أداة SmitfraudFix _ لفحص وتنظيف الجهاز من الدعايات المزعجه ( شرح بالصور )

سيف الغلا · 8 يناير 2008

مشكور اخوي العزيز
الدعايات مجننتني
استخدمت الاداه لكن ترجع حين اشغل الجهاز في اليوم الثاني
اي كل يوم اشغل الجهاز اقوم بتنظيفة بالاداه
فية حل انها تروح نهاياً اشرحلي لوسمحت

علي عبد الستار · 8 يناير 2008

السلام عليكم

يسلمو على هذه الاداة والله فعلا محتاج هذه الاداة

السلام عليكم

أبو رهيم · 26 يناير 2008

ماشاء الله تبارك الله
الله يقويك أخوي تركي
مدرسة في الحماية الله يحميك ..

sdook · 31 يناير 2008

مشكور ورحم الله والديك

أسير&الشعر · 2 فبراير 2008

هذا التقرير الي طلع معاي..

SmitFraudFix v2.278
Scan done at 20:55:33.14, Sat 02/02/2008
Run from C:\Documents and Settings\N a W a F\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
Error while deleting D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll.

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix.exe by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Intel(R) PRO/Wireless 2200BG Network Connection - Kaspersky Anti-Virus NDIS Miniport
DNS Server Search Order: 192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS2\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

والله يعطيك العافيه يبو عتب

والله يرحم موتاك وموتى المسلمين..

سلام

زيزوووم · 2 فبراير 2008

يا هلا وغلا بالجميع
اسعدني جدا تواجدكم وردودكم الجميلة
تحيه من القلب للجميع

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

من متى هذا :blusnuphing::blusnuphing:
كل العذر اخوي على التأخير ,,

التقرير سليم :iconmju30:

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

ويجزاك خير ويبارك فيك

وجد عندك ملفات ضاره وتم حذفها

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

هلااا فيك اخي العزيز

التحذير بوجود ملف خطر وليس "فايروس"

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

هلااا فيك ,, وعذرا على التأخير

اعمل هذا التقرير ,, اذا مازلت تعاني من المشكله :blbyeh:

طيب اعمل تقرير هايجاك
حمل هذا الملف وشغله ,, لحظات يظهر لك تقرير
انسخه والصقه بردك القادم

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

ووالديك وجميع المسلمين

عندك ملف وما استطاعة الاداة من حذفه

اعمل تقرير هايجاك
حمل هذا الملف وشغله ,, لحظات يظهر لك تقرير
انسخه والصقه بردك القادم

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

أسير&الشعر · 2 فبراير 2008

.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:07 م, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\LG Software\On Screen Display\Hotkey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\TorCP\torcp.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
C:\WINDOWS\zpitsp.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\lg_swupdate\tmcheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.37.63.11:80
F2 - REG:system.ini: Shell=Explorer.exe c:\windows\Autorun.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\icom accelerator\components\NOWImaging.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [lrrpfgcp] C:\WINDOWS\lrrpfgcp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [InkMonitor] C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: gce.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &BitSpirit حمله باستخدام
- C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: أضافة إلى مضاد الأعلان - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
--
End of file - 9992 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 960
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/01/1429 08:38:00 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 428 K
Mem Usage Peak : 668 K
Page Faults : 292
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1016
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/01/1429 08:38:03 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5464 K
Mem Usage Peak : 5660 K
Page Faults : 9805
Pagefile Usage : 2068 K
Pagefile Peak Usage : 2164 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1040
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4180 K
Mem Usage Peak : 16352 K
Page Faults : 9416
Pagefile Usage : 6616 K
Pagefile Peak Usage : 8648 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1084
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4020 K
Mem Usage Peak : 4024 K
Page Faults : 3008
Pagefile Usage : 1908 K
Pagefile Peak Usage : 2020 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1096
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1620 K
Mem Usage Peak : 7348 K
Page Faults : 6820
Pagefile Usage : 4440 K
Pagefile Peak Usage : 4472 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1252
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:05 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5560 K
Mem Usage Peak : 5612 K
Page Faults : 1623
Pagefile Usage : 3284 K
Pagefile Peak Usage : 23396 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1332
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:06 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4920 K
Mem Usage Peak : 4924 K
Page Faults : 1419
Pagefile Usage : 2176 K
Pagefile Peak Usage : 2320 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1380
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:06 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 40080 K
Mem Usage Peak : 133616 K
Page Faults : 218135
Pagefile Usage : 27932 K
Pagefile Peak Usage : 122020 K
File Attributes : A
==================================================
==================================================
Process Name : StyleXPService.exe
ProcessID : 1408
Priority : Normal
Product Name : StyleXPService Module
Version : 0, 20, 0, 3000
Description : StyleXPService Module
Company :
Window Title :
File Size : 372,736
File Created Date : 26/04/1427 06:31:06 م
File Modified Date : 26/04/1427 06:31:06 م
Filename : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:06 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3700 K
Mem Usage Peak : 4164 K
Page Faults : 203620
Pagefile Usage : 1128 K
Pagefile Peak Usage : 1356 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1580
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:06 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3784 K
Mem Usage Peak : 3904 K
Page Faults : 1137
Pagefile Usage : 1472 K
Pagefile Peak Usage : 1612 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1652
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:07 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 9932 K
Mem Usage Peak : 9976 K
Page Faults : 6824
Pagefile Usage : 6884 K
Pagefile Peak Usage : 6960 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 288
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6196 K
Mem Usage Peak : 6212 K
Page Faults : 1804
Pagefile Usage : 3864 K
Pagefile Peak Usage : 4016 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 404
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 23388 K
Mem Usage Peak : 83936 K
Page Faults : 438757
Pagefile Usage : 50292 K
Pagefile Peak Usage : 115600 K
File Attributes : A
==================================================
==================================================
Process Name : BTNtService.exe
ProcessID : 436
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 110,592
File Created Date : 16/03/1428 11:36:21 م
File Modified Date : 27/02/1426 11:03:28 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2776 K
Mem Usage Peak : 2776 K
Page Faults : 774
Pagefile Usage : 1916 K
Pagefile Peak Usage : 1964 K
File Attributes : A
==================================================
==================================================
Process Name : DUMeterSvc.exe
ProcessID : 464
Priority : Normal
Product Name : DU Meter
Version : 4.0 Build R3009
Description : DU Meter Service
Company : Hagel Technologies Ltd
Window Title :
File Size : 1,382,672
File Created Date : 18/01/1429 09:15:37 م
File Modified Date : 04/10/1428 12:19:38 م
Filename : C:\Program Files\DU Meter\DUMeterSvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7052 K
Mem Usage Peak : 7052 K
Page Faults : 4317
Pagefile Usage : 7248 K
Pagefile Peak Usage : 8408 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 612
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3788 K
Mem Usage Peak : 3796 K
Page Faults : 1005
Pagefile Usage : 1716 K
Pagefile Peak Usage : 1740 K
File Attributes : A
==================================================
==================================================
Process Name : WMPNetwk.exe
ProcessID : 108
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.5721.5145 (WMP_11.061018-2006)
Description : خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 909,312
File Created Date : 11/11/1427 07:03:38 م
File Modified Date : 11/11/1427 07:03:38 م
Filename : C:\Program Files\Windows Media Player\WMPNetwk.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:10 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 26200 K
Mem Usage Peak : 26208 K
Page Faults : 10494
Pagefile Usage : 10556 K
Pagefile Peak Usage : 10624 K
File Attributes :
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1992
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:13 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3864 K
Mem Usage Peak : 3872 K
Page Faults : 1032
Pagefile Usage : 1292 K
Pagefile Peak Usage : 1316 K
File Attributes : A
==================================================
==================================================
Process Name : SynTPLpr.exe
ProcessID : 2424
Priority : Normal
Product Name : Synaptics Pointing Device Driver
Version : 7.12.9.4 14Feb05
Description : TouchPad Driver Helper Application
Company : Synaptics, Inc.
Window Title :
File Size : 98,396
File Created Date : 11/03/1428 10:05:53 ص
File Modified Date : 06/01/1426 08:59:12 ص
Filename : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3588 K
Mem Usage Peak : 3648 K
Page Faults : 1065
Pagefile Usage : 1036 K
Pagefile Peak Usage : 1072 K
File Attributes : A
==================================================
==================================================
Process Name : SynTPEnh.exe
ProcessID : 2432
Priority : Normal
Product Name : Synaptics Pointing Device Driver
Version : 7.12.9.4 14Feb05
Description : Synaptics TouchPad Enhancements
Company : Synaptics, Inc.
Window Title :
File Size : 667,740
File Created Date : 11/03/1428 10:05:52 ص
File Modified Date : 06/01/1426 08:58:10 ص
Filename : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 1
Hidden Windows : 7
User Name : NAWAF\N a W a F
Mem Usage : 5412 K
Mem Usage Peak : 5412 K
Page Faults : 1576
Pagefile Usage : 1756 K
Pagefile Peak Usage : 1772 K
File Attributes : A
==================================================
==================================================
Process Name : batterymiser.exe
ProcessID : 2440
Priority : Normal
Product Name : Battery Miser
Version : 3, 37, 0, 0
Description : Battery Miser
Company : LG Electronics Inc.
Window Title :
File Size : 335,872
File Created Date : 11/03/1428 10:14:16 ص
File Modified Date : 06/05/1427 12:54:34 ص
Filename : C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 4488 K
Mem Usage Peak : 5288 K
Page Faults : 6003
Pagefile Usage : 2816 K
Pagefile Peak Usage : 2880 K
File Attributes : A
==================================================
==================================================
Process Name : Hotkey.exe
ProcessID : 2448
Priority : Normal
Product Name : HotKey
Version : 1, 0, 0, 0
Description : HotKey
Company : LG Electronics
Window Title :
File Size : 86,016
File Created Date : 11/03/1428 10:14:42 ص
File Modified Date : 19/05/1426 02:09:56 ص
Filename : C:\Program Files\LG Software\On Screen Display\Hotkey.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 5
User Name : NAWAF\N a W a F
Mem Usage : 6244 K
Mem Usage Peak : 6296 K
Page Faults : 1869
Pagefile Usage : 3004 K
Pagefile Peak Usage : 3880 K
File Attributes : A
==================================================
==================================================
Process Name : AGRSMMSG.exe
ProcessID : 2464
Priority : Normal
Product Name : Agere SoftModem Messaging Applet
Version : 2.1.47.8 2.1.47.8 11/09/2004 17:19:25
Description : SoftModem Messaging Applet
Company : Agere Systems
Window Title :
File Size : 88,358
File Created Date : 11/03/1428 02:04:42 م
File Modified Date : 27/09/1425 08:19:26 ص
Filename : C:\WINDOWS\AGRSMMSG.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3520 K
Mem Usage Peak : 3576 K
Page Faults : 1029
Pagefile Usage : 996 K
Pagefile Peak Usage : 996 K
File Attributes : AR
==================================================
==================================================
Process Name : RunDll32.exe
ProcessID : 2472
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\RunDll32.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 5428 K
Mem Usage Peak : 5500 K
Page Faults : 4211
Pagefile Usage : 2860 K
Pagefile Peak Usage : 2864 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 2488
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 77,824
File Created Date : 11/03/1428 09:55:02 ص
File Modified Date : 09/01/1427 11:36:06 م
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 12
User Name : NAWAF\N a W a F
Mem Usage : 3712 K
Mem Usage Peak : 3780 K
Page Faults : 1045
Pagefile Usage : 912 K
Pagefile Peak Usage : 976 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 2496
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 09/01/1427 11:40:02 م
File Modified Date : 09/01/1427 11:40:02 م
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3684 K
Mem Usage Peak : 3756 K
Page Faults : 1025
Pagefile Usage : 880 K
Pagefile Peak Usage : 896 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 2504
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:15 م
Visible Windows : 0
Hidden Windows : 8
User Name : NAWAF\N a W a F
Mem Usage : 3484 K
Mem Usage Peak : 9688 K
Page Faults : 13678
Pagefile Usage : 7508 K
Pagefile Peak Usage : 7636 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 2560
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.0.3760
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 29/09/1428 03:29:59 م
File Modified Date : 29/09/1428 03:29:59 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 192 K
Mem Usage Peak : 3396 K
Page Faults : 17055
Pagefile Usage : 1232 K
Pagefile Peak Usage : 1240 K
File Attributes : A
==================================================
==================================================
Process Name : IP Operator 2005.exe
ProcessID : 2568
Priority : Normal
Product Name : IPO3 ?? ????
Version : 1, 0, 0, 1
Description : IPO3 MFC ?? ????
Company :
Window Title :
File Size : 1,028,096
File Created Date : 11/03/1428 10:14:54 ص
File Modified Date : 11/05/1426 08:02:44 م
Filename : C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 16
User Name : NAWAF\N a W a F
Mem Usage : 7224 K
Mem Usage Peak : 7352 K
Page Faults : 1974
Pagefile Usage : 2860 K
Pagefile Peak Usage : 2860 K
File Attributes : A
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 2576
Priority : Normal
Product Name : Java(TM) Platform SE 6 U3
Version : 6.0.30.5
Description : Java(TM) Platform SE binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 132,496
File Created Date : 23/10/1428 10:59:03 م
File Modified Date : 13/09/1428 10:11:35 م
Filename : C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2684 K
Mem Usage Peak : 2684 K
Page Faults : 716
Pagefile Usage : 872 K
Pagefile Peak Usage : 872 K
File Attributes : A
==================================================
==================================================
Process Name : hpztsb09.exe
ProcessID : 2584
Priority : Normal
Product Name : HP DeskJet
Version : 2.236.4.0
Description :
Company : HP
Window Title :
File Size : 176,128
File Created Date : 27/11/1428 10:26:23 م
File Modified Date : 05/07/1424 11:42:50 ص
Filename : C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3748 K
Mem Usage Peak : 3876 K
Page Faults : 1322
Pagefile Usage : 1140 K
Pagefile Peak Usage : 1272 K
File Attributes : A
==================================================
==================================================
Process Name : HPWuSchd.exe
ProcessID : 2592
Priority : Normal
Product Name : Hewlett-Packard hpwuSchd
Version : 1, 0, 0, 2
Description : hpwuSchd
Company : Hewlett-Packard
Window Title :
File Size : 49,152
File Created Date : 25/04/1424 08:24:48 ص
File Modified Date : 25/04/1424 08:24:48 ص
Filename : C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3200 K
Mem Usage Peak : 3264 K
Page Faults : 920
Pagefile Usage : 824 K
Pagefile Peak Usage : 824 K
File Attributes : A
==================================================
==================================================
Process Name : hpcmpmgr.exe
ProcessID : 2600
Priority : Normal
Product Name : hp coretech (COmponent REuse TECHnology)
Version : 2.1.1
Description : HP Framework Component Manager Service
Company : Hewlett-Packard Company
Window Title :
File Size : 233,472
File Created Date : 27/08/1424 04:51:18 م
File Modified Date : 27/08/1424 04:51:18 م
Filename : C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 9076 K
Mem Usage Peak : 9188 K
Page Faults : 2773
Pagefile Usage : 4980 K
Pagefile Peak Usage : 5876 K
File Attributes : A
==================================================
==================================================
Process Name : hpotdd01.exe
ProcessID : 2608
Priority : Normal
Product Name : Hewlett-Packard hpotdd01
Version : 1, 0, 0, 1
Description : hpotdd01
Company : Hewlett-Packard
Window Title :
File Size : 229,437
File Created Date : 20/03/1424 03:37:08 م
File Modified Date : 20/03/1424 03:37:08 م
Filename : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 5052 K
Mem Usage Peak : 5116 K
Page Faults : 2006
Pagefile Usage : 1544 K
Pagefile Peak Usage : 1544 K
File Attributes : A
==================================================
==================================================
Process Name : InkMonitor.exe
ProcessID : 2616
Priority : Normal
Product Name : InkMonitor Application
Version : 2.1.2
Description : InkMonitor
Company :
Window Title :
File Size : 143,360
File Created Date : 02/01/1422 07:29:46 م
File Modified Date : 02/01/1422 07:29:46 م
Filename : C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 4040 K
Mem Usage Peak : 4104 K
Page Faults : 1136
Pagefile Usage : 972 K
Pagefile Peak Usage : 972 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 2624
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 5
User Name : NAWAF\N a W a F
Mem Usage : 3980 K
Mem Usage Peak : 4072 K
Page Faults : 1393
Pagefile Usage : 1044 K
Pagefile Peak Usage : 1056 K
File Attributes : A
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 2632
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,674,352
File Created Date : 01/01/1428 08:55:14 م
File Modified Date : 01/01/1428 08:55:14 م
Filename : C:\Program Files\MSN Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 1
Hidden Windows : 40
User Name : NAWAF\N a W a F
Mem Usage : 23968 K
Mem Usage Peak : 47992 K
Page Faults : 76297
Pagefile Usage : 41392 K
Pagefile Peak Usage : 45484 K
File Attributes : A
==================================================
==================================================
Process Name : torcp.exe
ProcessID : 2648
Priority : Normal
Product Name : TorCP
Version : 0.0.4
Description : Tor Control Panel
Company : Matt Edman
Window Title :
File Size : 225,280
File Created Date : 11/11/1426 07:51:36 م
File Modified Date : 11/11/1426 07:51:36 م
Filename : C:\Program Files\TorCP\torcp.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 6
User Name : NAWAF\N a W a F
Mem Usage : 5032 K
Mem Usage Peak : 5132 K
Page Faults : 350193
Pagefile Usage : 1128 K
Pagefile Peak Usage : 1192 K
File Attributes : A
==================================================
==================================================
Process Name : StyleXP.exe
ProcessID : 2656
Priority : Normal
Product Name : StyleXP Application
Version : 0, 30, 19, 0
Description : StyleXP Application
Company :
Window Title :
File Size : 1,372,160
File Created Date : 26/04/1427 06:31:39 م
File Modified Date : 26/04/1427 06:31:39 م
Filename : C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 15856 K
Mem Usage Peak : 16040 K
Page Faults : 9659
Pagefile Usage : 11664 K
Pagefile Peak Usage : 15728 K
File Attributes : A
==================================================
==================================================
Process Name : WMPNSCFG.exe
ProcessID : 2672
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.5721.5145 (WMP_11.061018-2006)
Description : ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 204,288
File Created Date : 11/11/1427 07:03:46 م
File Modified Date : 11/11/1427 07:03:46 م
Filename : C:\Program Files\Windows Media Player\WMPNSCFG.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 4788 K
Mem Usage Peak : 4848 K
Page Faults : 1330
Pagefile Usage : 1288 K
Pagefile Peak Usage : 1304 K
File Attributes :
==================================================
==================================================
Process Name : DUMeter.exe
ProcessID : 2680
Priority : Normal
Product Name : DU Meter
Version : 4.0 Build R3009
Description : DU Meter Monitor
Company : Hagel Technologies Ltd
Window Title : DU Meter
File Size : 2,582,288
File Created Date : 18/01/1429 09:15:36 م
File Modified Date : 04/10/1428 12:19:36 م
Filename : C:\Program Files\DU Meter\DUMeter.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 1
Hidden Windows : 11
User Name : NAWAF\N a W a F
Mem Usage : 6284 K
Mem Usage Peak : 7900 K
Page Faults : 6418
Pagefile Usage : 4740 K
Pagefile Peak Usage : 5732 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 2752
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.12.6.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,577,840
File Created Date : 15/01/1429 01:06:25 م
File Modified Date : 25/01/1429 05:35:58 م
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 7
User Name : NAWAF\N a W a F
Mem Usage : 16772 K
Mem Usage Peak : 17952 K
Page Faults : 10062
Pagefile Usage : 6952 K
Pagefile Peak Usage : 8276 K
File Attributes : A
==================================================
==================================================
Process Name : BlueSoleil.exe
ProcessID : 2780
Priority : Normal
Product Name : BlueSoleil
Version : 1, 6, 1, 4
Description : Bluetooth Application
Company : IVT Corporation
Window Title :
File Size : 1,183,744
File Created Date : 16/03/1428 11:36:15 م
File Modified Date : 29/04/1426 08:23:08 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 8
User Name : NAWAF\N a W a F
Mem Usage : 11920 K
Mem Usage Peak : 12020 K
Page Faults : 4355
Pagefile Usage : 6684 K
Pagefile Peak Usage : 6692 K
File Attributes : A
==================================================
==================================================
Process Name : gce.exe
ProcessID : 2788
Priority : Normal
Product Name : gce
Version : 5.00
Description :
Company : Leithauser Research
Window Title : Clock Guard Enforcer
File Size : 30,720
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 07:02:08 م
Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 1
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 4528 K
Mem Usage Peak : 4528 K
Page Faults : 1243
Pagefile Usage : 1136 K
Pagefile Peak Usage : 1140 K
File Attributes : A
==================================================
==================================================
Process Name : WZQKPICK.EXE
ProcessID : 2836
Priority : Normal
Product Name : WinZip
Version : 1.0 (32-bit)
Description : WinZip Executable
Company : WinZip Computing, S.L.
Window Title :
File Size : 394,856
File Created Date : 21/11/1428 08:10:00 ص
File Modified Date : 21/11/1428 08:10:00 ص
Filename : C:\Program Files\WinZip\WZQKPICK.EXE
Base Address : 0x00400000
Created On : 25/01/1429 08:38:16 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3784 K
Mem Usage Peak : 3868 K
Page Faults : 1076
Pagefile Usage : 872 K
Pagefile Peak Usage : 872 K
File Attributes : AR
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 904
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 11/03/1428 07:02:08 ص
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 08:38:24 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5884 K
Mem Usage Peak : 6068 K
Page Faults : 2319
Pagefile Usage : 2036 K
Pagefile Peak Usage : 3092 K
File Attributes : A
==================================================
==================================================
Process Name : gce.exe
ProcessID : 1880
Priority : Normal
Product Name : gce
Version : 5.00
Description :
Company : Leithauser Research
Window Title : wsgc
File Size : 30,720
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 07:02:08 م
Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:25 م
Visible Windows : 1
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 4276 K
Mem Usage Peak : 4280 K
Page Faults : 1166
Pagefile Usage : 1132 K
Pagefile Peak Usage : 1136 K
File Attributes : A
==================================================
==================================================
Process Name : zpitsp.exe
ProcessID : 1908
Priority : Normal
Product Name : WatcherCG
Version : 1.01
Description :
Company : Leithauser Research
Window Title : ctgpp
File Size : 13,312
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 06:43:56 م
Filename : C:\WINDOWS\zpitsp.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:25 م
Visible Windows : 1
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 4288 K
Mem Usage Peak : 4356 K
Page Faults : 1235
Pagefile Usage : 1172 K
Pagefile Peak Usage : 1176 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2940
Priority : Normal
Product Name : IEMonitor Application
Version : 3, 0, 0, 1
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,576
File Created Date : 15/01/1429 01:06:20 م
File Modified Date : 02/02/1428 02:53:52 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:38:53 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 6468 K
Mem Usage Peak : 6540 K
Page Faults : 4119
Pagefile Usage : 3120 K
Pagefile Peak Usage : 3244 K
File Attributes : A
==================================================
==================================================
Process Name : tmcheck.exe
ProcessID : 2084
Priority : Normal
Product Name : LG Intelligent Update
Version : 1.00
Description :
Company : CST
Window Title :
File Size : 20,480
File Created Date : 11/03/1428 09:51:18 ص
File Modified Date : 12/11/1425 11:46:54 م
Filename : C:\Program Files\lg_swupdate\tmcheck.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:40:29 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 3928 K
Mem Usage Peak : 3984 K
Page Faults : 1085
Pagefile Usage : 1076 K
Pagefile Peak Usage : 1076 K
File Attributes : A
==================================================
==================================================
Process Name : usnsvc.exe
ProcessID : 2296
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger Sharing USN Journal Reader Service
Company : Microsoft Corporation
Window Title :
File Size : 97,136
File Created Date : 01/01/1428 08:54:14 م
File Modified Date : 01/01/1428 08:54:14 م
Filename : C:\Program Files\MSN Messenger\usnsvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:40:46 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2816 K
Mem Usage Peak : 2816 K
Page Faults : 765
Pagefile Usage : 980 K
Pagefile Peak Usage : 980 K
File Attributes : A
==================================================
==================================================
Process Name : explorer.exe
ProcessID : 3064
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,033,216
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\explorer.exe
Base Address : 0x01000000
Created On : 25/01/1429 09:01:29 م
Visible Windows : 2
Hidden Windows : 30
User Name : NAWAF\N a W a F
Mem Usage : 24196 K
Mem Usage Peak : 26212 K
Page Faults : 31739
Pagefile Usage : 16248 K
Pagefile Peak Usage : 18660 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 3712
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : أداة SmitfraudFix _ لفحص وتنظيف الجهاز من الدعايات المزعجه ( شرح بالصور ) - الصفحة 3 - زيزوووم - Microsoft Internet Explorer
File Size : 93,184
File Created Date : 11/03/1428 07:04:12 ص
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 25/01/1429 09:11:31 م
Visible Windows : 4
Hidden Windows : 65
User Name : NAWAF\N a W a F
Mem Usage : 63880 K
Mem Usage Peak : 66484 K
Page Faults : 48443
Pagefile Usage : 46428 K
Pagefile Peak Usage : 49480 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 836
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 09:20:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4504 K
Mem Usage Peak : 4524 K
Page Faults : 1251
Pagefile Usage : 2640 K
Pagefile Peak Usage : 2756 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3956
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 06:39:58 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 09:39:58 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2520 K
Mem Usage Peak : 2532 K
Page Faults : 736
Pagefile Usage : 824 K
Pagefile Peak Usage : 928 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2368
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 09:39:58 م
Visible Windows : 0
Hidden Windows : 1
User Name : NAWAF\N a W a F
Mem Usage : 3048 K
Mem Usage Peak : 3112 K
Page Faults : 886
Pagefile Usage : 2156 K
Pagefile Peak Usage : 2232 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 1496
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 11/03/1428 07:02:08 ص
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 09:40:00 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5796 K
Mem Usage Peak : 5796 K
Page Faults : 1507
Pagefile Usage : 3016 K
Pagefile Peak Usage : 3016 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3764
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 06:39:58 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 09:40:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2572 K
Mem Usage Peak : 2672 K
Page Faults : 1421
Pagefile Usage : 1116 K
Pagefile Peak Usage : 1216 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
c:\windows\Autorun.exe
c:\windows\Autorun.exe
File not found: c:\windows\Autorun.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
NeroFilterCheck
C:\WINDOWS\system32\NeroCheck.exe
NeroCheck
Ahead Software Gmbh
1.00.0000.0002
c:\windows\system32\nerocheck.exe
LG Intelligent Update
"C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
CST
1.00.0000.0000
c:\program files\lg_swupdate\autoupdate.exe
SynTPLpr
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
TouchPad Driver Helper Application
Synaptics, Inc.
7.12.0009.0004
c:\program files\synaptics\syntp\syntplpr.exe
SynTPEnh
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics TouchPad Enhancements
Synaptics, Inc.
7.12.0009.0004
c:\program files\synaptics\syntp\syntpenh.exe
batterymiser
"C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
Battery Miser
LG Electronics Inc.
3.37.0000.0000
c:\program files\lg software\battery miser 2005\batterymiser.exe
KeybdUtility
"C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
HotKey
LG Electronics
1.00.0000.0000
c:\program files\lg software\on screen display\hotkey.exe
High Definition Audio Property Page Shortcut
HDAShCut.exe
High Definition Audio Property Page Shortcut v1.0a
Windows (R) Server 2003 DDK provider
5.10.0001.5013
c:\windows\system32\hdashcut.exe
AGRSMMSG
AGRSMMSG.exe
SoftModem Messaging Applet
Agere Systems
2.01.0047.0008
c:\windows\agrsmmsg.exe
Cmaudio
RunDll32 cmicnfg.cpl,CMICtrlWnd
CmiCnfg DLL
C-Media Corporation
1.00.0046.0004
c:\windows\system\cmicnfg.cpl
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxpers.exe
lrrpfgcp
C:\WINDOWS\lrrpfgcp.exe
Leithauser Research
1.00.0000.0000
c:\windows\lrrpfgcp.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0000.3760
c:\program files\common files\real\update_ob\realsched.exe
IPO3
"C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
IPO3 MFC ?? ????
1.00.0000.0001
c:\program files\lg software\ip operator 2005\ip operator 2005.exe
Explorer
C:\WINDOWS\iexplorer.exe
File not found: C:\WINDOWS\iexplorer.exe
SunJavaUpdateSched
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
Java(TM) Platform SE binary
Sun Microsystems, Inc.
6.00.0030.0005
c:\program files\java\jre1.6.0_03\bin\jusched.exe
HPDJ Taskbar Utility
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
HP
2.236.0004.0000
c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
HP Software Update
"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
hpwuSchd
Hewlett-Packard
1.00.0000.0002
c:\program files\hewlett-packard\hp software update\hpwuschd.exe
HP Component Manager
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
HP Framework Component Manager Service
Hewlett-Packard Company
2.01.0001.0000
c:\program files\hp\hpcoretech\hpcmpmgr.exe
DeviceDiscovery
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
hpotdd01
Hewlett-Packard
1.00.0000.0001
c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
InkMonitor
C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
InkMonitor
2.01.0002.0001
c:\program files\pokluda\inkmonitor\inkmonitor.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BlueSoleil.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
Bluetooth Application
IVT Corporation
1.06.0001.0004
c:\program files\ivt corporation\bluesoleil\bluesoleil.exe
gce.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Leithauser Research
5.00.0000.0000
c:\documents and settings\all users\start menu\programs\startup\gce.exe
WinZip Quick Pick.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
WinZip Executable
WinZip Computing, S.L.
1.00.7403.0000
c:\program files\winzip\wzqkpick.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MsnMsgr
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
Messenger
Microsoft Corporation
8.01.0178.0000
c:\program files\msn messenger\msnmsgr.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3001
c:\program files\messenger\msmsgs.exe
TorCP
C:\Program Files\TorCP\torcp.exe
Tor Control Panel
Matt Edman
0.00.0004.0000
c:\program files\torcp\torcp.exe
STYLEXP
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
StyleXP Application
0.30.0000.0000
c:\program files\tgtsoft\stylexp\stylexp.exe
BitComet
"D:\Program Files\BitComet\BitComet.exe" /tray
File not found: D:\Program Files\BitComet\BitComet.exe
WMPNSCFG
C:\Program Files\Windows Media Player\WMPNSCFG.exe
‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Microsoft Corporation
11.00.5721.5145
c:\program files\windows media player\wmpnscfg.exe
DU Meter
C:\Program Files\DU Meter\DUMeter.exe
DU Meter Monitor
Hagel Technologies Ltd
4.00.3009.0000
c:\program files\du meter\dumeter.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.12.0006.0000
c:\program files\internet download manager\idman.exe
.
.
----------- End Report ---------------

$$العاشق$$ · 2 فبراير 2008

تقريري للاب توب

SmitFraudFix v2.278
Scan done at 21:43:53.07, Sat 02/02/2008
Run from D:\ ©ںê¤ èê ïي¢©\يں‍•é\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

## added by CiD
»»»»»»»»»»»»»»»»»»»»»»»» VACFix

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix.exe by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
DNS Server Search Order: 212.76.68.200
DNS Server Search Order: 212.76.68.201
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3518B225-080C-4E04-A840-DEC45DA25B4E}: DhcpNameServer=212.76.68.200 212.76.68.201
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3518B225-080C-4E04-A840-DEC45DA25B4E}: DhcpNameServer=212.76.68.200 212.76.68.201
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.76.68.200 212.76.68.201
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.76.68.200 212.76.68.201

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

أبوسلام · 2 فبراير 2008

جزاك الله خيرًا

زيزوووم · 2 فبراير 2008

أخوي اسير الشعر

لاهنت حمل الملف هذا وقم بتشغيله

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

بعدها اعد تشغيل جهازك ,,,

واعمل تقرير جديد ,,
وفضلااا لا امراا ,, لا تكبر الخط

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

التقرير حلوو ياحلوو

زيزوووم · 2 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

ويجزاك خير ويبارك فيك

نوووف · 2 فبراير 2008

هذا تقريري:iconmju30:

SmitFraudFix v2.278
Scan done at 22:48:01.32, Sat 02/02/2008
Run from C:\Documents and Settings\Administrator\Application Data\IDM\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

127.0.0.1 winantivirus.com

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

أسير&الشعر · 2 فبراير 2008

.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:13 م, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\LG Software\On Screen Display\Hotkey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TorCP\torcp.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
C:\WINDOWS\zpitsp.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\lg_swupdate\tmcheck.exe
C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.37.63.11:80
F2 - REG:system.ini: Shell=Explorer.exe c:\windows\Autorun.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\icom accelerator\components\NOWImaging.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [lrrpfgcp] C:\WINDOWS\lrrpfgcp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [InkMonitor] C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: gce.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &BitSpirit حمله باستخدام
- C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: أضافة إلى مضاد الأعلان - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
--
End of file - 10095 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 960
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/01/1429 11:10:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 428 K
Mem Usage Peak : 480 K
Page Faults : 222
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1016
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/01/1429 11:10:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4548 K
Mem Usage Peak : 4728 K
Page Faults : 3300
Pagefile Usage : 2016 K
Pagefile Peak Usage : 2024 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1040
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4088 K
Mem Usage Peak : 17324 K
Page Faults : 8518
Pagefile Usage : 6756 K
Pagefile Peak Usage : 8692 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1084
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3936 K
Mem Usage Peak : 3972 K
Page Faults : 3048
Pagefile Usage : 1844 K
Pagefile Peak Usage : 2016 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1096
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7256 K
Mem Usage Peak : 7264 K
Page Faults : 2060
Pagefile Usage : 4280 K
Pagefile Peak Usage : 4364 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1252
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5564 K
Mem Usage Peak : 5616 K
Page Faults : 1541
Pagefile Usage : 3360 K
Pagefile Peak Usage : 23396 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1332
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:16 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4824 K
Mem Usage Peak : 4824 K
Page Faults : 1380
Pagefile Usage : 2112 K
Pagefile Peak Usage : 2272 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1372
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 32484 K
Mem Usage Peak : 35016 K
Page Faults : 20329
Pagefile Usage : 21260 K
Pagefile Peak Usage : 28764 K
File Attributes : A
==================================================
==================================================
Process Name : StyleXPService.exe
ProcessID : 1420
Priority : Normal
Product Name : StyleXPService Module
Version : 0, 20, 0, 3000
Description : StyleXPService Module
Company :
Window Title :
File Size : 372,736
File Created Date : 26/04/1427 06:31:06 م
File Modified Date : 26/04/1427 06:31:06 م
Filename : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3564 K
Mem Usage Peak : 3932 K
Page Faults : 11320
Pagefile Usage : 1084 K
Pagefile Peak Usage : 1280 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1544
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:18 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3788 K
Mem Usage Peak : 3800 K
Page Faults : 1062
Pagefile Usage : 1524 K
Pagefile Peak Usage : 1548 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1656
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:18 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 9476 K
Mem Usage Peak : 9484 K
Page Faults : 3293
Pagefile Usage : 6232 K
Pagefile Peak Usage : 6396 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1940
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:18 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6140 K
Mem Usage Peak : 6140 K
Page Faults : 1776
Pagefile Usage : 3924 K
Pagefile Peak Usage : 3996 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 2032
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 12176 K
Mem Usage Peak : 46364 K
Page Faults : 55361
Pagefile Usage : 47464 K
Pagefile Peak Usage : 60860 K
File Attributes : A
==================================================
==================================================
Process Name : BTNtService.exe
ProcessID : 148
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 110,592
File Created Date : 16/03/1428 11:36:21 م
File Modified Date : 27/02/1426 11:03:28 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2772 K
Mem Usage Peak : 2772 K
Page Faults : 773
Pagefile Usage : 1916 K
Pagefile Peak Usage : 1964 K
File Attributes : A
==================================================
==================================================
Process Name : DUMeterSvc.exe
ProcessID : 172
Priority : Normal
Product Name : DU Meter
Version : 4.0 Build R3009
Description : DU Meter Service
Company : Hagel Technologies Ltd
Window Title :
File Size : 1,382,672
File Created Date : 18/01/1429 09:15:37 م
File Modified Date : 04/10/1428 12:19:38 م
Filename : C:\Program Files\DU Meter\DUMeterSvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6936 K
Mem Usage Peak : 6944 K
Page Faults : 4186
Pagefile Usage : 7280 K
Pagefile Peak Usage : 8424 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 596
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:20 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3792 K
Mem Usage Peak : 3792 K
Page Faults : 1004
Pagefile Usage : 1740 K
Pagefile Peak Usage : 1740 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.exe
ProcessID : 624
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,033,216
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:20 م
Visible Windows : 2
Hidden Windows : 26
User Name : NAWAF\N a W a F
Mem Usage : 22656 K
Mem Usage Peak : 22676 K
Page Faults : 12910
Pagefile Usage : 15084 K
Pagefile Peak Usage : 15776 K
File Attributes : A
==================================================
==================================================
Process Name : WMPNetwk.exe
ProcessID : 1796
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.5721.5145 (WMP_11.061018-2006)
Description : خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 909,312
File Created Date : 11/11/1427 07:03:38 م
File Modified Date : 11/11/1427 07:03:38 م
Filename : C:\Program Files\Windows Media Player\WMPNetwk.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:22 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 26120 K
Mem Usage Peak : 26128 K
Page Faults : 10446
Pagefile Usage : 10308 K
Pagefile Peak Usage : 10480 K
File Attributes :
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1876
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3864 K
Mem Usage Peak : 3872 K
Page Faults : 1030
Pagefile Usage : 1308 K
Pagefile Peak Usage : 1320 K
File Attributes : A
==================================================
==================================================
Process Name : SynTPLpr.exe
ProcessID : 2056
Priority : Normal
Product Name : Synaptics Pointing Device Driver
Version : 7.12.9.4 14Feb05
Description : TouchPad Driver Helper Application
Company : Synaptics, Inc.
Window Title :
File Size : 98,396
File Created Date : 11/03/1428 10:05:53 ص
File Modified Date : 06/01/1426 08:59:12 ص
Filename : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3052 K
Mem Usage Peak : 3052 K
Page Faults : 871
Pagefile Usage : 1000 K
Pagefile Peak Usage : 1092 K
File Attributes : A
==================================================
==================================================
Process Name : SynTPEnh.exe
ProcessID : 2064
Priority : Normal
Product Name : Synaptics Pointing Device Driver
Version : 7.12.9.4 14Feb05
Description : Synaptics TouchPad Enhancements
Company : Synaptics, Inc.
Window Title :
File Size : 667,740
File Created Date : 11/03/1428 10:05:52 ص
File Modified Date : 06/01/1426 08:58:10 ص
Filename : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 8
User Name : NAWAF\N a W a F
Mem Usage : 4524 K
Mem Usage Peak : 4524 K
Page Faults : 1306
Pagefile Usage : 1656 K
Pagefile Peak Usage : 1772 K
File Attributes : A
==================================================
==================================================
Process Name : batterymiser.exe
ProcessID : 2072
Priority : Normal
Product Name : Battery Miser
Version : 3, 37, 0, 0
Description : Battery Miser
Company : LG Electronics Inc.
Window Title :
File Size : 335,872
File Created Date : 11/03/1428 10:14:16 ص
File Modified Date : 06/05/1427 12:54:34 ص
Filename : C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3508 K
Mem Usage Peak : 5316 K
Page Faults : 2825
Pagefile Usage : 2740 K
Pagefile Peak Usage : 2804 K
File Attributes : A
==================================================
==================================================
Process Name : Hotkey.exe
ProcessID : 2080
Priority : Normal
Product Name : HotKey
Version : 1, 0, 0, 0
Description : HotKey
Company : LG Electronics
Window Title :
File Size : 86,016
File Created Date : 11/03/1428 10:14:42 ص
File Modified Date : 19/05/1426 02:09:56 ص
Filename : C:\Program Files\LG Software\On Screen Display\Hotkey.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 5
User Name : NAWAF\N a W a F
Mem Usage : 5724 K
Mem Usage Peak : 5736 K
Page Faults : 1641
Pagefile Usage : 2996 K
Pagefile Peak Usage : 3880 K
File Attributes : A
==================================================
==================================================
Process Name : AGRSMMSG.exe
ProcessID : 2096
Priority : Normal
Product Name : Agere SoftModem Messaging Applet
Version : 2.1.47.8 2.1.47.8 11/09/2004 17:19:25
Description : SoftModem Messaging Applet
Company : Agere Systems
Window Title :
File Size : 88,358
File Created Date : 11/03/1428 02:04:42 م
File Modified Date : 27/09/1425 08:19:26 ص
Filename : C:\WINDOWS\AGRSMMSG.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 2852 K
Mem Usage Peak : 2852 K
Page Faults : 797
Pagefile Usage : 924 K
Pagefile Peak Usage : 948 K
File Attributes : AR
==================================================
==================================================
Process Name : RunDll32.exe
ProcessID : 2104
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\RunDll32.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 4892 K
Mem Usage Peak : 4896 K
Page Faults : 1550
Pagefile Usage : 2824 K
Pagefile Peak Usage : 2832 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 2120
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 77,824
File Created Date : 11/03/1428 09:55:02 ص
File Modified Date : 09/01/1427 11:36:06 م
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 12
User Name : NAWAF\N a W a F
Mem Usage : 3152 K
Mem Usage Peak : 3164 K
Page Faults : 835
Pagefile Usage : 892 K
Pagefile Peak Usage : 976 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 2128
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.4497
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 09/01/1427 11:40:02 م
File Modified Date : 09/01/1427 11:40:02 م
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3132 K
Mem Usage Peak : 3144 K
Page Faults : 817
Pagefile Usage : 864 K
Pagefile Peak Usage : 884 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 2144
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.0.3760
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 29/09/1428 03:29:59 م
File Modified Date : 29/09/1428 03:29:59 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 244 K
Mem Usage Peak : 3448 K
Page Faults : 3733
Pagefile Usage : 1204 K
Pagefile Peak Usage : 1240 K
File Attributes : A
==================================================
==================================================
Process Name : IP Operator 2005.exe
ProcessID : 2152
Priority : Normal
Product Name : IPO3 ?? ????
Version : 1, 0, 0, 1
Description : IPO3 MFC ?? ????
Company :
Window Title :
File Size : 1,028,096
File Created Date : 11/03/1428 10:14:54 ص
File Modified Date : 11/05/1426 08:02:44 م
Filename : C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 16
User Name : NAWAF\N a W a F
Mem Usage : 7024 K
Mem Usage Peak : 7036 K
Page Faults : 1826
Pagefile Usage : 2848 K
Pagefile Peak Usage : 2864 K
File Attributes : A
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 2160
Priority : Normal
Product Name : Java(TM) Platform SE 6 U3
Version : 6.0.30.5
Description : Java(TM) Platform SE binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 132,496
File Created Date : 23/10/1428 10:59:03 م
File Modified Date : 13/09/1428 10:11:35 م
Filename : C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2612 K
Mem Usage Peak : 2612 K
Page Faults : 698
Pagefile Usage : 872 K
Pagefile Peak Usage : 872 K
File Attributes : A
==================================================
==================================================
Process Name : hpztsb09.exe
ProcessID : 2168
Priority : Normal
Product Name : HP DeskJet
Version : 2.236.4.0
Description :
Company : HP
Window Title :
File Size : 176,128
File Created Date : 27/11/1428 10:26:23 م
File Modified Date : 05/07/1424 11:42:50 ص
Filename : C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3304 K
Mem Usage Peak : 3304 K
Page Faults : 907
Pagefile Usage : 1108 K
Pagefile Peak Usage : 1108 K
File Attributes : A
==================================================
==================================================
Process Name : HPWuSchd.exe
ProcessID : 2176
Priority : Normal
Product Name : Hewlett-Packard hpwuSchd
Version : 1, 0, 0, 2
Description : hpwuSchd
Company : Hewlett-Packard
Window Title :
File Size : 49,152
File Created Date : 25/04/1424 08:24:48 ص
File Modified Date : 25/04/1424 08:24:48 ص
Filename : C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 2596 K
Mem Usage Peak : 2596 K
Page Faults : 704
Pagefile Usage : 776 K
Pagefile Peak Usage : 776 K
File Attributes : A
==================================================
==================================================
Process Name : hpcmpmgr.exe
ProcessID : 2184
Priority : Normal
Product Name : hp coretech (COmponent REuse TECHnology)
Version : 2.1.1
Description : HP Framework Component Manager Service
Company : Hewlett-Packard Company
Window Title :
File Size : 233,472
File Created Date : 27/08/1424 04:51:18 م
File Modified Date : 27/08/1424 04:51:18 م
Filename : C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 8792 K
Mem Usage Peak : 8804 K
Page Faults : 2615
Pagefile Usage : 5040 K
Pagefile Peak Usage : 5880 K
File Attributes : A
==================================================
==================================================
Process Name : hpotdd01.exe
ProcessID : 2228
Priority : Normal
Product Name : Hewlett-Packard hpotdd01
Version : 1, 0, 0, 1
Description : hpotdd01
Company : Hewlett-Packard
Window Title :
File Size : 229,437
File Created Date : 20/03/1424 03:37:08 م
File Modified Date : 20/03/1424 03:37:08 م
Filename : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:25 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 4488 K
Mem Usage Peak : 4488 K
Page Faults : 1806
Pagefile Usage : 1508 K
Pagefile Peak Usage : 1508 K
File Attributes : A
==================================================
==================================================
Process Name : InkMonitor.exe
ProcessID : 2260
Priority : Normal
Product Name : InkMonitor Application
Version : 2.1.2
Description : InkMonitor
Company :
Window Title :
File Size : 143,360
File Created Date : 02/01/1422 07:29:46 م
File Modified Date : 02/01/1422 07:29:46 م
Filename : C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 3276 K
Mem Usage Peak : 3276 K
Page Faults : 879
Pagefile Usage : 856 K
Pagefile Peak Usage : 856 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 2284
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 5
User Name : NAWAF\N a W a F
Mem Usage : 5748 K
Mem Usage Peak : 9424 K
Page Faults : 4576
Pagefile Usage : 5408 K
Pagefile Peak Usage : 5476 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 2292
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 5
User Name : NAWAF\N a W a F
Mem Usage : 3640 K
Mem Usage Peak : 3640 K
Page Faults : 1039
Pagefile Usage : 1040 K
Pagefile Peak Usage : 1052 K
File Attributes : A
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 2300
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,674,352
File Created Date : 01/01/1428 08:55:14 م
File Modified Date : 01/01/1428 08:55:14 م
Filename : C:\Program Files\MSN Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 1
Hidden Windows : 38
User Name : NAWAF\N a W a F
Mem Usage : 11860 K
Mem Usage Peak : 48448 K
Page Faults : 30934
Pagefile Usage : 32456 K
Pagefile Peak Usage : 37424 K
File Attributes : A
==================================================
==================================================
Process Name : msmsgs.exe
ProcessID : 2308
Priority : Normal
Product Name : Messenger
Version : 4.7.3001
Description : Windows Messenger
Company : Microsoft Corporation
Window Title :
File Size : 1,694,208
File Created Date : 11/03/1428 07:02:58 ص
File Modified Date : 29/08/1425 04:24:37 م
Filename : C:\Program Files\Messenger\msmsgs.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 7
User Name : NAWAF\N a W a F
Mem Usage : 1772 K
Mem Usage Peak : 5264 K
Page Faults : 1786
Pagefile Usage : 1496 K
Pagefile Peak Usage : 1512 K
File Attributes :
==================================================
==================================================
Process Name : torcp.exe
ProcessID : 2324
Priority : Normal
Product Name : TorCP
Version : 0.0.4
Description : Tor Control Panel
Company : Matt Edman
Window Title :
File Size : 225,280
File Created Date : 11/11/1426 07:51:36 م
File Modified Date : 11/11/1426 07:51:36 م
Filename : C:\Program Files\TorCP\torcp.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 6
User Name : NAWAF\N a W a F
Mem Usage : 4524 K
Mem Usage Peak : 4624 K
Page Faults : 22198
Pagefile Usage : 1068 K
Pagefile Peak Usage : 1132 K
File Attributes : A
==================================================
==================================================
Process Name : StyleXP.exe
ProcessID : 2360
Priority : Normal
Product Name : StyleXP Application
Version : 0, 30, 19, 0
Description : StyleXP Application
Company :
Window Title :
File Size : 1,372,160
File Created Date : 26/04/1427 06:31:39 م
File Modified Date : 26/04/1427 06:31:39 م
Filename : C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 16208 K
Mem Usage Peak : 16208 K
Page Faults : 9418
Pagefile Usage : 11664 K
Pagefile Peak Usage : 15640 K
File Attributes : A
==================================================
==================================================
Process Name : WMPNSCFG.exe
ProcessID : 2396
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.5721.5145 (WMP_11.061018-2006)
Description : ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 204,288
File Created Date : 11/11/1427 07:03:46 م
File Modified Date : 11/11/1427 07:03:46 م
Filename : C:\Program Files\Windows Media Player\WMPNSCFG.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 4404 K
Mem Usage Peak : 4404 K
Page Faults : 1164
Pagefile Usage : 1236 K
Pagefile Peak Usage : 1276 K
File Attributes :
==================================================
==================================================
Process Name : DUMeter.exe
ProcessID : 2416
Priority : Normal
Product Name : DU Meter
Version : 4.0 Build R3009
Description : DU Meter Monitor
Company : Hagel Technologies Ltd
Window Title : DU Meter
File Size : 2,582,288
File Created Date : 18/01/1429 09:15:36 م
File Modified Date : 04/10/1428 12:19:36 م
Filename : C:\Program Files\DU Meter\DUMeter.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 1
Hidden Windows : 11
User Name : NAWAF\N a W a F
Mem Usage : 1440 K
Mem Usage Peak : 7780 K
Page Faults : 4510
Pagefile Usage : 4696 K
Pagefile Peak Usage : 5716 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 2444
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.12.6.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title : خصائص الملف
File Size : 2,577,840
File Created Date : 15/01/1429 01:06:25 م
File Modified Date : 25/01/1429 05:35:58 م
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 2
Hidden Windows : 7
User Name : NAWAF\N a W a F
Mem Usage : 10568 K
Mem Usage Peak : 10568 K
Page Faults : 4223
Pagefile Usage : 4204 K
Pagefile Peak Usage : 4208 K
File Attributes : A
==================================================
==================================================
Process Name : BlueSoleil.exe
ProcessID : 2464
Priority : Normal
Product Name : BlueSoleil
Version : 1, 6, 1, 4
Description : Bluetooth Application
Company : IVT Corporation
Window Title :
File Size : 1,183,744
File Created Date : 16/03/1428 11:36:15 م
File Modified Date : 29/04/1426 08:23:08 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 0
Hidden Windows : 8
User Name : NAWAF\N a W a F
Mem Usage : 11416 K
Mem Usage Peak : 11468 K
Page Faults : 4188
Pagefile Usage : 6568 K
Pagefile Peak Usage : 6628 K
File Attributes : A
==================================================
==================================================
Process Name : gce.exe
ProcessID : 2472
Priority : Normal
Product Name : gce
Version : 5.00
Description :
Company : Leithauser Research
Window Title : Clock Guard Enforcer
File Size : 30,720
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 07:02:08 م
Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:26 م
Visible Windows : 1
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3996 K
Mem Usage Peak : 3996 K
Page Faults : 1044
Pagefile Usage : 1120 K
Pagefile Peak Usage : 1124 K
File Attributes : A
==================================================
==================================================
Process Name : WZQKPICK.EXE
ProcessID : 2508
Priority : Normal
Product Name : WinZip
Version : 1.0 (32-bit)
Description : WinZip Executable
Company : WinZip Computing, S.L.
Window Title :
File Size : 394,856
File Created Date : 21/11/1428 08:10:00 ص
File Modified Date : 21/11/1428 08:10:00 ص
Filename : C:\Program Files\WinZip\WZQKPICK.EXE
Base Address : 0x00400000
Created On : 25/01/1429 11:10:27 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3292 K
Mem Usage Peak : 3292 K
Page Faults : 878
Pagefile Usage : 844 K
Pagefile Peak Usage : 844 K
File Attributes : AR
==================================================
==================================================
Process Name : gce.exe
ProcessID : 3592
Priority : Normal
Product Name : gce
Version : 5.00
Description :
Company : Leithauser Research
Window Title : wsgc
File Size : 30,720
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 07:02:08 م
Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:33 م
Visible Windows : 1
Hidden Windows : 2
User Name : NAWAF\N a W a F
Mem Usage : 3892 K
Mem Usage Peak : 3892 K
Page Faults : 1011
Pagefile Usage : 1116 K
Pagefile Peak Usage : 1120 K
File Attributes : A
==================================================
==================================================
Process Name : zpitsp.exe
ProcessID : 3924
Priority : Normal
Product Name : WatcherCG
Version : 1.01
Description :
Company : Leithauser Research
Window Title : ctgpp
File Size : 13,312
File Created Date : 21/09/1428 02:34:22 م
File Modified Date : 23/06/1428 06:43:56 م
Filename : C:\WINDOWS\zpitsp.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:34 م
Visible Windows : 1
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 3856 K
Mem Usage Peak : 3856 K
Page Faults : 1026
Pagefile Usage : 1116 K
Pagefile Peak Usage : 1116 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 1864
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 11/03/1428 07:02:08 ص
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:10:35 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5896 K
Mem Usage Peak : 5904 K
Page Faults : 1552
Pagefile Usage : 2168 K
Pagefile Peak Usage : 3092 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 3568
Priority : Normal
Product Name : IEMonitor Application
Version : 3, 0, 0, 1
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,576
File Created Date : 15/01/1429 01:06:20 م
File Modified Date : 02/02/1428 02:53:52 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:10:50 م
Visible Windows : 0
Hidden Windows : 3
User Name : NAWAF\N a W a F
Mem Usage : 5552 K
Mem Usage Peak : 5564 K
Page Faults : 1495
Pagefile Usage : 2872 K
Pagefile Peak Usage : 2888 K
File Attributes : A
==================================================
==================================================
Process Name : wuauclt.exe
ProcessID : 2872
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 7.0.6000.381 (winmain(wmbla).070730-1740)
Description : Windows Update Automatic Updates
Company : Microsoft Corporation
Window Title :
File Size : 53,080
File Created Date : 11/03/1428 07:04:37 ص
File Modified Date : 17/07/1428 02:19:16 ص
Filename : C:\WINDOWS\system32\wuauclt.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:11:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 9740 K
Mem Usage Peak : 9744 K
Page Faults : 2753
Pagefile Usage : 6712 K
Pagefile Peak Usage : 6728 K
File Attributes : A
==================================================
==================================================
Process Name : usnsvc.exe
ProcessID : 784
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger Sharing USN Journal Reader Service
Company : Microsoft Corporation
Window Title :
File Size : 97,136
File Created Date : 01/01/1428 08:54:14 م
File Modified Date : 01/01/1428 08:54:14 م
Filename : C:\Program Files\MSN Messenger\usnsvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:12:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2908 K
Mem Usage Peak : 2908 K
Page Faults : 786
Pagefile Usage : 984 K
Pagefile Peak Usage : 984 K
File Attributes : A
==================================================
==================================================
Process Name : tmcheck.exe
ProcessID : 1292
Priority : Normal
Product Name : LG Intelligent Update
Version : 1.00
Description :
Company : CST
Window Title :
File Size : 20,480
File Created Date : 11/03/1428 09:51:18 ص
File Modified Date : 12/11/1425 11:46:54 م
Filename : C:\Program Files\lg_swupdate\tmcheck.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:12:43 م
Visible Windows : 0
Hidden Windows : 4
User Name : NAWAF\N a W a F
Mem Usage : 3528 K
Mem Usage Peak : 3528 K
Page Faults : 925
Pagefile Usage : 1060 K
Pagefile Peak Usage : 1064 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 1828
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 06:39:58 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:14:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2496 K
Mem Usage Peak : 2508 K
Page Faults : 730
Pagefile Usage : 812 K
Pagefile Peak Usage : 916 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2704
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 11:14:08 م
Visible Windows : 0
Hidden Windows : 1
User Name : NAWAF\N a W a F
Mem Usage : 3024 K
Mem Usage Peak : 3092 K
Page Faults : 875
Pagefile Usage : 2136 K
Pagefile Peak Usage : 2212 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 1100
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 11/03/1428 07:02:08 ص
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 11:14:10 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5788 K
Mem Usage Peak : 5788 K
Page Faults : 1505
Pagefile Usage : 3016 K
Pagefile Peak Usage : 3016 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 2920
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 06:39:58 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 11:14:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NAWAF\N a W a F
Mem Usage : 2552 K
Mem Usage Peak : 2652 K
Page Faults : 1417
Pagefile Usage : 1100 K
Pagefile Peak Usage : 1200 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
c:\windows\Autorun.exe
c:\windows\Autorun.exe
File not found: c:\windows\Autorun.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
NeroFilterCheck
C:\WINDOWS\system32\NeroCheck.exe
NeroCheck
Ahead Software Gmbh
1.00.0000.0002
c:\windows\system32\nerocheck.exe
LG Intelligent Update
"C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
CST
1.00.0000.0000
c:\program files\lg_swupdate\autoupdate.exe
SynTPLpr
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
TouchPad Driver Helper Application
Synaptics, Inc.
7.12.0009.0004
c:\program files\synaptics\syntp\syntplpr.exe
SynTPEnh
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics TouchPad Enhancements
Synaptics, Inc.
7.12.0009.0004
c:\program files\synaptics\syntp\syntpenh.exe
batterymiser
"C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
Battery Miser
LG Electronics Inc.
3.37.0000.0000
c:\program files\lg software\battery miser 2005\batterymiser.exe
KeybdUtility
"C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
HotKey
LG Electronics
1.00.0000.0000
c:\program files\lg software\on screen display\hotkey.exe
High Definition Audio Property Page Shortcut
HDAShCut.exe
High Definition Audio Property Page Shortcut v1.0a
Windows (R) Server 2003 DDK provider
5.10.0001.5013
c:\windows\system32\hdashcut.exe
AGRSMMSG
AGRSMMSG.exe
SoftModem Messaging Applet
Agere Systems
2.01.0047.0008
c:\windows\agrsmmsg.exe
Cmaudio
RunDll32 cmicnfg.cpl,CMICtrlWnd
CmiCnfg DLL
C-Media Corporation
1.00.0046.0004
c:\windows\system\cmicnfg.cpl
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4497
c:\windows\system32\igfxpers.exe
lrrpfgcp
C:\WINDOWS\lrrpfgcp.exe
Leithauser Research
1.00.0000.0000
c:\windows\lrrpfgcp.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0000.3760
c:\program files\common files\real\update_ob\realsched.exe
IPO3
"C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
IPO3 MFC ?? ????
1.00.0000.0001
c:\program files\lg software\ip operator 2005\ip operator 2005.exe
Explorer
C:\WINDOWS\iexplorer.exe
File not found: C:\WINDOWS\iexplorer.exe
SunJavaUpdateSched
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
Java(TM) Platform SE binary
Sun Microsystems, Inc.
6.00.0030.0005
c:\program files\java\jre1.6.0_03\bin\jusched.exe
HPDJ Taskbar Utility
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
HP
2.236.0004.0000
c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
HP Software Update
"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
hpwuSchd
Hewlett-Packard
1.00.0000.0002
c:\program files\hewlett-packard\hp software update\hpwuschd.exe
HP Component Manager
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
HP Framework Component Manager Service
Hewlett-Packard Company
2.01.0001.0000
c:\program files\hp\hpcoretech\hpcmpmgr.exe
DeviceDiscovery
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
hpotdd01
Hewlett-Packard
1.00.0000.0001
c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
InkMonitor
C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
InkMonitor
2.01.0002.0001
c:\program files\pokluda\inkmonitor\inkmonitor.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
7.00.0000.0125
c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BlueSoleil.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
Bluetooth Application
IVT Corporation
1.06.0001.0004
c:\program files\ivt corporation\bluesoleil\bluesoleil.exe
gce.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
Leithauser Research
5.00.0000.0000
c:\documents and settings\all users\start menu\programs\startup\gce.exe
WinZip Quick Pick.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
WinZip Executable
WinZip Computing, S.L.
1.00.7403.0000
c:\program files\winzip\wzqkpick.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MsnMsgr
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
Messenger
Microsoft Corporation
8.01.0178.0000
c:\program files\msn messenger\msnmsgr.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3001
c:\program files\messenger\msmsgs.exe
TorCP
C:\Program Files\TorCP\torcp.exe
Tor Control Panel
Matt Edman
0.00.0004.0000
c:\program files\torcp\torcp.exe
STYLEXP
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
StyleXP Application
0.30.0000.0000
c:\program files\tgtsoft\stylexp\stylexp.exe
BitComet
"D:\Program Files\BitComet\BitComet.exe" /tray
File not found: D:\Program Files\BitComet\BitComet.exe
WMPNSCFG
C:\Program Files\Windows Media Player\WMPNSCFG.exe
‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Microsoft Corporation
11.00.5721.5145
c:\program files\windows media player\wmpnscfg.exe
DU Meter
C:\Program Files\DU Meter\DUMeter.exe
DU Meter Monitor
Hagel Technologies Ltd
4.00.3009.0000
c:\program files\du meter\dumeter.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.12.0006.0000
c:\program files\internet download manager\idman.exe
.
.
----------- End Report ---------------

زيزوووم · 3 فبراير 2008

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

منتاز منتاز :noskjiuyweat:

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومى فعال

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

توقيع : sdook

زيزوومي نشيط

عضو شرف

عضو شرف

عضو شرف

عضو شرف

عضو شرف

عضو شرف

زيزوومي نشيط

زيزوومي نشيط

توقيع : $$العاشق$$

زيزوومى مميز

توقيع : أبوسلام

عضو شرف

عضو شرف

عضو شرف

زيزوومى مميز

زيزوومي نشيط

عضو شرف

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم