الحالة
مغلق و غير مفتوح للمزيد من الردود.

ضياء مبارك

زيزوومي جديد
إنضم
2 أكتوبر 2007
المشاركات
65
مستوى التفاعل
17
النقاط
90
غير متصل
السلام عليكم

اخواني لدي هذي المشكله كل ما ابحث عن الفيروسات يظهر هذا الفيروس واعمل له دليت وما يروح ويضل يطلع
وتم ارفاق صوره ويا ليت الحل

virous.jpg

اسمه File C:\sccfg.sys
 

وعليكم السلاام ورحمة الله وبركاته
حمل الاداة ذي ,, وافحص جهازك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
عملت بحث بلأداة اللي عطيتني اياها وهذي الصوره

Untitled-1.jpg
 
طيب جرب هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعتقد ان هذا من ملفات النظام ولكنه تالف ولكن سأتأكد اولاً
 
السلام عليكم دبل كليك على الايقونة (المثلث الاصفر ) ثم ارفع صورة
 
اخوي شسويله الرابط اللي حاطه محذوف المرفق
 
اخ شسويله والاخ boob77 عملت مثل ما بيغيتو بس ما يقبل انا نسخت اللي ضهر بالعموم شوفها برد رقم 3
 
اخي الكريم حمل هذه الاداة
اغلق جميع البرامج وبعدين دبل كلك على الاداة فيظهر لك تقرير
انسخه والصقه بردك القادم
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
السلام عليكم
بعد اذن الاخوان :)
شنو نظامك اخوي ؟؟

لأن فيه اداه تشيله ان شاءالله
 
اخي شسويله هذا التقرير والاخ الثاني نظامي اكس بي بروفيشنال


==================================================
Process Name : smss.exe
ProcessID : 976
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 27/09/28 05:50:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 728 K
Mem Usage Peak : 728 K
Page Faults : 380
Pagefile Usage : 180 K
Pagefile Peak Usage : 1688 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1096
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 27/09/28 05:50:47 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5996 K
Mem Usage Peak : 7236 K
Page Faults : 96347
Pagefile Usage : 1896 K
Pagefile Peak Usage : 6460 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1124
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6324 K
Mem Usage Peak : 14596 K
Page Faults : 8077
Pagefile Usage : 8168 K
Pagefile Peak Usage : 8884 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1168
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:50 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7236 K
Mem Usage Peak : 15312 K
Page Faults : 14567
Pagefile Usage : 4048 K
Pagefile Peak Usage : 6716 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1180
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:50 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1872 K
Mem Usage Peak : 7080 K
Page Faults : 19232
Pagefile Usage : 4252 K
Pagefile Peak Usage : 4320 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1360
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6148 K
Mem Usage Peak : 6188 K
Page Faults : 1858
Pagefile Usage : 3516 K
Pagefile Peak Usage : 23712 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1416
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5452 K
Mem Usage Peak : 5452 K
Page Faults : 1549
Pagefile Usage : 2424 K
Pagefile Peak Usage : 2424 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1616
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 40336 K
Mem Usage Peak : 45624 K
Page Faults : 89792
Pagefile Usage : 26380 K
Pagefile Peak Usage : 31600 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1660
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4056 K
Mem Usage Peak : 4088 K
Page Faults : 1144
Pagefile Usage : 2628 K
Pagefile Peak Usage : 2664 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1772
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:53 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3928 K
Mem Usage Peak : 4036 K
Page Faults : 1995
Pagefile Usage : 1592 K
Pagefile Peak Usage : 1720 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1872
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:53 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 8832 K
Mem Usage Peak : 8916 K
Page Faults : 6530
Pagefile Usage : 6196 K
Pagefile Peak Usage : 6476 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 344
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 03/05/26 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 27/09/28 05:50:55 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 12224 K
Mem Usage Peak : 41692 K
Page Faults : 119703
Pagefile Usage : 8152 K
Pagefile Peak Usage : 43392 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 588
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Programs
File Size : 1,033,216
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 27/05/28 10:23:07 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 27/09/28 05:50:56 م
Visible Windows : 3
Hidden Windows : 45
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 26804 K
Mem Usage Peak : 46556 K
Page Faults : 204207
Pagefile Usage : 32628 K
Pagefile Peak Usage : 32756 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 748
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 27/09/28 05:51:00 م
Visible Windows : 0
Hidden Windows : 3
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 3952 K
Mem Usage Peak : 3952 K
Page Faults : 1058
Pagefile Usage : 2428 K
Pagefile Peak Usage : 2428 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 776
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.0.4083
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,632
File Created Date : 06/09/28 01:40:41 م
File Modified Date : 06/09/28 01:40:41 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:01 م
Visible Windows : 0
Hidden Windows : 2
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 220 K
Mem Usage Peak : 3208 K
Page Faults : 72351
Pagefile Usage : 1204 K
Pagefile Peak Usage : 1220 K
File Attributes : A
==================================================
==================================================
Process Name : HPWuSchd2.exe
ProcessID : 784
Priority : Normal
Product Name : hp digital imaging
Version : 61.0.163.000
Description : Hewlett-Packard Product Assistant
Company : Hewlett-Packard Development Company, L.P.
Window Title :
File Size : 49,152
File Created Date : 14/11/26 08:18:50 ص
File Modified Date : 14/11/26 08:18:50 ص
Filename : C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:01 م
Visible Windows : 0
Hidden Windows : 2
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 2556 K
Mem Usage Peak : 2556 K
Page Faults : 693
Pagefile Usage : 776 K
Pagefile Peak Usage : 776 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 928
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 12/06/28 09:51:38 ص
File Modified Date : 12/06/28 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:03 م
Visible Windows : 0
Hidden Windows : 6
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 6860 K
Mem Usage Peak : 9356 K
Page Faults : 7777
Pagefile Usage : 5932 K
Pagefile Peak Usage : 6868 K
File Attributes : A
==================================================
==================================================
Process Name : atchksrv.exe
ProcessID : 1080
Priority : Normal
Product Name : atchksrv
Version : 2, 0, 0, 5
Description : Displays state of Intel® Active Management Technology.
Company : Intel Corporation
Window Title :
File Size : 183,064
File Created Date : 06/09/28 01:26:43 م
File Modified Date : 12/05/28 01:14:08 م
Filename : C:\Program Files\Intel\AMT\atchksrv.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2080 K
Mem Usage Peak : 2080 K
Page Faults : 566
Pagefile Usage : 1672 K
Pagefile Peak Usage : 1672 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1244
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 12/06/28 09:51:38 ص
File Modified Date : 12/06/28 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 13756 K
Mem Usage Peak : 58576 K
Page Faults : 2649067
Pagefile Usage : 49516 K
Pagefile Peak Usage : 79548 K
File Attributes : A
==================================================
==================================================
Process Name : mDNSResponder.exe
ProcessID : 1336
Priority : Normal
Product Name : Bonjour
Version : 1,0,3,1
Description : Bonjour Service
Company : Apple Computer, Inc.
Window Title :
File Size : 229,376
File Created Date : 29/01/27 09:42:38 ص
File Modified Date : 29/01/27 09:42:38 ص
Filename : C:\Program Files\Bonjour\mDNSResponder.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3788 K
Mem Usage Peak : 4240 K
Page Faults : 1156
Pagefile Usage : 1232 K
Pagefile Peak Usage : 2400 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1468
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3772 K
Mem Usage Peak : 3772 K
Page Faults : 1017
Pagefile Usage : 2424 K
Pagefile Peak Usage : 2424 K
File Attributes : A
==================================================
==================================================
Process Name : LMS.exe
ProcessID : 1504
Priority : Normal
Product Name : Intel(R) Active Management Technology Local Manageability Service
Version : 2.1.2.1028
Description : Local Manageability Service
Company : Intel
Window Title :
File Size : 105,240
File Created Date : 06/09/28 01:26:43 م
File Modified Date : 12/05/28 01:14:02 م
Filename : C:\Program Files\Intel\AMT\LMS.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2604 K
Mem Usage Peak : 2604 K
Page Faults : 705
Pagefile Usage : 1816 K
Pagefile Peak Usage : 1836 K
File Attributes : A
==================================================
==================================================
Process Name : nvsvc32.exe
ProcessID : 1828
Priority : Normal
Product Name : NVIDIA Driver Helper Service, Version 101.02
Version : 6.14.11.0102
Description : NVIDIA Driver Helper Service, Version 101.02
Company : NVIDIA Corporation
Window Title :
File Size : 163,908
File Created Date : 08/03/28 07:26:32 ص
File Modified Date : 08/03/28 07:26:32 ص
Filename : C:\WINDOWS\system32\nvsvc32.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4688 K
Mem Usage Peak : 5496 K
Page Faults : 3217
Pagefile Usage : 2804 K
Pagefile Peak Usage : 3552 K
File Attributes : A
==================================================
==================================================
Process Name : HPZipm12.exe
ProcessID : 1880
Priority : Normal
Product Name : HP PML
Version : 10, 1, 1, 2
Description : PML Driver
Company : HP
Window Title :
File Size : 69,632
File Created Date : 06/09/28 05:03:42 م
File Modified Date : 03/02/26 09:05:02 ص
Filename : C:\WINDOWS\system32\HPZipm12.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:05 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2036 K
Mem Usage Peak : 2036 K
Page Faults : 556
Pagefile Usage : 676 K
Pagefile Peak Usage : 676 K
File Attributes : A
==================================================
==================================================
Process Name : RichVideo.exe
ProcessID : 1936
Priority : Normal
Product Name : RichVideo Module
Version : 1.1.0808
Description : RichVideo Module
Company :
Window Title :
File Size : 171,040
File Created Date : 16/09/28 04:56:24 م
File Modified Date : 18/12/27 07:39:44 م
Filename : C:\Program Files\CyberLink\Shared Files\RichVideo.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:06 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3236 K
Mem Usage Peak : 3248 K
Page Faults : 855
Pagefile Usage : 1000 K
Pagefile Peak Usage : 1024 K
File Attributes : A
==================================================
==================================================
Process Name : STacSV.exe
ProcessID : 2036
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5511.0 nd595 cp1
Description : STacSV Module
Company : SigmaTel, Inc.
Window Title :
File Size : 94,208
File Created Date : 07/09/28 04:41:34 م
File Modified Date : 18/04/28 02:11:36 م
Filename : C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:06 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4500 K
Mem Usage Peak : 4508 K
Page Faults : 1237
Pagefile Usage : 3008 K
Pagefile Peak Usage : 3076 K
File Attributes :
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:51:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5544 K
Mem Usage Peak : 6604 K
Page Faults : 2747
Pagefile Usage : 2788 K
Pagefile Peak Usage : 3936 K
File Attributes : A
==================================================
==================================================
Process Name : sttray.exe
ProcessID : 372
Priority : Normal
Product Name : C-Major Audio
Version : 1.0.5511.0 nd595 cp1
Description : Sigmatel Audio system tray application
Company : SigmaTel, Inc.
Window Title :
File Size : 405,504
File Created Date : 07/09/28 04:42:15 م
File Modified Date : 18/04/28 02:10:44 م
Filename : C:\WINDOWS\sttray.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:10 م
Visible Windows : 0
Hidden Windows : 3
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 9924 K
Mem Usage Peak : 9924 K
Page Faults : 3094
Pagefile Usage : 5464 K
Pagefile Peak Usage : 7672 K
File Attributes : A
==================================================
==================================================
Process Name : LaunchApplication.exe
ProcessID : 1576
Priority : Normal
Product Name : PC Suite
Version : 6, 84, 78, 3
Description : PC Suite
Company : Nokia
Window Title :
File Size : 271,360
File Created Date : 02/06/28 12:10:32 م
File Modified Date : 02/06/28 12:10:32 م
Filename : C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:12 م
Visible Windows : 0
Hidden Windows : 7
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 18180 K
Mem Usage Peak : 18212 K
Page Faults : 10130
Pagefile Usage : 9992 K
Pagefile Peak Usage : 13160 K
File Attributes : A
==================================================
==================================================
Process Name : PDVDServ.exe
ProcessID : 1592
Priority : Normal
Product Name : PowerDVD
Version : 7.00.2406
Description : PowerDVD RC Service
Company : Cyberlink Corp.
Window Title :
File Size : 68,640
File Created Date : 18/12/27 07:26:08 م
File Modified Date : 18/12/27 07:26:08 م
Filename : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:12 م
Visible Windows : 0
Hidden Windows : 3
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 3508 K
Mem Usage Peak : 3508 K
Page Faults : 945
Pagefile Usage : 996 K
Pagefile Peak Usage : 1024 K
File Attributes :
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 1476
Priority : Normal
Product Name : Java(TM) Platform SE 6 U2
Version : 6.0.20.6
Description : Java(TM) Platform SE binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 132,496
File Created Date : 26/09/28 01:29:35 م
File Modified Date : 26/06/28 01:00:36 ص
Filename : C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 7076 K
Mem Usage Peak : 7168 K
Page Faults : 2082
Pagefile Usage : 2184 K
Pagefile Peak Usage : 2288 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 1712
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:13 م
Visible Windows : 0
Hidden Windows : 5
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 3632 K
Mem Usage Peak : 3632 K
Page Faults : 1345
Pagefile Usage : 1040 K
Pagefile Peak Usage : 1044 K
File Attributes : A
==================================================
==================================================
Process Name : ServiceLayer.exe
ProcessID : 2740
Priority : Normal
Product Name : PC Connectivity Solution
Version : 6, 84, 83, 3
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 300,544
File Created Date : 29/05/28 01:55:00 م
File Modified Date : 29/05/28 01:55:00 م
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:21 م
Visible Windows : 0
Hidden Windows : 4
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 13972 K
Mem Usage Peak : 14140 K
Page Faults : 597637
Pagefile Usage : 9492 K
Pagefile Peak Usage : 9688 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 3032
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 27/09/28 05:51:22 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3944 K
Mem Usage Peak : 3960 K
Page Faults : 1050
Pagefile Usage : 1340 K
Pagefile Peak Usage : 1368 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 3228
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 12/06/28 09:51:38 ص
File Modified Date : 12/06/28 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 27/09/28 05:51:22 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7272 K
Mem Usage Peak : 7736 K
Page Faults : 5808
Pagefile Usage : 10716 K
Pagefile Peak Usage : 11032 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 692
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 27/09/28 05:51:32 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4064 K
Mem Usage Peak : 4072 K
Page Faults : 1074
Pagefile Usage : 1940 K
Pagefile Peak Usage : 1964 K
File Attributes : A
==================================================
==================================================
Process Name : uTorrent.exe
ProcessID : 3168
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 219,952
File Created Date : 06/09/28 03:17:08 م
File Modified Date : 06/09/28 03:17:08 م
Filename : C:\Program Files\uTorrent\uTorrent.exe
Base Address : 0x00400000
Created On : 27/09/28 05:52:27 م
Visible Windows : 0
Hidden Windows : 7
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 7492 K
Mem Usage Peak : 17024 K
Page Faults : 142287
Pagefile Usage : 16708 K
Pagefile Peak Usage : 20136 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 3872
Priority : Normal
Product Name : IEMonitor Application
Version : 3, 0, 0, 1
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,576
File Created Date : 19/09/28 12:22:03 م
File Modified Date : 01/02/28 02:53:52 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 28/09/28 02:57:54 ص
Visible Windows : 0
Hidden Windows : 3
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 5528 K
Mem Usage Peak : 5536 K
Page Faults : 1707
Pagefile Usage : 1952 K
Pagefile Peak Usage : 1968 K
File Attributes : A
==================================================
==================================================
Process Name : wudfhost.exe
ProcessID : 1964
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.5730.0 (winmain.060915-1845)
Description : Windows Driver Foundation - User-mode Driver Framework Host Process
Company : Microsoft Corporation
Window Title :
File Size : 142,848
File Created Date : 05/09/27 03:56:38 م
File Modified Date : 21/08/27 08:30:06 م
Filename : C:\WINDOWS\System32\wudfhost.exe
Base Address : 0x01000000
Created On : 28/09/28 11:08:59 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 7904 K
Mem Usage Peak : 8216 K
Page Faults : 2306
Pagefile Usage : 4564 K
Pagefile Peak Usage : 4992 K
File Attributes :
==================================================
==================================================
Process Name : opms_sw.exe
ProcessID : 3552
Priority : Normal
Product Name : Oxygen Phone Manager
Version : 2.16.0.10
Description : Oxygen Phone Manager II for Symbian OS phones
Company : Oxygen Software
Window Title : Oxygen Phone Manager II for Symbian phones - Trial version
File Size : 4,449,792
File Created Date : 27/09/28 12:15:53 م
File Modified Date : 07/09/28 11:28:08 م
Filename : C:\Program Files\Oxygen Software\SymbianOPM\opms_sw.exe
Base Address : 0x00400000
Created On : 28/09/28 11:09:43 ص
Visible Windows : 1
Hidden Windows : 91
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 5112 K
Mem Usage Peak : 48184 K
Page Faults : 161612
Pagefile Usage : 40420 K
Pagefile Peak Usage : 47232 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2872
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16512 (vista_gdr.070625-1522)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : ما الحل لهذا الفيروس ارجو المساعده - زيزوووم للأمن والحمايه - Microsoft Internet Explorer
File Size : 625,152
File Created Date : 06/09/28 12:53:24 م
File Modified Date : 11/06/28 08:27:30 ص
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 28/09/28 11:22:07 ص
Visible Windows : 1
Hidden Windows : 32
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 30752 K
Mem Usage Peak : 31168 K
Page Faults : 37650
Pagefile Usage : 43648 K
Pagefile Peak Usage : 45312 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 1224
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16512 (vista_gdr.070625-1522)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : طريقة نقل الأسماء والرسائل من جوال الى اخر ببرنامج Oxygen شرح كامل مع الصور - لهفة الشوق ، منتد - Microsoft Internet Explorer
File Size : 625,152
File Created Date : 06/09/28 12:53:24 م
File Modified Date : 11/06/28 08:27:30 ص
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 28/09/28 11:22:41 ص
Visible Windows : 1
Hidden Windows : 33
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 36848 K
Mem Usage Peak : 36880 K
Page Faults : 27077
Pagefile Usage : 47008 K
Pagefile Peak Usage : 47200 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 240
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.11.7
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,553,264
File Created Date : 19/09/28 12:22:12 م
File Modified Date : 16/09/28 03:05:38 م
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 28/09/28 11:24:35 ص
Visible Windows : 0
Hidden Windows : 7
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 12920 K
Mem Usage Peak : 13244 K
Page Faults : 4301
Pagefile Usage : 6052 K
Pagefile Peak Usage : 6384 K
File Attributes : A
==================================================
==================================================
Process Name : run.exe
ProcessID : 1344
Priority : Normal
Product Name :
Version : 0. 0.
Description :
Company :
Window Title :
File Size : 132,254
File Created Date : 28/09/28 08:24:58 ص
File Modified Date : 21/09/28 07:52:46 م
Filename : C:\DOCUME~1\DHAYA\LOCALS~1\Temp\cpr\run.exe
Base Address : 0x00400000
Created On : 28/09/28 11:25:49 ص
Visible Windows : 0
Hidden Windows : 0
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 2548 K
Mem Usage Peak : 2556 K
Page Faults : 744
Pagefile Usage : 824 K
Pagefile Peak Usage : 916 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 816
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 17/06/25 12:00:00 م
File Modified Date : 17/06/25 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 28/09/28 11:25:49 ص
Visible Windows : 0
Hidden Windows : 1
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 2876 K
Mem Usage Peak : 2888 K
Page Faults : 780
Pagefile Usage : 2156 K
Pagefile Peak Usage : 2160 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 1388
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 28/09/28 08:24:58 ص
File Modified Date : 07/06/26 04:46:34 ص
Filename : C:\DOCUME~1\DHAYA\LOCALS~1\Temp\cpr\CProcess.exe
Base Address : 0x00400000
Created On : 28/09/28 11:25:49 ص
Visible Windows : 0
Hidden Windows : 0
User Name : DHAYA-ACF6355F3\DHAYA
Mem Usage : 2532 K
Mem Usage Peak : 2592 K
Page Faults : 1214
Pagefile Usage : 1068 K
Pagefile Peak Usage : 1148 K
File Attributes : A
==================================================
 
السلام عليكم

حمل هذا البرنامج وضعه على سطح المكتب واغلق كل شي واضغط على
do system scan and save log
لحظات سيظهر لك تقرير في النوت باد انسخ التقرير والصقه في الرد القادم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
اخي الكريم التقرير السابق سليم
سوي تقرير مشرفنا (تقرير هايجاك)
 
السلام عليكم

حمل هذا البرنامج وضعه على سطح المكتب واغلق كل شي واضغط على
do system scan and save log
لحظات سيظهر لك تقرير في النوت باد انسخ التقرير والصقه في الرد القادم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Logfile of HijackThis v1.99.1
Scan saved at 9:32:54 PM, on 10/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\DHAYA\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.80;8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Shortcut] "C:\Program Files\CyberLink\PowerDVD\\.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: E?E - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
 
غريبة التقرير سليم

ولاحظت عندك اسباي وير دكتور واكيد عمبت فحص ولا امسكه

على كل حال جرب هالطرق وان شاء الله احدها يضبط

اول شي ودي اسالك انت مثبت برنامج اسمه folder lock ??
+++++++++++++++++

اول شي اظهر الملفات المخفية

لوحة التحكم +خيارات المجلد+ادوات +اختر عرض او اظهار الملفات المخفية

الحلول 1- نزل هذه الاداة وهي خاصة لحذف الروكيت وقاعدة بياناتها يوجد اسم الملف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثانيا افحص جهازك من هالموقع وايضا اسم التروجان موجود في قاعدة بيانات البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثالثا نزل هالاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واحذف هذه الملفات

c:\sccfg.sys
C:\WINNT\system32\suppdll.dll
C:\WINNT\system32\87E37FA660.sys


طريقة الحذف
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


اخيرا نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


دبل كليك واختر

Select All

Empty Selected
____________________

عذرا على الاطالة ولكن حبيت اعطيك كل الحلول الي اعرفها

بالتوفيق
 
نعم اخوي برنامج folder lock مثبت عموما يعطيك الف عافيه جاري تطبيق اللي شرحتها وسوف اوافيك بكل شي
 
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى