : 4140 K
Page Faults : 1093
Pagefile Usage : 5760 K
Pagefile Peak Usage : 5852 K
File Attributes : A
==================================================
==================================================
Process Name : FSCapture.exe
ProcessID : 520
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 1,123,840
File Created Date : 16/08/2008 04:18:05 م
File Modified Date : 24/05/2007 06:35:06 م
Filename : C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:14:36 م
Visible Windows : 0
Hidden Windows : 14
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 4644 K
Mem Usage Peak : 7936 K
Page Faults : 3551
Pagefile Usage : 5692 K
Pagefile Peak Usage : 5692 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 368
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 26/04/2008 11:00:31 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:14:40 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4592 K
Mem Usage Peak : 4628 K
Page Faults : 1282
Pagefile Usage : 5964 K
Pagefile Peak Usage : 6048 K
File Attributes : A
==================================================
==================================================
Process Name : ashMaiSv.exe
ProcessID : 1916
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : avast! e-Mail Scanner Service
Company : ALWIL Software
Window Title :
File Size : 243,064
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 10:05:42 ص
Filename : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:15:26 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1348 K
Mem Usage Peak : 20696 K
Page Faults : 23510
Pagefile Usage : 4152 K
Pagefile Peak Usage : 10484 K
File Attributes : A
==================================================
==================================================
Process Name : ashWebSv.exe
ProcessID : 2044
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : avast! Web Scanner
Company : ALWIL Software
Window Title :
File Size : 345,464
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 10:04:44 ص
Filename : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:15:29 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7004 K
Mem Usage Peak : 18412 K
Page Faults : 24417
Pagefile Usage : 11760 K
Pagefile Peak Usage : 14392 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 2216
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 26/04/2008 11:00:57 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 18/08/2008 01:15:32 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3852 K
Mem Usage Peak : 3868 K
Page Faults : 998
Pagefile Usage : 4200 K
Pagefile Peak Usage : 4228 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2680
Priority : Normal
Product Name : IEMonitor Application
Version : 5, 12, 8, 0
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,312
File Created Date : 29/07/2008 02:03:26 م
File Modified Date : 18/02/2008 01:01:02 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:16:21 م
Visible Windows : 0
Hidden Windows : 3
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 5240 K
Mem Usage Peak : 5240 K
Page Faults : 1572
Pagefile Usage : 4540 K
Pagefile Peak Usage : 4544 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 3044
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16674 (vista_gdr.080415-1732)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : استخدمت الامر sfc /scannow فماذا حصل؟؟؟؟ - الصفحة 5 - زيزوووم للأمن والحمايه - Microsoft Internet Explorer
File Size : 625,664
File Created Date : 02/12/2007 03:54:28 م
File Modified Date : 22/04/2008 07:40:18 ص
Filename : C:\Program Files\internet explorer\iexplore.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:20:01 م
Visible Windows : 1
Hidden Windows : 109
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 36928 K
Mem Usage Peak : 67840 K
Page Faults : 246646
Pagefile Usage : 103968 K
Pagefile Peak Usage : 108888 K
File Attributes : A
==================================================
==================================================
Process Name : ashSimpl.exe
ProcessID : 392
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 7, 1043, 0
Description : Virus scanner
Company : ALWIL Software
Window Title : avast! Simple User Interface
File Size : 157,048
File Created Date : 17/08/2008 07:08:26 م
File Modified Date : 06/09/2007 10:00:24 ص
Filename : C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
Base Address : 0x00400000
Created On : 18/08/2008 01:51:20 م
Visible Windows : 1
Hidden Windows : 6
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3192 K
Mem Usage Peak : 22428 K
Page Faults : 9049
Pagefile Usage : 16020 K
Pagefile Peak Usage : 17864 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2724
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 31/01/2008 10:24:26 م
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:04:55 م
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2320 K
Mem Usage Peak : 2320 K
Page Faults : 658
Pagefile Usage : 948 K
Pagefile Peak Usage : 952 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 1032
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 26/04/2008 11:00:43 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 18/08/2008 02:04:56 م
Visible Windows : 0
Hidden Windows : 1
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3316 K
Mem Usage Peak : 3380 K
Page Faults : 942
Pagefile Usage : 2156 K
Pagefile Peak Usage : 2232 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 3368
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 26/04/2008 10:51:09 ص
File Modified Date : 01/09/2004 12:00:00 ص
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 18/08/2008 02:05:02 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5960 K
Mem Usage Peak : 5960 K
Page Faults : 1520
Pagefile Usage : 6488 K
Pagefile Peak Usage : 6488 K
File Attributes : A
==================================================
==================================================
Process Name : autorunsc.exe
ProcessID : 3040
Priority : Normal
Product Name : Sysinternals autoruns
Version : 9.02
Description : Autostart program viewer
Company : Sysinternals -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Window Title : AutoRuns License Agreement
File Size : 504,872
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 09/01/2008 12:32:44 م
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\autorunsc.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:05:20 م
Visible Windows : 1
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 4364 K
Mem Usage Peak : 4364 K
Page Faults : 1114
Pagefile Usage : 1108 K
Pagefile Peak Usage : 1108 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3052
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 31/01/2008 10:24:26 م
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:05:21 م
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2324 K
Mem Usage Peak : 2324 K
Page Faults : 659
Pagefile Usage : 948 K
Pagefile Peak Usage : 952 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3464
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 26/04/2008 11:00:43 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 18/08/2008 02:05:21 م
Visible Windows : 0
Hidden Windows : 1
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3324 K
Mem Usage Peak : 3388 K
Page Faults : 923
Pagefile Usage : 2156 K
Pagefile Peak Usage : 2232 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2944
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 31/01/2008 10:24:26 م
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:05:21 م
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2324 K
Mem Usage Peak : 2324 K
Page Faults : 659
Pagefile Usage : 948 K
Pagefile Peak Usage : 952 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3488
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 26/04/2008 11:00:43 ص
File Modified Date : 31/08/2004 09:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 18/08/2008 02:05:21 م
Visible Windows : 0
Hidden Windows : 1
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3316 K
Mem Usage Peak : 3316 K
Page Faults : 882
Pagefile Usage : 2148 K
Pagefile Peak Usage : 2152 K
File Attributes : A
==================================================
==================================================
Process Name : HijackThis.exe
ProcessID : 1692
Priority : Normal
Product Name : HijackThis
Version : 2.00.0002
Description : HijackThis
Company : Trend Micro Inc.
Window Title : HijackThis
File Size : 1,316,152
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 28/06/2007 11:36:16 ص
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:05:21 م
Visible Windows : 2
Hidden Windows : 6
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7184 K
Mem Usage Peak : 7216 K
Page Faults : 3135
Pagefile Usage : 2316 K
Pagefile Peak Usage : 2568 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3012
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 17/08/2008 04:21:02 ص
File Modified Date : 14/07/2005 04:46:34 ص
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 18/08/2008 02:05:23 م
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2304 K
Mem Usage Peak : 2352 K
Page Faults : 994
Pagefile Usage : 956 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
 
توقيع : SALEM666
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى