مشكلة تاخر الاقلاع ومرفق تقرير الهاي جاك

  • بادئ الموضوع بادئ الموضوع SALEM666
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,138
S

SALEM666

زيزوومى محترف
إنضم
2 أغسطس 2008
المشاركات
3,966
مستوى التفاعل
37
النقاط
830
غير متصل
اخواني الاعزاء
رمضان مبارك وخواتيم مباركة
عندي مشكلة يتاخر فيها اقلاع الويندوز وخصوصا في بداية التشغيل فتظهر الشاشه فيها قليل نور موحيه بالاقلاع ثم تعود الشاشة الى السواد وتستمر هكذا حوالي 5 دقائق ثم تظهر علامة الويندوز وتتاخر ايضا على غير المعتاد ثم يظهر تقرير الفحص وهكذا على غير المعتاد
لقد قمت بفحص الجهاز بعدت ادوات منها smitfrudfix v2.339 وكذلك compo fixوايضا dial-a-fix وعملت تقرير بواسطة الهاي جاي +الاداتين المرفقة به من زيزرم
ارجو الاطلاع على التقرير والافادة عن المشكلة
ملاحظه/ التقرير عبارة عن ثلاثة تقارير 1-للهاي جاك و 2 للاداتين
مع الشكر


.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:01:49, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\internet explorer\iexplore.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
O4 - Global Startup: Watch.lnk = C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 7327 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 584
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/09/2008 06:27:56
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 400 K
Mem Usage Peak : 712 K
Page Faults : 299
Pagefile Usage : 180 K
Pagefile Peak Usage : 1688 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 632
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/09/2008 06:28:08
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4836 K
Mem Usage Peak : 4848 K
Page Faults : 11182
Pagefile Usage : 2180 K
Pagefile Peak Usage : 2248 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 656
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4268 K
Mem Usage Peak : 13100 K
Page Faults : 6133
Pagefile Usage : 9944 K
Pagefile Peak Usage : 12448 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 700
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 03/08/2004 18:56:56
File Modified Date : 03/08/2004 18:56:56
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4340 K
Mem Usage Peak : 4488 K
Page Faults : 3039
Pagefile Usage : 2428 K
Pagefile Peak Usage : 3136 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 712
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 03/08/2004 18:56:52
File Modified Date : 03/08/2004 18:56:52
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2320 K
Mem Usage Peak : 6112 K
Page Faults : 5105
Pagefile Usage : 4556 K
Pagefile Peak Usage : 4792 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 864
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:20
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5168 K
Mem Usage Peak : 5232 K
Page Faults : 1506
Pagefile Usage : 6772 K
Pagefile Peak Usage : 27084 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 944
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4604 K
Mem Usage Peak : 4840 K
Page Faults : 1449
Pagefile Usage : 5500 K
Pagefile Peak Usage : 5752 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 984
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 28352 K
Mem Usage Peak : 29148 K
Page Faults : 29816
Pagefile Usage : 23652 K
Pagefile Peak Usage : 24892 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1068
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3592 K
Mem Usage Peak : 3672 K
Page Faults : 1060
Pagefile Usage : 1516 K
Pagefile Peak Usage : 1600 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1100
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5900 K
Mem Usage Peak : 5928 K
Page Faults : 1552
Pagefile Usage : 5972 K
Pagefile Peak Usage : 6048 K
File Attributes : A
==================================================
==================================================
Process Name : aswUpdSv.exe
ProcessID : 1212
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! Antivirus updating service
Company : ALWIL Software
Window Title :
File Size : 16,056
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:25:06
Filename : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 344 K
Mem Usage Peak : 1912 K
Page Faults : 535
Pagefile Usage : 604 K
Pagefile Peak Usage : 604 K
File Attributes : A
==================================================
==================================================
Process Name : ashServ.exe
ProcessID : 1280
Priority : High
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! antivirus service
Company : ALWIL Software
Window Title :
File Size : 147,640
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:28
Filename : C:\Program Files\Alwil Software\Avast4\ashServ.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 21468 K
Mem Usage Peak : 95664 K
Page Faults : 691828
Pagefile Usage : 27844 K
Pagefile Peak Usage : 64632 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1720
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5200 K
Mem Usage Peak : 5240 K
Page Faults : 1878
Pagefile Usage : 6704 K
Pagefile Peak Usage : 6988 K
File Attributes : A
==================================================
==================================================
Process Name : ashDisp.exe
ProcessID : 1732
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! service GUI component
Company : ALWIL Software
Window Title :
File Size : 78,008
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:34
Filename : C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 9
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3964 K
Mem Usage Peak : 5388 K
Page Faults : 5450
Pagefile Usage : 4308 K
Pagefile Peak Usage : 4512 K
File Attributes : A
==================================================
==================================================
Process Name : sm56hlpr.exe
ProcessID : 1744
Priority : Normal
Product Name : Motorola SM56 Tray Application
Version : 6.09.07
Description : Motorola SM56 Win32 Utility
Company : Motorola Inc.
Window Title :
File Size : 544,768
File Created Date : 02/12/2007 19:56:49
File Modified Date : 28/12/2004 22:01:00
Filename : C:\WINDOWS\sm56hlpr.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 5
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 4160 K
Mem Usage Peak : 4204 K
Page Faults : 1103
Pagefile Usage : 1916 K
Pagefile Peak Usage : 1928 K
File Attributes : AR
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 1768
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 94,208
File Created Date : 26/04/2008 11:03:49
File Modified Date : 07/02/2006 00:39:20
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3728 K
Mem Usage Peak : 3728 K
Page Faults : 965
Pagefile Usage : 3912 K
Pagefile Peak Usage : 5324 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 1776
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 77,824
File Created Date : 26/04/2008 11:03:49
File Modified Date : 07/02/2006 00:36:06
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 12
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3020 K
Mem Usage Peak : 3028 K
Page Faults : 772
Pagefile Usage : 3640 K
Pagefile Peak Usage : 3732 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 1788
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 26/04/2008 11:03:50
File Modified Date : 07/02/2006 00:40:02
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3004 K
Mem Usage Peak : 3012 K
Page Faults : 769
Pagefile Usage : 3604 K
Pagefile Peak Usage : 3632 K
File Attributes : A
==================================================
==================================================
Process Name : sttray.exe
ProcessID : 1796
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5143.0 nd491 cp1
Description : Sigmatel Audio system tray application
Company : SigmaTel, Inc.
Window Title :
File Size : 282,624
File Created Date : 03/12/2007 13:41:11
File Modified Date : 27/07/2006 06:19:30
Filename : C:\WINDOWS\sttray.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 3
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7184 K
Mem Usage Peak : 7184 K
Page Faults : 2122
Pagefile Usage : 7192 K
Pagefile Peak Usage : 7244 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 1804
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.45
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 03/03/2008 04:10:03
File Modified Date : 27/08/2008 21:26:46
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 176 K
Mem Usage Peak : 2920 K
Page Faults : 8717
Pagefile Usage : 4252 K
Pagefile Peak Usage : 4276 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 1812
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:34
Visible Windows : 0
Hidden Windows : 5
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3628 K
Mem Usage Peak : 3648 K
Page Faults : 2087
Pagefile Usage : 1496 K
Pagefile Peak Usage : 4220 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 2028
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:35
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3292 K
Mem Usage Peak : 3300 K
Page Faults : 861
Pagefile Usage : 2768 K
Pagefile Peak Usage : 2792 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 204
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/06/2003 20:25:00
File Modified Date : 19/06/2003 20:25:00
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 25/09/2008 06:28:35
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3092 K
Mem Usage Peak : 3096 K
Page Faults : 852
Pagefile Usage : 3864 K
Pagefile Peak Usage : 3868 K
File Attributes : A
==================================================
==================================================
Process Name : STacSV.exe
ProcessID : 484
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5143.0 nd491 cp1
Description : STacSV Module
Company : SigmaTel, Inc.
Window Title :
File Size : 86,016
File Created Date : 26/04/2008 11:02:29
File Modified Date : 27/07/2006 06:23:34
Filename : C:\WINDOWS\system32\STacSV.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:36
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4004 K
Mem Usage Peak : 4016 K
Page Faults : 1056
Pagefile Usage : 5716 K
Pagefile Peak Usage : 5772 K
File Attributes :
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 508
Priority : Normal
Product Name : Messenger
Version : 9.0.1407.1107_next-working.client.messenger
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 3,739,672
File Created Date : 07/11/2007 12:34:30
File Modified Date : 07/11/2007 12:34:30
Filename : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:36
Visible Windows : 1
Hidden Windows : 21
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 6076 K
Mem Usage Peak : 25692 K
Page Faults : 11458
Pagefile Usage : 18764 K
Pagefile Peak Usage : 19124 K
File Attributes : A
==================================================
==================================================
Process Name : SUPERAntiSpyware.exe
ProcessID : 364
Priority : Normal
Product Name : SUPERAntiSpyware
Version : 4, 15, 0, 1000
Description : SUPERAntiSpyware
Company : SUPERAntiSpyware.com
Window Title :
File Size : 1,506,544
File Created Date : 25/08/2008 21:14:53
File Modified Date : 28/05/2008 07:33:34
Filename : D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:37
Visible Windows : 0
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 560 K
Mem Usage Peak : 66200 K
Page Faults : 146307
Pagefile Usage : 80400 K
Pagefile Peak Usage : 80660 K
File Attributes : A
==================================================
==================================================
Process Name : WATCH.exe
ProcessID : 544
Priority : Normal
Product Name : Watch Dog
Version : 2, 3, 8, 0
Description : Watch Dog
Company : Common Group
Window Title :
File Size : 364,544
File Created Date : 13/09/2008 19:27:12
File Modified Date : 23/11/2001 07:52:04
Filename : C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:39
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3812 K
Mem Usage Peak : 3820 K
Page Faults : 1195
Pagefile Usage : 3172 K
Pagefile Peak Usage : 3180 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1048
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:42
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4332 K
Mem Usage Peak : 4392 K
Page Faults : 1253
Pagefile Usage : 5868 K
Pagefile Peak Usage : 5956 K
File Attributes : A
==================================================
==================================================
Process Name : ashMaiSv.exe
ProcessID : 2124
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! e-Mail Scanner Service
Company : ALWIL Software
Window Title :
File Size : 250,040
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:04
Filename : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:49
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1928 K
Mem Usage Peak : 35280 K
Page Faults : 93492
Pagefile Usage : 3320 K
Pagefile Peak Usage : 18532 K
File Attributes : A
==================================================
==================================================
Process Name : ashWebSv.exe
ProcessID : 2196
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1229, 0
Description : avast! Web Scanner
Company : ALWIL Software
Window Title :
File Size : 348,344
File Created Date : 17/08/2008 19:08:26
File Modified Date : 23/07/2008 14:25:46
Filename : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:49
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7140 K
Mem Usage Peak : 38924 K
Page Faults : 43638
Pagefile Usage : 19832 K
Pagefile Peak Usage : 19832 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 2392
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 03/08/2004 18:56:48
File Modified Date : 03/08/2004 18:56:48
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:50
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3628 K
Mem Usage Peak : 3628 K
Page Faults : 936
Pagefile Usage : 4120 K
Pagefile Peak Usage : 4120 K
File Attributes : A
==================================================
==================================================
Process Name : WLLoginProxy.exe
ProcessID : 800
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 4.100.313.1
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 115,024
File Created Date : 31/08/2006 17:33:02
File Modified Date : 31/08/2006 17:33:02
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:42:33
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7472 K
Mem Usage Peak : 7472 K
Page Faults : 1975
Pagefile Usage : 7872 K
Pagefile Peak Usage : 7920 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 3116
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.14.5.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,606,512
File Created Date : 12/09/2008 10:43:26
File Modified Date : 25/09/2008 03:52:38
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:52:49
Visible Windows : 0
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2940 K
Mem Usage Peak : 9992 K
Page Faults : 6075
Pagefile Usage : 16432 K
Pagefile Peak Usage : 16500 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 1996
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 26/04/2008 10:51:09
File Modified Date : 01/09/2004 00:00:00
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:56:30
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 6912 K
Mem Usage Peak : 7204 K
Page Faults : 2323
Pagefile Usage : 6332 K
Pagefile Peak Usage : 6716 K
File Attributes : A
==================================================
==================================================
Process Name : explorer.exe
ProcessID : 2516
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : برنامج هاي جاك+اداتين
File Size : 1,032,192
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\explorer.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:58:43
Visible Windows : 3
Hidden Windows : 42
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 29672 K
Mem Usage Peak : 30096 K
Page Faults : 16019
Pagefile Usage : 35836 K
Pagefile Peak Usage : 36644 K
File Attributes : A
==================================================
==================================================
Process Name : FlashUtil9d.exe
ProcessID : 612
Priority : Normal
Product Name : Flash Player Helper
Version : 9,0,47,0
Description : Adobe Flash Player Helper 9.0 r47
Company : Adobe Systems, Inc.
Window Title : Adobe Flash Player Update
File Size : 190,696
File Created Date : 26/04/2008 11:02:51
File Modified Date : 11/06/2007 20:04:36
Filename : C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:58:51
Visible Windows : 1
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 12944 K
Mem Usage Peak : 12952 K
Page Faults : 4300
Pagefile Usage : 10416 K
Pagefile Peak Usage : 10436 K
File Attributes : AR
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2988
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : زيزوووم للأمن والحمايه - Windows Internet Explorer
File Size : 622,080
File Created Date : 02/12/2007 15:54:28
File Modified Date : 13/08/2007 15:43:56
Filename : C:\Program Files\internet explorer\iexplore.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:59:54
Visible Windows : 1
Hidden Windows : 34
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7352 K
Mem Usage Peak : 29068 K
Page Faults : 21338
Pagefile Usage : 31812 K
Pagefile Peak Usage : 31812 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3204
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/09/2008 04:01:34
File Modified Date : 31/01/2008 22:24:26
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/09/2008 07:01:34
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2080 K
Mem Usage Peak : 2084 K
Page Faults : 588
Pagefile Usage : 868 K
Pagefile Peak Usage : 872 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3172
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/09/2008 07:01:34
Visible Windows : 0
Hidden Windows : 1
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2872 K
Mem Usage Peak : 2936 K
Page Faults : 809
Pagefile Usage : 2088 K
Pagefile Peak Usage : 2164 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3108
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/09/2008 04:01:33
File Modified Date : 14/07/2005 04:46:34
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/09/2008 07:01:49
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2084 K
Mem Usage Peak : 2132 K
Page Faults : 970
Pagefile Usage : 900 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.2180
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast!
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
avast! service GUI component
ALWIL Software
4.08.1227.0000
c:\program files\alwil software\avast4\ashdisp.exe
SMSERIAL
sm56hlpr.exe
Motorola SM56 Win32 Utility
Motorola Inc.
6.09.0007.0000
c:\windows\sm56hlpr.exe
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxpers.exe
SigmatelSysTrayApp
sttray.exe
Sigmatel Audio system tray application
SigmaTel, Inc.
1.00.5143.0000
c:\windows\sttray.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0045
c:\program files\common files\real\update_ob\realsched.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
WIAWizardMenu
RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
Still Image Class Installer
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\sti_ci.dll
C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل
Watch.lnk
C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Watch.lnk
Watch Dog
Common Group
2.03.0008.0000
c:\program files\mustek 1200 ub plus\driver\watch.exe
C:\Documents and Settings\salem\Start Menu\Programs\Startup
FastStone Capture.lnk
C:\Documents and Settings\salem\Start Menu\Programs\Startup\FastStone Capture.lnk
File not found: C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.14.0005.0000
c:\program files\internet download manager\idman.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3001
c:\program files\messenger\msmsgs.exe
MsnMsgr
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
Windows Live Messenger
Microsoft Corporation
9.00.1407.1107
c:\program files\windows live\messenger\msnmsgr.exe
SUPERAntiSpyware
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
SUPERAntiSpyware
SUPERAntiSpyware.com
4.15.0000.1000
d:\downloads\superantispyware\superantispyware\superantispyware.exe
Task Scheduler
1-Click Maintenance.job
C:\Program Files\TuneUp Utilities 2008\OneClick.exe /schedulestart
TuneUp 1-Click Maintenance
TuneUp Software GmbH
7.00.7992.0228
c:\program files\tuneup utilities 2008\oneclick.exe
.
.
----------- End Report ---------------
 

توقيع : SALEM666
ترتيب حسب التاريخ ترتيب حسب الأصوات
حبذا لو يشاركنا الاخ الجنتل
 
توقيع : SALEM666
تأييد 0
اولا إبدا >> تشغيل >> واكتب
msconfig ثم انتر

روع لقائمه بدء التشغيل ,, Start Up
ثم شيل الصح من عليها كلها لاتسيب الى برامج الحمايه ثم تطبيق ثم موافق


ومن تقرير الهاي جاك احذف

C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe


 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll


 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot


 O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu


 O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\downloads\superantispyware\SUPERAntiSpyware\SUP ERAntiSpyware.exe


 O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')


 O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')


 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll


 O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)


O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




طريقة الحذف

mg%20%283%29.png


mg%20%284%29.png


ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

002.png


وشوف ,,

مافيه تحسن احذف SUPERAntiSpyware وجرب
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
Demo-dash قال:
اولا إبدا >> تشغيل >> واكتب

msconfig ثم انتر​

روع لقائمه بدء التشغيل ,, Start Up
ثم شيل الصح من عليها كلها لاتسيب الى برامج الحمايه ثم تطبيق ثم موافق​



وشوف ,,​

مافيه تحسن احذف SUPERAntiSpyware وجرب
أنقر للتوسيع...

بارك الله فيك اخي
 
توقيع : SALEM666
تأييد 0
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
اخي ديمو لقد عملت ماقلت لي وظهرت هذه الرسالتين

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : SALEM666
تأييد 0
الامر الاخر لاحظت بطء شديد في الاغلاق اكثر من المعقول لحيث واظطر الى غاق الجهاز اجباري
 
توقيع : SALEM666
تأييد 0
الامر الثالث هاك تقرير الهاي جاك الجديد

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:37:11, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\FSCapture.exe
C:\Program Files\internet explorer\iexplore.exe
D:\downloads\hijack this\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [SDaemon] C:\WINDOWS\sdaemon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\SpeedItUpFree\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
O4 - Global Startup: Watch.lnk = C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 6352 bytes
 
توقيع : SALEM666
تأييد 0
نعم اخي في تحسن نوعا ما ولكن المشكلة قائمة وكذلك مشكة تاخر الاغلاق ايضا
 
توقيع : SALEM666
تأييد 0
اخوي التقرير مافيه الاقيمة واحده وماهي مؤثرة

بس ياليت تشوف هالبرنامج واحذفه AVG Anti-Spywar

واحذف هالقيمة

O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)

واحذف البرنامج اللي قال عليه ديمو وعطنا تقرير لاقرب متابع
 
توقيع : البارون
تأييد 0
عذرا على التاخر

البارون قال:
اخوي التقرير مافيه الاقيمة واحده وماهي مؤثرة

بس ياليت تشوف هالبرنامج واحذفه AVG Anti-Spywar

واحذف هالقيمة

O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)

واحذف البرنامج اللي قال عليه ديمو وعطنا تقرير لاقرب متابع
أنقر للتوسيع...


:ok:

اهم برنامج الان تحذفه هو هذا
AVG Anti-Spywar
مثل ماجال البارون جزاه الله خير , هو رسالتين الخطا تظهر منه , وهي بسيطه ان شاء الله لاتشيل هم
بعد ماتحذفه احذف هذي القيمه اذا كانت لاتزال متواجده

O4 - HKLM\..\Run: [SDaemon] C:\WINDOWS\sdaemon.exe

واحذف اي برنامج انتي سبايوير <غير الأفج اذا كان فيه

ثم استخدم هالاداه الي قد استخدمتها اول الناليه


رابط تحميل آخر تحديث للاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



شرح الاستخدام ,,,,,,
قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

000.png





001.png





002.png





003.png





004.png





005.png

quot-bot-left.gif

quot-bot-right.gif

ثم ابدا >> تشغيل والصق هذا الأمر

secpol.msc

ثم اذهب الى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثم كليك يمن ثم تعطيل ,, من شأنها تسرع ايقاف التشغيل


نزل هالاداة لتنظيف الجهاز​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


zyzoom-3c0e283670.gif



وبشرنا


 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
اخواني كلما عملت خطوه لاصلاح المشكلة ظهرت مشكلة اخرى
فعند عمل الخطوات السابقة تم اعادة تشغيل الجهاز وعند ظهور تقرير الفحص DISK CHICKING فانه يتوقف ولا تظهر نسبة الفحص ويتوقف التقرير
الامر الاخر عندما كتبت الامر المذكور اعلاه من ابدا التشغيل ظهرت هذه الرسالة ادناه وعند الظغط على موافق ظهرت القائمة مختلفة عما في الصورة اعلاه فماذا افعل


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : SALEM666
تأييد 0
اما تقرير الفحص عندما عملته في البرنامج اعلاه فهو كالتالي

.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:01:49, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\internet explorer\iexplore.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
O4 - Global Startup: Watch.lnk = C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: الدليل - {46012075-ED62-464b-9554-AD0BEC35D1EC} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 7327 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 584
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/09/2008 06:27:56
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 400 K
Mem Usage Peak : 712 K
Page Faults : 299
Pagefile Usage : 180 K
Pagefile Peak Usage : 1688 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 632
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/09/2008 06:28:08
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4836 K
Mem Usage Peak : 4848 K
Page Faults : 11182
Pagefile Usage : 2180 K
Pagefile Peak Usage : 2248 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 656
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4268 K
Mem Usage Peak : 13100 K
Page Faults : 6133
Pagefile Usage : 9944 K
Pagefile Peak Usage : 12448 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 700
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 03/08/2004 18:56:56
File Modified Date : 03/08/2004 18:56:56
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4340 K
Mem Usage Peak : 4488 K
Page Faults : 3039
Pagefile Usage : 2428 K
Pagefile Peak Usage : 3136 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 712
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 03/08/2004 18:56:52
File Modified Date : 03/08/2004 18:56:52
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:19
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2320 K
Mem Usage Peak : 6112 K
Page Faults : 5105
Pagefile Usage : 4556 K
Pagefile Peak Usage : 4792 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 864
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:20
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5168 K
Mem Usage Peak : 5232 K
Page Faults : 1506
Pagefile Usage : 6772 K
Pagefile Peak Usage : 27084 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 944
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4604 K
Mem Usage Peak : 4840 K
Page Faults : 1449
Pagefile Usage : 5500 K
Pagefile Peak Usage : 5752 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 984
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 28352 K
Mem Usage Peak : 29148 K
Page Faults : 29816
Pagefile Usage : 23652 K
Pagefile Peak Usage : 24892 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1068
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:21
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3592 K
Mem Usage Peak : 3672 K
Page Faults : 1060
Pagefile Usage : 1516 K
Pagefile Peak Usage : 1600 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1100
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5900 K
Mem Usage Peak : 5928 K
Page Faults : 1552
Pagefile Usage : 5972 K
Pagefile Peak Usage : 6048 K
File Attributes : A
==================================================
==================================================
Process Name : aswUpdSv.exe
ProcessID : 1212
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! Antivirus updating service
Company : ALWIL Software
Window Title :
File Size : 16,056
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:25:06
Filename : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 344 K
Mem Usage Peak : 1912 K
Page Faults : 535
Pagefile Usage : 604 K
Pagefile Peak Usage : 604 K
File Attributes : A
==================================================
==================================================
Process Name : ashServ.exe
ProcessID : 1280
Priority : High
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! antivirus service
Company : ALWIL Software
Window Title :
File Size : 147,640
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:28
Filename : C:\Program Files\Alwil Software\Avast4\ashServ.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:22
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 21468 K
Mem Usage Peak : 95664 K
Page Faults : 691828
Pagefile Usage : 27844 K
Pagefile Peak Usage : 64632 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1720
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5200 K
Mem Usage Peak : 5240 K
Page Faults : 1878
Pagefile Usage : 6704 K
Pagefile Peak Usage : 6988 K
File Attributes : A
==================================================
==================================================
Process Name : ashDisp.exe
ProcessID : 1732
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! service GUI component
Company : ALWIL Software
Window Title :
File Size : 78,008
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:34
Filename : C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 9
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3964 K
Mem Usage Peak : 5388 K
Page Faults : 5450
Pagefile Usage : 4308 K
Pagefile Peak Usage : 4512 K
File Attributes : A
==================================================
==================================================
Process Name : sm56hlpr.exe
ProcessID : 1744
Priority : Normal
Product Name : Motorola SM56 Tray Application
Version : 6.09.07
Description : Motorola SM56 Win32 Utility
Company : Motorola Inc.
Window Title :
File Size : 544,768
File Created Date : 02/12/2007 19:56:49
File Modified Date : 28/12/2004 22:01:00
Filename : C:\WINDOWS\sm56hlpr.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 5
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 4160 K
Mem Usage Peak : 4204 K
Page Faults : 1103
Pagefile Usage : 1916 K
Pagefile Peak Usage : 1928 K
File Attributes : AR
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 1768
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 94,208
File Created Date : 26/04/2008 11:03:49
File Modified Date : 07/02/2006 00:39:20
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3728 K
Mem Usage Peak : 3728 K
Page Faults : 965
Pagefile Usage : 3912 K
Pagefile Peak Usage : 5324 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 1776
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 77,824
File Created Date : 26/04/2008 11:03:49
File Modified Date : 07/02/2006 00:36:06
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 12
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3020 K
Mem Usage Peak : 3028 K
Page Faults : 772
Pagefile Usage : 3640 K
Pagefile Peak Usage : 3732 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 1788
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 26/04/2008 11:03:50
File Modified Date : 07/02/2006 00:40:02
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3004 K
Mem Usage Peak : 3012 K
Page Faults : 769
Pagefile Usage : 3604 K
Pagefile Peak Usage : 3632 K
File Attributes : A
==================================================
==================================================
Process Name : sttray.exe
ProcessID : 1796
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5143.0 nd491 cp1
Description : Sigmatel Audio system tray application
Company : SigmaTel, Inc.
Window Title :
File Size : 282,624
File Created Date : 03/12/2007 13:41:11
File Modified Date : 27/07/2006 06:19:30
Filename : C:\WINDOWS\sttray.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 3
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7184 K
Mem Usage Peak : 7184 K
Page Faults : 2122
Pagefile Usage : 7192 K
Pagefile Peak Usage : 7244 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 1804
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.45
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 03/03/2008 04:10:03
File Modified Date : 27/08/2008 21:26:46
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:33
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 176 K
Mem Usage Peak : 2920 K
Page Faults : 8717
Pagefile Usage : 4252 K
Pagefile Peak Usage : 4276 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 1812
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:34
Visible Windows : 0
Hidden Windows : 5
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3628 K
Mem Usage Peak : 3648 K
Page Faults : 2087
Pagefile Usage : 1496 K
Pagefile Peak Usage : 4220 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 2028
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:35
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3292 K
Mem Usage Peak : 3300 K
Page Faults : 861
Pagefile Usage : 2768 K
Pagefile Peak Usage : 2792 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 204
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/06/2003 20:25:00
File Modified Date : 19/06/2003 20:25:00
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 25/09/2008 06:28:35
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3092 K
Mem Usage Peak : 3096 K
Page Faults : 852
Pagefile Usage : 3864 K
Pagefile Peak Usage : 3868 K
File Attributes : A
==================================================
==================================================
Process Name : STacSV.exe
ProcessID : 484
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5143.0 nd491 cp1
Description : STacSV Module
Company : SigmaTel, Inc.
Window Title :
File Size : 86,016
File Created Date : 26/04/2008 11:02:29
File Modified Date : 27/07/2006 06:23:34
Filename : C:\WINDOWS\system32\STacSV.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:36
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4004 K
Mem Usage Peak : 4016 K
Page Faults : 1056
Pagefile Usage : 5716 K
Pagefile Peak Usage : 5772 K
File Attributes :
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 508
Priority : Normal
Product Name : Messenger
Version : 9.0.1407.1107_next-working.client.messenger
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 3,739,672
File Created Date : 07/11/2007 12:34:30
File Modified Date : 07/11/2007 12:34:30
Filename : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:36
Visible Windows : 1
Hidden Windows : 21
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 6076 K
Mem Usage Peak : 25692 K
Page Faults : 11458
Pagefile Usage : 18764 K
Pagefile Peak Usage : 19124 K
File Attributes : A
==================================================
==================================================
Process Name : SUPERAntiSpyware.exe
ProcessID : 364
Priority : Normal
Product Name : SUPERAntiSpyware
Version : 4, 15, 0, 1000
Description : SUPERAntiSpyware
Company : SUPERAntiSpyware.com
Window Title :
File Size : 1,506,544
File Created Date : 25/08/2008 21:14:53
File Modified Date : 28/05/2008 07:33:34
Filename : D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:37
Visible Windows : 0
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 560 K
Mem Usage Peak : 66200 K
Page Faults : 146307
Pagefile Usage : 80400 K
Pagefile Peak Usage : 80660 K
File Attributes : A
==================================================
==================================================
Process Name : WATCH.exe
ProcessID : 544
Priority : Normal
Product Name : Watch Dog
Version : 2, 3, 8, 0
Description : Watch Dog
Company : Common Group
Window Title :
File Size : 364,544
File Created Date : 13/09/2008 19:27:12
File Modified Date : 23/11/2001 07:52:04
Filename : C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:39
Visible Windows : 0
Hidden Windows : 2
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 3812 K
Mem Usage Peak : 3820 K
Page Faults : 1195
Pagefile Usage : 3172 K
Pagefile Peak Usage : 3180 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1048
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 03/08/2004 18:56:58
File Modified Date : 03/08/2004 18:56:58
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:42
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4332 K
Mem Usage Peak : 4392 K
Page Faults : 1253
Pagefile Usage : 5868 K
Pagefile Peak Usage : 5956 K
File Attributes : A
==================================================
==================================================
Process Name : ashMaiSv.exe
ProcessID : 2124
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1227, 0
Description : avast! e-Mail Scanner Service
Company : ALWIL Software
Window Title :
File Size : 250,040
File Created Date : 17/08/2008 19:08:26
File Modified Date : 19/07/2008 14:38:04
Filename : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:49
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1928 K
Mem Usage Peak : 35280 K
Page Faults : 93492
Pagefile Usage : 3320 K
Pagefile Peak Usage : 18532 K
File Attributes : A
==================================================
==================================================
Process Name : ashWebSv.exe
ProcessID : 2196
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1229, 0
Description : avast! Web Scanner
Company : ALWIL Software
Window Title :
File Size : 348,344
File Created Date : 17/08/2008 19:08:26
File Modified Date : 23/07/2008 14:25:46
Filename : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:28:49
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7140 K
Mem Usage Peak : 38924 K
Page Faults : 43638
Pagefile Usage : 19832 K
Pagefile Peak Usage : 19832 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 2392
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 03/08/2004 18:56:48
File Modified Date : 03/08/2004 18:56:48
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:28:50
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3628 K
Mem Usage Peak : 3628 K
Page Faults : 936
Pagefile Usage : 4120 K
Pagefile Peak Usage : 4120 K
File Attributes : A
==================================================
==================================================
Process Name : WLLoginProxy.exe
ProcessID : 800
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 4.100.313.1
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 115,024
File Created Date : 31/08/2006 17:33:02
File Modified Date : 31/08/2006 17:33:02
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:42:33
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7472 K
Mem Usage Peak : 7472 K
Page Faults : 1975
Pagefile Usage : 7872 K
Pagefile Peak Usage : 7920 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 3116
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.14.5.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,606,512
File Created Date : 12/09/2008 10:43:26
File Modified Date : 25/09/2008 03:52:38
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:52:49
Visible Windows : 0
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2940 K
Mem Usage Peak : 9992 K
Page Faults : 6075
Pagefile Usage : 16432 K
Pagefile Peak Usage : 16500 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 1996
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 26/04/2008 10:51:09
File Modified Date : 01/09/2004 00:00:00
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:56:30
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 6912 K
Mem Usage Peak : 7204 K
Page Faults : 2323
Pagefile Usage : 6332 K
Pagefile Peak Usage : 6716 K
File Attributes : A
==================================================
==================================================
Process Name : explorer.exe
ProcessID : 2516
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : برنامج هاي جاك+اداتين
File Size : 1,032,192
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\explorer.exe
Base Address : 0x01000000
Created On : 25/09/2008 06:58:43
Visible Windows : 3
Hidden Windows : 42
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 29672 K
Mem Usage Peak : 30096 K
Page Faults : 16019
Pagefile Usage : 35836 K
Pagefile Peak Usage : 36644 K
File Attributes : A
==================================================
==================================================
Process Name : FlashUtil9d.exe
ProcessID : 612
Priority : Normal
Product Name : Flash Player Helper
Version : 9,0,47,0
Description : Adobe Flash Player Helper 9.0 r47
Company : Adobe Systems, Inc.
Window Title : Adobe Flash Player Update
File Size : 190,696
File Created Date : 26/04/2008 11:02:51
File Modified Date : 11/06/2007 20:04:36
Filename : C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:58:51
Visible Windows : 1
Hidden Windows : 8
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 12944 K
Mem Usage Peak : 12952 K
Page Faults : 4300
Pagefile Usage : 10416 K
Pagefile Peak Usage : 10436 K
File Attributes : AR
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2988
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : زيزوووم للأمن والحمايه - Windows Internet Explorer
File Size : 622,080
File Created Date : 02/12/2007 15:54:28
File Modified Date : 13/08/2007 15:43:56
Filename : C:\Program Files\internet explorer\iexplore.exe
Base Address : 0x00400000
Created On : 25/09/2008 06:59:54
Visible Windows : 1
Hidden Windows : 34
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 7352 K
Mem Usage Peak : 29068 K
Page Faults : 21338
Pagefile Usage : 31812 K
Pagefile Peak Usage : 31812 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3204
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/09/2008 04:01:34
File Modified Date : 31/01/2008 22:24:26
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/09/2008 07:01:34
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2080 K
Mem Usage Peak : 2084 K
Page Faults : 588
Pagefile Usage : 868 K
Pagefile Peak Usage : 872 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3172
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 03/08/2004 18:56:50
File Modified Date : 03/08/2004 18:56:50
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/09/2008 07:01:34
Visible Windows : 0
Hidden Windows : 1
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2872 K
Mem Usage Peak : 2936 K
Page Faults : 809
Pagefile Usage : 2088 K
Pagefile Peak Usage : 2164 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3108
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/09/2008 04:01:33
File Modified Date : 14/07/2005 04:46:34
Filename : C:\DOCUME~1\salem\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/09/2008 07:01:49
Visible Windows : 0
Hidden Windows : 0
User Name : SALEM-AF3E45DCF\salem
Mem Usage : 2084 K
Mem Usage Peak : 2132 K
Page Faults : 970
Pagefile Usage : 900 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.2180
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast!
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
avast! service GUI component
ALWIL Software
4.08.1227.0000
c:\program files\alwil software\avast4\ashdisp.exe
SMSERIAL
sm56hlpr.exe
Motorola SM56 Win32 Utility
Motorola Inc.
6.09.0007.0000
c:\windows\sm56hlpr.exe
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxpers.exe
SigmatelSysTrayApp
sttray.exe
Sigmatel Audio system tray application
SigmaTel, Inc.
1.00.5143.0000
c:\windows\sttray.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0045
c:\program files\common files\real\update_ob\realsched.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
WIAWizardMenu
RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
Still Image Class Installer
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\sti_ci.dll
C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل
Watch.lnk
C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Watch.lnk
Watch Dog
Common Group
2.03.0008.0000
c:\program files\mustek 1200 ub plus\driver\watch.exe
C:\Documents and Settings\salem\Start Menu\Programs\Startup
FastStone Capture.lnk
C:\Documents and Settings\salem\Start Menu\Programs\Startup\FastStone Capture.lnk
File not found: C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.14.0005.0000
c:\program files\internet download manager\idman.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3001
c:\program files\messenger\msmsgs.exe
MsnMsgr
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
Windows Live Messenger
Microsoft Corporation
9.00.1407.1107
c:\program files\windows live\messenger\msnmsgr.exe
SUPERAntiSpyware
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
SUPERAntiSpyware
SUPERAntiSpyware.com
4.15.0000.1000
d:\downloads\superantispyware\superantispyware\superantispyware.exe
Task Scheduler
1-Click Maintenance.job
C:\Program Files\TuneUp Utilities 2008\OneClick.exe /schedulestart
TuneUp 1-Click Maintenance
TuneUp Software GmbH
7.00.7992.0228
c:\program files\tuneup utilities 2008\oneclick.exe
.
.
----------- End Report ---------------
 
توقيع : SALEM666
تأييد 0
اخي ارجو مراجعة الردود اعلاه لكي تلاحظ كيف تسير العملية مع الشكر
 
توقيع : SALEM666
تأييد 0
وهذا تقرير آخر تقرير هاي جاك ما النتيجة مع الشكر

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:30 ص, on 26/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\SpeedItUpFree\SpeedItUp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
D:\downloads\superantispyware\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\downloads\hijack this\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\SpeedItUpFree\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Documents and Settings\salem\Local Settings\temp\FSCapture.exe
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: الدليل السريع - C:\WINDOWS\ww80.html
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {46012076-ED62-464b-9554-AD0BEC35D1EC} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E261E728-650D-487B-B2E4-8E7A4934ADD5}: NameServer = 65.162.184.33 65.162.184.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5801 bytes
 
توقيع : SALEM666
تأييد 0
الله المستعان مافي رد حتى الان لحل المشكلة!!!!

ارجو من يخبرالاخ الجنتل بهذه المشكلة للتواصل وحلها وساكون له شاكرا
 
توقيع : SALEM666
تأييد 0
من عنده مشاركة لحل هذه المشكلة ارجو ان يراجع الردود السابقة في الموضوع لكي تكون عنده فكره كاملة عن المشكلة
 
توقيع : SALEM666
تأييد 0
ارجو ممن يبدا بحل اي مشكلة ان يتابع حلها الى النهاية والا لا يعلق الناس في محاولات غير مكتملة
 
توقيع : SALEM666
تأييد 0
الله المستعان مافي حلول لهذه المشكلة
 
توقيع : SALEM666
تأييد 0
هل من يفهم في حل هذه المشكلة؟؟؟
 
توقيع : SALEM666
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى