- بادئ الموضوع emad8540
- تاريخ البدء
- 567
MAAX
عضوشرف
غير متصل
اهلااا بك
يلزمك عمل تقارير فحص ببرامج الحماية
راجع المواضيع المثبتة بالقسم واختر احد البرامج لعمل فحص وينصح بالتالي
اذا كنت مثبت الكاسبر على جهازك فينصح بهذا البديل
انتظر التقارير حتى لا يحذف الموضوع
يلزمك عمل تقارير فحص ببرامج الحماية
راجع المواضيع المثبتة بالقسم واختر احد البرامج لعمل فحص وينصح بالتالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا كنت مثبت الكاسبر على جهازك فينصح بهذا البديل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
انتظر التقارير حتى لا يحذف الموضوع
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
تأييد
0
emad8540
زيزوومى مميز
غير متصل
انا استخدم الكاسبر سيكورتي وطبقت الموضوع التالي
التقرير على الرابط التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
التقرير على الرابط التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
تأييد
0
emad8540
زيزوومى مميز
غير متصل
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:28:49 ص, on 28/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PV92Tray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.awalnet.net.sa:8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب الدعايات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7880 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 876
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 29/11/1429 08:35:46 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 44 K
Mem Usage Peak : 464 K
Page Faults : 219
Pagefile Usage : 164 K
Pagefile Peak Usage : 1672 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1004
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 29/11/1429 08:35:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1912 K
Mem Usage Peak : 3504 K
Page Faults : 64495
Pagefile Usage : 2176 K
Pagefile Peak Usage : 2176 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1028
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:50 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 892 K
Mem Usage Peak : 13364 K
Page Faults : 13597
Pagefile Usage : 11316 K
Pagefile Peak Usage : 13444 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1084
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 17/06/1425 06:56:56 م
File Modified Date : 17/06/1425 06:56:56 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 908 K
Mem Usage Peak : 4752 K
Page Faults : 6542
Pagefile Usage : 2456 K
Pagefile Peak Usage : 3212 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1096
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 17/06/1425 06:56:52 م
File Modified Date : 17/06/1425 06:56:52 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1364 K
Mem Usage Peak : 6136 K
Page Faults : 76381
Pagefile Usage : 8268 K
Pagefile Peak Usage : 8392 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1260
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1116 K
Mem Usage Peak : 5336 K
Page Faults : 7961
Pagefile Usage : 6780 K
Pagefile Peak Usage : 27084 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1320
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:53 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1464 K
Mem Usage Peak : 4696 K
Page Faults : 6702
Pagefile Usage : 5632 K
Pagefile Peak Usage : 5644 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1516
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:53 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5968 K
Mem Usage Peak : 18204 K
Page Faults : 46702
Pagefile Usage : 21780 K
Pagefile Peak Usage : 23212 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1764
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:54 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 224 K
Mem Usage Peak : 4776 K
Page Faults : 7339
Pagefile Usage : 6788 K
Pagefile Peak Usage : 7068 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 216
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 68 K
Mem Usage Peak : 4088 K
Page Faults : 4530
Pagefile Usage : 6824 K
Pagefile Peak Usage : 7144 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 320
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.454
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 206,088
File Created Date : 26/07/1429 05:20:28 م
File Modified Date : 26/07/1429 05:20:28 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:35:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 25644 K
Mem Usage Peak : 100132 K
Page Faults : 4314731
Pagefile Usage : 54016 K
Pagefile Peak Usage : 168124 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 348
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 68 K
Mem Usage Peak : 3672 K
Page Faults : 1500
Pagefile Usage : 2888 K
Pagefile Peak Usage : 2936 K
File Attributes : A
==================================================
==================================================
Process Name : DevSvc.exe
ProcessID : 364
Priority : Normal
Product Name : Capture Device Service
Version : 1.0.0.1
Description : Capture Device Service
Company : InterVideo Inc.
Window Title :
File Size : 198,168
File Created Date : 17/02/1428 07:35:02 ص
File Modified Date : 17/02/1428 07:35:02 ص
Filename : C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 200 K
Mem Usage Peak : 5160 K
Page Faults : 1672
Pagefile Usage : 6104 K
Pagefile Peak Usage : 6168 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : المستندات
File Size : 1,032,192
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 3
Hidden Windows : 39
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 25660 K
Mem Usage Peak : 32956 K
Page Faults : 160600
Pagefile Usage : 67832 K
Pagefile Peak Usage : 71500 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 456
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 08:25:00 م
File Modified Date : 19/04/1424 08:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 376 K
Mem Usage Peak : 3056 K
Page Faults : 3411
Pagefile Usage : 3912 K
Pagefile Peak Usage : 3944 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 636
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 60 K
Mem Usage Peak : 4496 K
Page Faults : 4049
Pagefile Usage : 5916 K
Pagefile Peak Usage : 5976 K
File Attributes : A
==================================================
==================================================
Process Name : wdfmgr.exe
ProcessID : 668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.2.3790.1230 built by: DNSRV(bld4act)
Description : Windows User Mode Driver Manager
Company : Microsoft Corporation
Window Title :
File Size : 38,912
File Created Date : 24/06/1425 10:45:04 م
File Modified Date : 24/06/1425 10:45:04 م
Filename : C:\WINDOWS\system32\wdfmgr.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:58 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 48 K
Mem Usage Peak : 2216 K
Page Faults : 678
Pagefile Usage : 2160 K
Pagefile Peak Usage : 2192 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 1624
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.3889
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 155,648
File Created Date : 08/02/1428 05:58:37 م
File Modified Date : 28/01/1427 08:17:32 ص
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:05 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 124 K
Mem Usage Peak : 4312 K
Page Faults : 1697
Pagefile Usage : 1640 K
Pagefile Peak Usage : 2776 K
File Attributes : AR
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 1640
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.3889
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 08/02/1428 05:58:37 م
File Modified Date : 28/01/1427 08:17:34 ص
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:06 م
Visible Windows : 0
Hidden Windows : 14
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 144 K
Mem Usage Peak : 4204 K
Page Faults : 1788
Pagefile Usage : 1736 K
Pagefile Peak Usage : 1780 K
File Attributes : AR
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 1776
Priority : Normal
Product Name : Java(TM) 2 Platform Standard Edition 5.0 Update 1
Version : 1.5.0.10
Description : Java(TM) 2 Platform Standard Edition binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 36,975
File Created Date : 17/07/1428 12:02:21 م
File Modified Date : 24/10/1425 06:31:50 م
Filename : C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 48 K
Mem Usage Peak : 2312 K
Page Faults : 661
Pagefile Usage : 692 K
Pagefile Peak Usage : 732 K
File Attributes : A
==================================================
==================================================
Process Name : qttask.exe
ProcessID : 1824
Priority : Normal
Product Name : QuickTime
Version : 7.0.2
Description : QuickTime Task
Company : Apple Computer, Inc.
Window Title :
File Size : 155,648
File Created Date : 17/07/1428 12:14:57 م
File Modified Date : 17/07/1428 12:14:58 م
Filename : C:\Program Files\QuickTime\qttask.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:08 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 116 K
Mem Usage Peak : 2644 K
Page Faults : 1253
Pagefile Usage : 860 K
Pagefile Peak Usage : 860 K
File Attributes : A
==================================================
==================================================
Process Name : pctspk.exe
ProcessID : 752
Priority : Normal
Product Name : pctvoice Application
Version : 1, 0, 0, 1
Description : pctvoice MFC Application
Company :
Window Title :
File Size : 176,128
File Created Date : 25/06/1425 04:42:16 ص
File Modified Date : 25/06/1425 04:42:16 ص
Filename : C:\WINDOWS\system32\pctspk.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 456 K
Mem Usage Peak : 3964 K
Page Faults : 1578
Pagefile Usage : 2304 K
Pagefile Peak Usage : 2676 K
File Attributes : A
==================================================
==================================================
Process Name : PV92Tray.exe
ProcessID : 780
Priority : Normal
Product Name : PTV92Tray Application
Version : 1, 0, 0, 1
Description : PTV92Tray Application
Company : PCtel Inc.
Window Title :
File Size : 128,000
File Created Date : 25/06/1425 04:42:16 ص
File Modified Date : 25/06/1425 04:42:16 ص
Filename : C:\WINDOWS\system32\PV92Tray.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 3
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 224 K
Mem Usage Peak : 2872 K
Page Faults : 1778
Pagefile Usage : 840 K
Pagefile Peak Usage : 840 K
File Attributes : A
==================================================
==================================================
Process Name : SOUNDMAN.EXE
ProcessID : 788
Priority : Normal
Product Name : Realtek Sound Manager
Version : 5, 1, 0, 59
Description : Realtek Sound Manager
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 577,536
File Created Date : 26/11/1428 09:30:08 م
File Modified Date : 29/03/1428 08:28:22 م
Filename : C:\WINDOWS\SOUNDMAN.EXE
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 132 K
Mem Usage Peak : 3140 K
Page Faults : 2192
Pagefile Usage : 2508 K
Pagefile Peak Usage : 2508 K
File Attributes : AR
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 812
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.45
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 08/02/1428 08:36:45 م
File Modified Date : 09/10/1429 02:56:28 ص
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:13 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 80 K
Mem Usage Peak : 3064 K
Page Faults : 15737
Pagefile Usage : 4268 K
Pagefile Peak Usage : 4292 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 520
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 17/06/1425 06:56:56 م
File Modified Date : 17/06/1425 06:56:56 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 3
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 164 K
Mem Usage Peak : 3956 K
Page Faults : 1529
Pagefile Usage : 5920 K
Pagefile Peak Usage : 5920 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 968
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.454
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 206,088
File Created Date : 26/07/1429 05:20:28 م
File Modified Date : 26/07/1429 05:20:28 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 8
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 6436 K
Mem Usage Peak : 7960 K
Page Faults : 13615
Pagefile Usage : 17564 K
Pagefile Peak Usage : 17732 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 616
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 5
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 372 K
Mem Usage Peak : 3660 K
Page Faults : 2688
Pagefile Usage : 1528 K
Pagefile Peak Usage : 1532 K
File Attributes : A
==================================================
==================================================
Process Name : msmsgs.exe
ProcessID : 596
Priority : Normal
Product Name : Messenger
Version : 4.7.3000
Description : Windows Messenger
Company : Microsoft Corporation
Window Title :
File Size : 1,667,584
File Created Date : 08/02/1428 05:25:52 م
File Modified Date : 17/06/1425 10:06:34 م
Filename : C:\Program Files\Messenger\msmsgs.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:36:15 م
Visible Windows : 0
Hidden Windows : 7
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 308 K
Mem Usage Peak : 5432 K
Page Faults : 4276
Pagefile Usage : 6420 K
Pagefile Peak Usage : 7552 K
File Attributes :
==================================================
==================================================
Process Name : PCSync2.exe
ProcessID : 1220
Priority : Normal
Product Name : PC Sync
Version : 2.00 (658)
Description : PC Sync
Company : Time Information Services Ltd.
Window Title :
File Size : 1,249,280
File Created Date : 13/06/1429 01:00:34 م
File Modified Date : 13/06/1429 01:00:34 م
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:17 م
Visible Windows : 0
Hidden Windows : 10
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 772 K
Mem Usage Peak : 13296 K
Page Faults : 14795
Pagefile Usage : 13684 K
Pagefile Peak Usage : 14504 K
File Attributes : A
==================================================
==================================================
Process Name : PCSuite.exe
ProcessID : 1428
Priority : Normal
Product Name : PC Suite
Version : 7, 0, 41, 14
Description : Nokia Launch Application
Company : Nokia
Window Title :
File Size : 1,124,352
File Created Date : 02/10/1429 04:00:38 ص
File Modified Date : 02/10/1429 04:00:38 ص
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:18 م
Visible Windows : 0
Hidden Windows : 6
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 992 K
Mem Usage Peak : 27452 K
Page Faults : 15489
Pagefile Usage : 27248 K
Pagefile Peak Usage : 27420 K
File Attributes : A
==================================================
==================================================
Process Name : MPAPI3s.exe
ProcessID : 4012
Priority : Normal
Product Name : Nokia Connectivity Library
Version : 7.0.162.0
Description : Mobile Phone API
Company : Nokia Corporation
Window Title :
File Size : 474,624
File Created Date : 17/05/1429 12:05:06 م
File Modified Date : 17/05/1429 12:05:06 م
Filename : C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:31 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 144 K
Mem Usage Peak : 5644 K
Page Faults : 2101
Pagefile Usage : 5908 K
Pagefile Peak Usage : 6908 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 4044
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 17/06/1425 06:56:48 م
File Modified Date : 17/06/1425 06:56:48 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:37:32 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 64 K
Mem Usage Peak : 3504 K
Page Faults : 1054
Pagefile Usage : 4140 K
Pagefile Peak Usage : 4152 K
File Attributes : A
==================================================
==================================================
Process Name : ServiceLayer.exe
ProcessID : 832
Priority : Normal
Product Name : PC Connectivity Solution
Version : 7, 0, 13, 0
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 575,488
File Created Date : 05/08/1429 08:17:30 ص
File Modified Date : 05/08/1429 08:17:30 ص
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:34 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 680 K
Mem Usage Peak : 5232 K
Page Faults : 2503
Pagefile Usage : 5268 K
Pagefile Peak Usage : 5284 K
File Attributes : A
==================================================
==================================================
Process Name : NclUSBSrv.exe
ProcessID : 1492
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 5, 0
Description : NclUSBSrv Application
Company :
Window Title :
File Size : 130,560
File Created Date : 03/08/1429 11:11:04 ص
File Modified Date : 03/08/1429 11:11:04 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:40 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 408 K
Mem Usage Peak : 2868 K
Page Faults : 9483
Pagefile Usage : 2304 K
Pagefile Peak Usage : 2304 K
File Attributes : A
==================================================
==================================================
Process Name : NclRSSrv.exe
ProcessID : 1960
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 1, 0
Description : NclRSSrv Application
Company :
Window Title :
File Size : 120,320
File Created Date : 03/08/1429 11:10:58 ص
File Modified Date : 03/08/1429 11:10:58 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:41 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 408 K
Mem Usage Peak : 2356 K
Page Faults : 1024
Pagefile Usage : 836 K
Pagefile Peak Usage : 836 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 3124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:37:54 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 140 K
Mem Usage Peak : 3848 K
Page Faults : 1945
Pagefile Usage : 4704 K
Pagefile Peak Usage : 4728 K
File Attributes : A
==================================================
==================================================
Process Name : RealPlay.exe
ProcessID : 3156
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 11.0.0.431
Description : RealPlayer
Company : RealNetworks, Inc.
Window Title : RealPlayer: GetAttachment.aspx?file=d7a662f3-331d-4add-a9ad-d2d2892c5226.mp3&ct=YXVkaW8vbXAz&name=2LLZgdipINin2YTZgtin2LMuLi5tcDM_3d&inline=0&rfc=0&empty=False&imgsrc=&hm__login=noof8540&hm__domain=hotmail.com&ip=10.4.1
File Size : 214,560
File Created Date : 08/02/1428 08:36:46 م
File Modified Date : 09/10/1429 02:56:46 ص
Filename : C:\Program Files\Real\RealPlayer\RealPlay.exe
Base Address : 0x00400000
Created On : 29/11/1429 11:46:37 م
Visible Windows : 1
Hidden Windows : 14
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 376 K
Mem Usage Peak : 32312 K
Page Faults : 205998
Pagefile Usage : 27772 K
Pagefile Peak Usage : 42388 K
File Attributes : A
==================================================
==================================================
Process Name : msnmsgr.exe
ProcessID : 2492
Priority : Normal
Product Name : Windows Live Messenger
Version : 14.0.5027.0908
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 3,513,344
File Created Date : 08/09/1429 09:04:06 م
File Modified Date : 08/09/1429 09:04:06 م
Filename : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Base Address : 0x00400000
Created On : 30/11/1429 03:01:58 ص
Visible Windows : 1
Hidden Windows : 39
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 5796 K
Mem Usage Peak : 69380 K
Page Faults : 82705
Pagefile Usage : 48632 K
Pagefile Peak Usage : 78684 K
File Attributes : A
==================================================
==================================================
Process Name : wlcomm.exe
ProcessID : 2940
Priority : Normal
Product Name : Messenger
Version : 14.0.5027.0908
Description : Windows Live Communications Platform
Company : Microsoft Corporation
Window Title :
File Size : 30,752
File Created Date : 08/09/1429 08:47:00 م
File Modified Date : 08/09/1429 08:47:00 م
Filename : C:\Program Files\Windows Live\Contacts\wlcomm.exe
Base Address : 0x00400000
Created On : 30/11/1429 03:02:08 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 856 K
Mem Usage Peak : 23928 K
Page Faults : 22907
Pagefile Usage : 21956 K
Pagefile Peak Usage : 27148 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 3060
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : Travian ae22 - Windows Internet Explorer
File Size : 622,080
File Created Date : 08/02/1428 05:26:36 م
File Modified Date : 30/07/1428 03:43:56 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 30/11/1429 05:35:25 ص
Visible Windows : 1
Hidden Windows : 41
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 35644 K
Mem Usage Peak : 68100 K
Page Faults : 168863
Pagefile Usage : 72272 K
Pagefile Peak Usage : 78644 K
File Attributes : A
==================================================
==================================================
Process Name : WLLoginProxy.exe
ProcessID : 2908
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 5.000.744.4
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 120,384
File Created Date : 15/02/1429 12:30:38 م
File Modified Date : 15/02/1429 12:30:38 م
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 30/11/1429 05:35:35 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 100 K
Mem Usage Peak : 10028 K
Page Faults : 3249
Pagefile Usage : 9672 K
Pagefile Peak Usage : 10804 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2652
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : Google - Windows Internet Explorer
File Size : 622,080
File Created Date : 08/02/1428 05:26:36 م
File Modified Date : 30/07/1428 03:43:56 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 30/11/1429 07:17:33 ص
Visible Windows : 1
Hidden Windows : 26
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 4264 K
Mem Usage Peak : 43136 K
Page Faults : 23817
Pagefile Usage : 39184 K
Pagefile Peak Usage : 41404 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2820
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 30/11/1429 05:28:26 ص
File Modified Date : 23/01/1429 10:24:26 م
Filename : C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 30/11/1429 08:28:26 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 1424 K
Mem Usage Peak : 2272 K
Page Faults : 661
Pagefile Usage : 928 K
Pagefile Peak Usage : 932 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2512
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 30/11/1429 08:28:27 ص
Visible Windows : 0
Hidden Windows : 1
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 2660 K
Mem Usage Peak : 3444 K
Page Faults : 942
Pagefile Usage : 2624 K
Pagefile Peak Usage : 2700 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 08/02/1428 05:25:10 م
File Modified Date : 17/06/1425 09:56:58 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 30/11/1429 08:28:34 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 6008 K
Mem Usage Peak : 6008 K
Page Faults : 1536
Pagefile Usage : 6660 K
Pagefile Peak Usage : 6660 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3488
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 30/11/1429 05:28:25 ص
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 30/11/1429 08:28:49 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 2396 K
Mem Usage Peak : 2456 K
Page Faults : 1064
Pagefile Usage : 1028 K
Pagefile Peak Usage : 1696 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.2180
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SMSERIAL
sm56hlpr.exe
Motorola SM56 Win32 Utility
Motorola Inc.
6.09.0007.0000
c:\windows\sm56hlpr.exe
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4436
c:\windows\system32\igfxpers.exe
Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
8.00.0000.0000
c:\program files\adobe\reader 8.0\reader\reader_sl.exe
SunJavaUpdateSched
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Java(TM) 2 Platform Standard Edition binary
Sun Microsystems, Inc.
1.05.0000.0010
c:\program files\java\jre1.5.0_01\bin\jusched.exe
NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
NeroCheck
Nero AG
1.00.0000.0005
c:\program files\common files\ahead\lib\nerocheck.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Computer, Inc.
7.00.0002.0120
c:\program files\quicktime\qttask.exe
EnvyHFCPL
C:\Program Files\Audio Deck\EnMixCPL.exe
VIA Envy24 Family Audio Control Panel
VIA Technologies, Inc
5.12.0001.3620
c:\program files\audio deck\enmixcpl.exe
RTHDCPL
RTHDCPL.EXE
Realtek HD Audio Control Panel
Realtek Semiconductor Corp.
2.01.0004.0002
c:\windows\rthdcpl.exe
SkyTel
SkyTel.EXE
Realtek Voice Manager
Realtek Semiconductor Corp.
2.00.0001.0019
c:\windows\skytel.exe
Alcmtr
ALCMTR.EXE
Realtek Azalia Audio - Event Monitor
Realtek Semiconductor Corp.
1.06.0000.0002
c:\windows\alcmtr.exe
PCTVOICE
pctspk.exe
pctvoice MFC Application
1.00.0000.0001
c:\windows\system32\pctspk.exe
PV92TRAY
PV92Tray.exe
PTV92Tray Application
PCtel Inc.
1.00.0000.0001
c:\windows\system32\pv92tray.exe
SoundMan
SOUNDMAN.EXE
Realtek Sound Manager
Realtek Semiconductor Corp.
5.01.0000.0059
c:\windows\soundman.exe
HotKeysCmds
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\hkcmd.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0045
c:\program files\common files\real\update_ob\realsched.exe
SeePassword
C:\Program Files\SeePassword\SeePassword.exe
File not found: C:\Program Files\SeePassword\SeePassword.exe
BluetoothAuthenticationAgent
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Bluetooth Control Panel Applet
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\bthprops.cpl
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
8.00.0000.0454
c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3000
c:\program files\messenger\msmsgs.exe
Uniblue RegistryBooster 2009
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
File not found: C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
Nokia.PCSync
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
PC Sync
Time Information Services Ltd.
2.00.0000.0658
c:\program files\nokia\nokia pc suite 7\pcsync2.exe
PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Nokia Launch Application
Nokia
7.00.0041.0014
c:\program files\nokia\nokia pc suite 7\pcsuite.exe
.
.
----------- End Report ---------------
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:28:49 ص, on 28/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PV92Tray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.awalnet.net.sa:8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب الدعايات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7880 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 876
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 29/11/1429 08:35:46 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 44 K
Mem Usage Peak : 464 K
Page Faults : 219
Pagefile Usage : 164 K
Pagefile Peak Usage : 1672 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1004
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 29/11/1429 08:35:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1912 K
Mem Usage Peak : 3504 K
Page Faults : 64495
Pagefile Usage : 2176 K
Pagefile Peak Usage : 2176 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1028
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:50 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 892 K
Mem Usage Peak : 13364 K
Page Faults : 13597
Pagefile Usage : 11316 K
Pagefile Peak Usage : 13444 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1084
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 17/06/1425 06:56:56 م
File Modified Date : 17/06/1425 06:56:56 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 908 K
Mem Usage Peak : 4752 K
Page Faults : 6542
Pagefile Usage : 2456 K
Pagefile Peak Usage : 3212 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1096
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 17/06/1425 06:56:52 م
File Modified Date : 17/06/1425 06:56:52 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1364 K
Mem Usage Peak : 6136 K
Page Faults : 76381
Pagefile Usage : 8268 K
Pagefile Peak Usage : 8392 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1260
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1116 K
Mem Usage Peak : 5336 K
Page Faults : 7961
Pagefile Usage : 6780 K
Pagefile Peak Usage : 27084 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1320
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:53 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1464 K
Mem Usage Peak : 4696 K
Page Faults : 6702
Pagefile Usage : 5632 K
Pagefile Peak Usage : 5644 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1516
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:53 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5968 K
Mem Usage Peak : 18204 K
Page Faults : 46702
Pagefile Usage : 21780 K
Pagefile Peak Usage : 23212 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1764
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:54 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 224 K
Mem Usage Peak : 4776 K
Page Faults : 7339
Pagefile Usage : 6788 K
Pagefile Peak Usage : 7068 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 216
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 68 K
Mem Usage Peak : 4088 K
Page Faults : 4530
Pagefile Usage : 6824 K
Pagefile Peak Usage : 7144 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 320
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.454
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 206,088
File Created Date : 26/07/1429 05:20:28 م
File Modified Date : 26/07/1429 05:20:28 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:35:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 25644 K
Mem Usage Peak : 100132 K
Page Faults : 4314731
Pagefile Usage : 54016 K
Pagefile Peak Usage : 168124 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 348
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 68 K
Mem Usage Peak : 3672 K
Page Faults : 1500
Pagefile Usage : 2888 K
Pagefile Peak Usage : 2936 K
File Attributes : A
==================================================
==================================================
Process Name : DevSvc.exe
ProcessID : 364
Priority : Normal
Product Name : Capture Device Service
Version : 1.0.0.1
Description : Capture Device Service
Company : InterVideo Inc.
Window Title :
File Size : 198,168
File Created Date : 17/02/1428 07:35:02 ص
File Modified Date : 17/02/1428 07:35:02 ص
Filename : C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 200 K
Mem Usage Peak : 5160 K
Page Faults : 1672
Pagefile Usage : 6104 K
Pagefile Peak Usage : 6168 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : المستندات
File Size : 1,032,192
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 3
Hidden Windows : 39
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 25660 K
Mem Usage Peak : 32956 K
Page Faults : 160600
Pagefile Usage : 67832 K
Pagefile Peak Usage : 71500 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 456
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 08:25:00 م
File Modified Date : 19/04/1424 08:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 376 K
Mem Usage Peak : 3056 K
Page Faults : 3411
Pagefile Usage : 3912 K
Pagefile Peak Usage : 3944 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 636
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 60 K
Mem Usage Peak : 4496 K
Page Faults : 4049
Pagefile Usage : 5916 K
Pagefile Peak Usage : 5976 K
File Attributes : A
==================================================
==================================================
Process Name : wdfmgr.exe
ProcessID : 668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.2.3790.1230 built by: DNSRV(bld4act)
Description : Windows User Mode Driver Manager
Company : Microsoft Corporation
Window Title :
File Size : 38,912
File Created Date : 24/06/1425 10:45:04 م
File Modified Date : 24/06/1425 10:45:04 م
Filename : C:\WINDOWS\system32\wdfmgr.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:35:58 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 48 K
Mem Usage Peak : 2216 K
Page Faults : 678
Pagefile Usage : 2160 K
Pagefile Peak Usage : 2192 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 1624
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.3889
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 155,648
File Created Date : 08/02/1428 05:58:37 م
File Modified Date : 28/01/1427 08:17:32 ص
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:05 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 124 K
Mem Usage Peak : 4312 K
Page Faults : 1697
Pagefile Usage : 1640 K
Pagefile Peak Usage : 2776 K
File Attributes : AR
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 1640
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 3.0.0.3889
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 118,784
File Created Date : 08/02/1428 05:58:37 م
File Modified Date : 28/01/1427 08:17:34 ص
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:06 م
Visible Windows : 0
Hidden Windows : 14
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 144 K
Mem Usage Peak : 4204 K
Page Faults : 1788
Pagefile Usage : 1736 K
Pagefile Peak Usage : 1780 K
File Attributes : AR
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 1776
Priority : Normal
Product Name : Java(TM) 2 Platform Standard Edition 5.0 Update 1
Version : 1.5.0.10
Description : Java(TM) 2 Platform Standard Edition binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 36,975
File Created Date : 17/07/1428 12:02:21 م
File Modified Date : 24/10/1425 06:31:50 م
Filename : C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 48 K
Mem Usage Peak : 2312 K
Page Faults : 661
Pagefile Usage : 692 K
Pagefile Peak Usage : 732 K
File Attributes : A
==================================================
==================================================
Process Name : qttask.exe
ProcessID : 1824
Priority : Normal
Product Name : QuickTime
Version : 7.0.2
Description : QuickTime Task
Company : Apple Computer, Inc.
Window Title :
File Size : 155,648
File Created Date : 17/07/1428 12:14:57 م
File Modified Date : 17/07/1428 12:14:58 م
Filename : C:\Program Files\QuickTime\qttask.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:08 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 116 K
Mem Usage Peak : 2644 K
Page Faults : 1253
Pagefile Usage : 860 K
Pagefile Peak Usage : 860 K
File Attributes : A
==================================================
==================================================
Process Name : pctspk.exe
ProcessID : 752
Priority : Normal
Product Name : pctvoice Application
Version : 1, 0, 0, 1
Description : pctvoice MFC Application
Company :
Window Title :
File Size : 176,128
File Created Date : 25/06/1425 04:42:16 ص
File Modified Date : 25/06/1425 04:42:16 ص
Filename : C:\WINDOWS\system32\pctspk.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 456 K
Mem Usage Peak : 3964 K
Page Faults : 1578
Pagefile Usage : 2304 K
Pagefile Peak Usage : 2676 K
File Attributes : A
==================================================
==================================================
Process Name : PV92Tray.exe
ProcessID : 780
Priority : Normal
Product Name : PTV92Tray Application
Version : 1, 0, 0, 1
Description : PTV92Tray Application
Company : PCtel Inc.
Window Title :
File Size : 128,000
File Created Date : 25/06/1425 04:42:16 ص
File Modified Date : 25/06/1425 04:42:16 ص
Filename : C:\WINDOWS\system32\PV92Tray.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 3
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 224 K
Mem Usage Peak : 2872 K
Page Faults : 1778
Pagefile Usage : 840 K
Pagefile Peak Usage : 840 K
File Attributes : A
==================================================
==================================================
Process Name : SOUNDMAN.EXE
ProcessID : 788
Priority : Normal
Product Name : Realtek Sound Manager
Version : 5, 1, 0, 59
Description : Realtek Sound Manager
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 577,536
File Created Date : 26/11/1428 09:30:08 م
File Modified Date : 29/03/1428 08:28:22 م
Filename : C:\WINDOWS\SOUNDMAN.EXE
Base Address : 0x00400000
Created On : 29/11/1429 08:36:12 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 132 K
Mem Usage Peak : 3140 K
Page Faults : 2192
Pagefile Usage : 2508 K
Pagefile Peak Usage : 2508 K
File Attributes : AR
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 812
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.45
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 08/02/1428 08:36:45 م
File Modified Date : 09/10/1429 02:56:28 ص
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:13 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 80 K
Mem Usage Peak : 3064 K
Page Faults : 15737
Pagefile Usage : 4268 K
Pagefile Peak Usage : 4292 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 520
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 17/06/1425 06:56:56 م
File Modified Date : 17/06/1425 06:56:56 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 3
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 164 K
Mem Usage Peak : 3956 K
Page Faults : 1529
Pagefile Usage : 5920 K
Pagefile Peak Usage : 5920 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 968
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.454
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 206,088
File Created Date : 26/07/1429 05:20:28 م
File Modified Date : 26/07/1429 05:20:28 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 8
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 6436 K
Mem Usage Peak : 7960 K
Page Faults : 13615
Pagefile Usage : 17564 K
Pagefile Peak Usage : 17732 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 616
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:14 م
Visible Windows : 0
Hidden Windows : 5
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 372 K
Mem Usage Peak : 3660 K
Page Faults : 2688
Pagefile Usage : 1528 K
Pagefile Peak Usage : 1532 K
File Attributes : A
==================================================
==================================================
Process Name : msmsgs.exe
ProcessID : 596
Priority : Normal
Product Name : Messenger
Version : 4.7.3000
Description : Windows Messenger
Company : Microsoft Corporation
Window Title :
File Size : 1,667,584
File Created Date : 08/02/1428 05:25:52 م
File Modified Date : 17/06/1425 10:06:34 م
Filename : C:\Program Files\Messenger\msmsgs.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:36:15 م
Visible Windows : 0
Hidden Windows : 7
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 308 K
Mem Usage Peak : 5432 K
Page Faults : 4276
Pagefile Usage : 6420 K
Pagefile Peak Usage : 7552 K
File Attributes :
==================================================
==================================================
Process Name : PCSync2.exe
ProcessID : 1220
Priority : Normal
Product Name : PC Sync
Version : 2.00 (658)
Description : PC Sync
Company : Time Information Services Ltd.
Window Title :
File Size : 1,249,280
File Created Date : 13/06/1429 01:00:34 م
File Modified Date : 13/06/1429 01:00:34 م
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:17 م
Visible Windows : 0
Hidden Windows : 10
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 772 K
Mem Usage Peak : 13296 K
Page Faults : 14795
Pagefile Usage : 13684 K
Pagefile Peak Usage : 14504 K
File Attributes : A
==================================================
==================================================
Process Name : PCSuite.exe
ProcessID : 1428
Priority : Normal
Product Name : PC Suite
Version : 7, 0, 41, 14
Description : Nokia Launch Application
Company : Nokia
Window Title :
File Size : 1,124,352
File Created Date : 02/10/1429 04:00:38 ص
File Modified Date : 02/10/1429 04:00:38 ص
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:36:18 م
Visible Windows : 0
Hidden Windows : 6
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 992 K
Mem Usage Peak : 27452 K
Page Faults : 15489
Pagefile Usage : 27248 K
Pagefile Peak Usage : 27420 K
File Attributes : A
==================================================
==================================================
Process Name : MPAPI3s.exe
ProcessID : 4012
Priority : Normal
Product Name : Nokia Connectivity Library
Version : 7.0.162.0
Description : Mobile Phone API
Company : Nokia Corporation
Window Title :
File Size : 474,624
File Created Date : 17/05/1429 12:05:06 م
File Modified Date : 17/05/1429 12:05:06 م
Filename : C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:31 م
Visible Windows : 0
Hidden Windows : 2
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 144 K
Mem Usage Peak : 5644 K
Page Faults : 2101
Pagefile Usage : 5908 K
Pagefile Peak Usage : 6908 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 4044
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 17/06/1425 06:56:48 م
File Modified Date : 17/06/1425 06:56:48 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:37:32 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 64 K
Mem Usage Peak : 3504 K
Page Faults : 1054
Pagefile Usage : 4140 K
Pagefile Peak Usage : 4152 K
File Attributes : A
==================================================
==================================================
Process Name : ServiceLayer.exe
ProcessID : 832
Priority : Normal
Product Name : PC Connectivity Solution
Version : 7, 0, 13, 0
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 575,488
File Created Date : 05/08/1429 08:17:30 ص
File Modified Date : 05/08/1429 08:17:30 ص
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:34 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 680 K
Mem Usage Peak : 5232 K
Page Faults : 2503
Pagefile Usage : 5268 K
Pagefile Peak Usage : 5284 K
File Attributes : A
==================================================
==================================================
Process Name : NclUSBSrv.exe
ProcessID : 1492
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 5, 0
Description : NclUSBSrv Application
Company :
Window Title :
File Size : 130,560
File Created Date : 03/08/1429 11:11:04 ص
File Modified Date : 03/08/1429 11:11:04 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:40 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 408 K
Mem Usage Peak : 2868 K
Page Faults : 9483
Pagefile Usage : 2304 K
Pagefile Peak Usage : 2304 K
File Attributes : A
==================================================
==================================================
Process Name : NclRSSrv.exe
ProcessID : 1960
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 1, 0
Description : NclRSSrv Application
Company :
Window Title :
File Size : 120,320
File Created Date : 03/08/1429 11:10:58 ص
File Modified Date : 03/08/1429 11:10:58 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Base Address : 0x00400000
Created On : 29/11/1429 08:37:41 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 408 K
Mem Usage Peak : 2356 K
Page Faults : 1024
Pagefile Usage : 836 K
Pagefile Peak Usage : 836 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 3124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 06:56:58 م
File Modified Date : 17/06/1425 06:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 29/11/1429 08:37:54 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 140 K
Mem Usage Peak : 3848 K
Page Faults : 1945
Pagefile Usage : 4704 K
Pagefile Peak Usage : 4728 K
File Attributes : A
==================================================
==================================================
Process Name : RealPlay.exe
ProcessID : 3156
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 11.0.0.431
Description : RealPlayer
Company : RealNetworks, Inc.
Window Title : RealPlayer: GetAttachment.aspx?file=d7a662f3-331d-4add-a9ad-d2d2892c5226.mp3&ct=YXVkaW8vbXAz&name=2LLZgdipINin2YTZgtin2LMuLi5tcDM_3d&inline=0&rfc=0&empty=False&imgsrc=&hm__login=noof8540&hm__domain=hotmail.com&ip=10.4.1
File Size : 214,560
File Created Date : 08/02/1428 08:36:46 م
File Modified Date : 09/10/1429 02:56:46 ص
Filename : C:\Program Files\Real\RealPlayer\RealPlay.exe
Base Address : 0x00400000
Created On : 29/11/1429 11:46:37 م
Visible Windows : 1
Hidden Windows : 14
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 376 K
Mem Usage Peak : 32312 K
Page Faults : 205998
Pagefile Usage : 27772 K
Pagefile Peak Usage : 42388 K
File Attributes : A
==================================================
==================================================
Process Name : msnmsgr.exe
ProcessID : 2492
Priority : Normal
Product Name : Windows Live Messenger
Version : 14.0.5027.0908
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 3,513,344
File Created Date : 08/09/1429 09:04:06 م
File Modified Date : 08/09/1429 09:04:06 م
Filename : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Base Address : 0x00400000
Created On : 30/11/1429 03:01:58 ص
Visible Windows : 1
Hidden Windows : 39
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 5796 K
Mem Usage Peak : 69380 K
Page Faults : 82705
Pagefile Usage : 48632 K
Pagefile Peak Usage : 78684 K
File Attributes : A
==================================================
==================================================
Process Name : wlcomm.exe
ProcessID : 2940
Priority : Normal
Product Name : Messenger
Version : 14.0.5027.0908
Description : Windows Live Communications Platform
Company : Microsoft Corporation
Window Title :
File Size : 30,752
File Created Date : 08/09/1429 08:47:00 م
File Modified Date : 08/09/1429 08:47:00 م
Filename : C:\Program Files\Windows Live\Contacts\wlcomm.exe
Base Address : 0x00400000
Created On : 30/11/1429 03:02:08 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 856 K
Mem Usage Peak : 23928 K
Page Faults : 22907
Pagefile Usage : 21956 K
Pagefile Peak Usage : 27148 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 3060
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : Travian ae22 - Windows Internet Explorer
File Size : 622,080
File Created Date : 08/02/1428 05:26:36 م
File Modified Date : 30/07/1428 03:43:56 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 30/11/1429 05:35:25 ص
Visible Windows : 1
Hidden Windows : 41
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 35644 K
Mem Usage Peak : 68100 K
Page Faults : 168863
Pagefile Usage : 72272 K
Pagefile Peak Usage : 78644 K
File Attributes : A
==================================================
==================================================
Process Name : WLLoginProxy.exe
ProcessID : 2908
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 5.000.744.4
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 120,384
File Created Date : 15/02/1429 12:30:38 م
File Modified Date : 15/02/1429 12:30:38 م
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 30/11/1429 05:35:35 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 100 K
Mem Usage Peak : 10028 K
Page Faults : 3249
Pagefile Usage : 9672 K
Pagefile Peak Usage : 10804 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2652
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.5730.13 (longhorn(wmbla).070711-1130)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : Google - Windows Internet Explorer
File Size : 622,080
File Created Date : 08/02/1428 05:26:36 م
File Modified Date : 30/07/1428 03:43:56 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 30/11/1429 07:17:33 ص
Visible Windows : 1
Hidden Windows : 26
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 4264 K
Mem Usage Peak : 43136 K
Page Faults : 23817
Pagefile Usage : 39184 K
Pagefile Peak Usage : 41404 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2820
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 30/11/1429 05:28:26 ص
File Modified Date : 23/01/1429 10:24:26 م
Filename : C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 30/11/1429 08:28:26 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 1424 K
Mem Usage Peak : 2272 K
Page Faults : 661
Pagefile Usage : 928 K
Pagefile Peak Usage : 932 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2512
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 17/06/1425 06:56:50 م
File Modified Date : 17/06/1425 06:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 30/11/1429 08:28:27 ص
Visible Windows : 0
Hidden Windows : 1
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 2660 K
Mem Usage Peak : 3444 K
Page Faults : 942
Pagefile Usage : 2624 K
Pagefile Peak Usage : 2700 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 08/02/1428 05:25:10 م
File Modified Date : 17/06/1425 09:56:58 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 30/11/1429 08:28:34 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 6008 K
Mem Usage Peak : 6008 K
Page Faults : 1536
Pagefile Usage : 6660 K
Pagefile Peak Usage : 6660 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3488
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 30/11/1429 05:28:25 ص
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\KHALAYA\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 30/11/1429 08:28:49 ص
Visible Windows : 0
Hidden Windows : 0
User Name : KHALAYA-5334AA2\KHALAYA
Mem Usage : 2396 K
Mem Usage Peak : 2456 K
Page Faults : 1064
Pagefile Usage : 1028 K
Pagefile Peak Usage : 1696 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.2180
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SMSERIAL
sm56hlpr.exe
Motorola SM56 Win32 Utility
Motorola Inc.
6.09.0007.0000
c:\windows\sm56hlpr.exe
igfxtray
C:\WINDOWS\system32\igfxtray.exe
igfxTray Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\igfxtray.exe
igfxhkcmd
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\hkcmd.exe
igfxpers
C:\WINDOWS\system32\igfxpers.exe
persistence Module
Intel Corporation
3.00.0000.4436
c:\windows\system32\igfxpers.exe
Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
8.00.0000.0000
c:\program files\adobe\reader 8.0\reader\reader_sl.exe
SunJavaUpdateSched
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Java(TM) 2 Platform Standard Edition binary
Sun Microsystems, Inc.
1.05.0000.0010
c:\program files\java\jre1.5.0_01\bin\jusched.exe
NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
NeroCheck
Nero AG
1.00.0000.0005
c:\program files\common files\ahead\lib\nerocheck.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Computer, Inc.
7.00.0002.0120
c:\program files\quicktime\qttask.exe
EnvyHFCPL
C:\Program Files\Audio Deck\EnMixCPL.exe
VIA Envy24 Family Audio Control Panel
VIA Technologies, Inc
5.12.0001.3620
c:\program files\audio deck\enmixcpl.exe
RTHDCPL
RTHDCPL.EXE
Realtek HD Audio Control Panel
Realtek Semiconductor Corp.
2.01.0004.0002
c:\windows\rthdcpl.exe
SkyTel
SkyTel.EXE
Realtek Voice Manager
Realtek Semiconductor Corp.
2.00.0001.0019
c:\windows\skytel.exe
Alcmtr
ALCMTR.EXE
Realtek Azalia Audio - Event Monitor
Realtek Semiconductor Corp.
1.06.0000.0002
c:\windows\alcmtr.exe
PCTVOICE
pctspk.exe
pctvoice MFC Application
1.00.0000.0001
c:\windows\system32\pctspk.exe
PV92TRAY
PV92Tray.exe
PTV92Tray Application
PCtel Inc.
1.00.0000.0001
c:\windows\system32\pv92tray.exe
SoundMan
SOUNDMAN.EXE
Realtek Sound Manager
Realtek Semiconductor Corp.
5.01.0000.0059
c:\windows\soundman.exe
HotKeysCmds
C:\WINDOWS\system32\hkcmd.exe
hkcmd Module
Intel Corporation
3.00.0000.3889
c:\windows\system32\hkcmd.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0045
c:\program files\common files\real\update_ob\realsched.exe
SeePassword
C:\Program Files\SeePassword\SeePassword.exe
File not found: C:\Program Files\SeePassword\SeePassword.exe
BluetoothAuthenticationAgent
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Bluetooth Control Panel Applet
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\bthprops.cpl
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
8.00.0000.0454
c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background
Windows Messenger
Microsoft Corporation
4.07.0000.3000
c:\program files\messenger\msmsgs.exe
Uniblue RegistryBooster 2009
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
File not found: C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
Nokia.PCSync
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
PC Sync
Time Information Services Ltd.
2.00.0000.0658
c:\program files\nokia\nokia pc suite 7\pcsync2.exe
PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Nokia Launch Application
Nokia
7.00.0041.0014
c:\program files\nokia\nokia pc suite 7\pcsuite.exe
.
.
----------- End Report ---------------
تأييد
0
MAAX
عضوشرف
غير متصل
تقاريرك كلها سليمة
اعمل التالي
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
اعمل التالي
1) من ابدأ start
2) تشغيل RUN
3) اكتب MSCONFIG
4) موافق Ok
5) من الاعلى بدءالتشغيل STARTUP
وشيل اشارة الصح من جنب كل البرامج اللي ما تحتاجها مثل مشغلات الصوت والفيديو والمسنجر
واضغط موافق
واضغط موافق
ونظف الجهاز بهذه الاداة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
التوافق : ويندوز اكسبيفقط
شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
يغلق لعدم المتابعة
التعديل الأخير بواسطة المشرف:
تأييد
0
- الحالة