هل هذه الارقام طبيعيه

Y

yahyaalsaeed

زيزوومى مميز
إنضم
3 سبتمبر 2007
المشاركات
541
مستوى التفاعل
3
النقاط
520
الإقامة
السعوديه
غير متصل
السلام عليكم ورحمة الله

احبتي اريد تعليقكم على هذه الصوره هل هذه الارقام طبيعيه

zyzoom-d34d549601.JPG


مع ملاحظه بط في الجهاز على غير العاده

مشكورين مقدما
 

توقيع : yahyaalsaeed
ترتيب حسب التاريخ ترتيب حسب الأصوات
الله يحييك اخوي
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
تأييد 0
بارك الله فيك اخي MAAX اتفظل هذا التقرير

Logfile of HijackThis v1.99.1
Scan saved at 08:34:47 ص, on 27/12/08
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\windows sidebar\sidebar.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Opera\opera.exe
C:\Users\Abt computer\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Arrakis3 - Adaptec, Inc. - (no file)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
 
توقيع : yahyaalsaeed
تأييد 0
حمل الاداة التالية


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



شغلها بدبل كلك ،، ثواني يظهر المفكرة وفيها تقرير ،، اعمل تحديد الكل وانسخه والصقه بمشاركتك القادمة
 
تأييد 0
بارك الله فيك اخي الغالي على متابعتك واعتذر عن تاخري بالرد لاتقطاع النت

.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:00 م, on 27/12/08
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Your Uninstaller 2008\uruninstaller.exe
C:\Program Files\Your Uninstaller 2008\uruninstaller.exe
C:\Users\ABTCOM~1\AppData\Local\Temp\bntoz\runn.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Users\ABTCOM~1\AppData\Local\Temp\bntoz\HijackThis.exe
C:\Windows\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - (no file)
O23 - Service: Arrakis3 - Adaptec, Inc. - (no file)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 3991 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 428
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : Windows Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 64,000
File Created Date : 15/08/29 11:02:01 م
File Modified Date : 10/01/29 07:33:31 ص
Filename : C:\Windows\System32\smss.exe
Base Address : 0x47B50000
Created On : 29/12/29 11:00:03 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 564 K
Mem Usage Peak : 676 K
Page Faults : 251
Pagefile Usage : 252 K
Pagefile Peak Usage : 288 K
File Attributes : A
==================================================

==================================================
Process Name : csrss.exe
ProcessID : 496
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 15/08/29 11:00:05 م
File Modified Date : 10/01/29 07:33:05 ص
Filename : C:\Windows\system32\csrss.exe
Base Address : 0x4A240000
Created On : 29/12/29 11:00:06 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4296 K
Mem Usage Peak : 5156 K
Page Faults : 3698
Pagefile Usage : 1436 K
Pagefile Peak Usage : 1436 K
File Attributes : A
==================================================

==================================================
Process Name : csrss.exe
ProcessID : 540
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 15/08/29 11:00:05 م
File Modified Date : 10/01/29 07:33:05 ص
Filename : C:\Windows\system32\csrss.exe
Base Address : 0x4A240000
Created On : 29/12/29 11:00:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 8776 K
Mem Usage Peak : 10056 K
Page Faults : 11375
Pagefile Usage : 8604 K
Pagefile Peak Usage : 8608 K
File Attributes : A
==================================================

==================================================
Process Name : wininit.exe
ProcessID : 548
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : تطبيق بدء تشغيل Windows
Company : Microsoft Corporation
Window Title :
File Size : 96,768
File Created Date : 15/08/29 11:02:23 م
File Modified Date : 10/01/29 07:33:37 ص
Filename : C:\Windows\system32\wininit.exe
Base Address : 0x00CB0000
Created On : 29/12/29 11:00:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3232 K
Mem Usage Peak : 4012 K
Page Faults : 1568
Pagefile Usage : 1108 K
Pagefile Peak Usage : 1216 K
File Attributes : A
==================================================

==================================================
Process Name : winlogon.exe
ProcessID : 576
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : تطبيق تسجيل دخول Windows
Company : Microsoft Corporation
Window Title :
File Size : 314,880
File Created Date : 15/08/29 11:02:47 م
File Modified Date : 10/01/29 07:33:37 ص
Filename : C:\Windows\system32\winlogon.exe
Base Address : 0x007A0000
Created On : 29/12/29 11:00:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4124 K
Mem Usage Peak : 6500 K
Page Faults : 2599
Pagefile Usage : 1812 K
Pagefile Peak Usage : 2844 K
File Attributes : A
==================================================

==================================================
Process Name : services.exe
ProcessID : 628
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : تطبيق الخدمات ووحدات التحكم
Company : Microsoft Corporation
Window Title :
File Size : 279,040
File Created Date : 15/08/29 11:02:38 م
File Modified Date : 10/01/29 07:33:28 ص
Filename : C:\Windows\system32\services.exe
Base Address : 0x00150000
Created On : 29/12/29 11:00:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5744 K
Mem Usage Peak : 6420 K
Page Faults : 5582
Pagefile Usage : 2140 K
Pagefile Peak Usage : 3244 K
File Attributes : A
==================================================

==================================================
Process Name : lsass.exe
ProcessID : 644
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Local Security Authority Process
Company : Microsoft Corporation
Window Title :
File Size : 9,728
File Created Date : 15/08/29 11:01:31 م
File Modified Date : 10/01/29 07:33:14 ص
Filename : C:\Windows\system32\lsass.exe
Base Address : 0x00260000
Created On : 29/12/29 11:00:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1804 K
Mem Usage Peak : 8272 K
Page Faults : 2997
Pagefile Usage : 2980 K
Pagefile Peak Usage : 3296 K
File Attributes : A
==================================================

==================================================
Process Name : lsm.exe
ProcessID : 652
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : خدمة إدارة جلسات العمل المحلية
Company : Microsoft Corporation
Window Title :
File Size : 229,888
File Created Date : 15/08/29 11:03:22 م
File Modified Date : 10/01/29 07:33:14 ص
Filename : C:\Windows\system32\lsm.exe
Base Address : 0x00280000
Created On : 29/12/29 11:00:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3244 K
Mem Usage Peak : 3652 K
Page Faults : 1076
Pagefile Usage : 1616 K
Pagefile Peak Usage : 1660 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 808
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:10 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5404 K
Mem Usage Peak : 5880 K
Page Faults : 118461
Pagefile Usage : 2656 K
Pagefile Peak Usage : 2720 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 868
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 5020 K
Mem Usage Peak : 5568 K
Page Faults : 1799
Pagefile Usage : 2800 K
Pagefile Peak Usage : 2836 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 904
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 19056 K
Mem Usage Peak : 65196 K
Page Faults : 35523
Pagefile Usage : 51000 K
Pagefile Peak Usage : 68748 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 972
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\LOCAL SERVICE
Mem Usage : 10468 K
Mem Usage Peak : 10912 K
Page Faults : 4320
Pagefile Usage : 15460 K
Pagefile Peak Usage : 16364 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1028
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:12 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 39884 K
Mem Usage Peak : 54976 K
Page Faults : 26228
Pagefile Usage : 38480 K
Pagefile Peak Usage : 51520 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1044
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:12 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 75912 K
Mem Usage Peak : 146792 K
Page Faults : 334315
Pagefile Usage : 76436 K
Pagefile Peak Usage : 113148 K
File Attributes : A
==================================================

==================================================
Process Name : AUDIODG.EXE
ProcessID : 1160
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Windows Audio Device Graph Isolation
Company : Microsoft Corporation
Window Title :
File Size : 88,064
File Created Date : 15/08/29 11:01:55 م
File Modified Date : 10/01/29 07:33:01 ص
Filename : C:\Windows\system32\AUDIODG.EXE
Base Address : 0x00F60000
Created On : 29/12/29 11:00:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\LOCAL SERVICE
Mem Usage : 9320 K
Mem Usage Peak : 15168 K
Page Faults : 5543
Pagefile Usage : 11020 K
Pagefile Peak Usage : 12656 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1184
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3844 K
Mem Usage Peak : 4492 K
Page Faults : 1221
Pagefile Usage : 1688 K
Pagefile Peak Usage : 1720 K
File Attributes : A
==================================================

==================================================
Process Name : SLsvc.exe
ProcessID : 1200
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : خدمة ترخيص البرامج لـ Microsoft
Company : Microsoft Corporation
Window Title :
File Size : 2,623,488
File Created Date : 15/08/29 11:04:15 م
File Modified Date : 10/01/29 07:33:22 ص
Filename : C:\Windows\system32\SLsvc.exe
Base Address : 0x00A90000
Created On : 29/12/29 11:00:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 4036 K
Mem Usage Peak : 11856 K
Page Faults : 7724
Pagefile Usage : 5380 K
Pagefile Peak Usage : 9184 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1236
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\LOCAL SERVICE
Mem Usage : 8960 K
Mem Usage Peak : 11972 K
Page Faults : 3544
Pagefile Usage : 6840 K
Pagefile Peak Usage : 7020 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1408
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 17160 K
Mem Usage Peak : 29204 K
Page Faults : 40214
Pagefile Usage : 18268 K
Pagefile Peak Usage : 31240 K
File Attributes : A
==================================================

==================================================
Process Name : spoolsv.exe
ProcessID : 1592
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : تطبيق النظام الفرعي للمخزن المؤقت
Company : Microsoft Corporation
Window Title :
File Size : 125,952
File Created Date : 15/08/29 11:01:55 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\spoolsv.exe
Base Address : 0x00DF0000
Created On : 29/12/29 11:00:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7380 K
Mem Usage Peak : 9772 K
Page Faults : 3661
Pagefile Usage : 5156 K
Pagefile Peak Usage : 5376 K
File Attributes : A
==================================================

==================================================
Process Name : taskeng.exe
ProcessID : 1604
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : مشغل خدمة جدولة المهام
Company : Microsoft Corporation
Window Title :
File Size : 169,472
File Created Date : 15/08/29 11:02:37 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\taskeng.exe
Base Address : 0x00DE0000
Created On : 29/12/29 11:00:17 م
Visible Windows : 0
Hidden Windows : 8
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 7976 K
Mem Usage Peak : 8964 K
Page Faults : 3579
Pagefile Usage : 8392 K
Pagefile Peak Usage : 8416 K
File Attributes : A
==================================================

==================================================
Process Name : Dwm.exe
ProcessID : 1636
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Desktop Window Manager
Company : Microsoft Corporation
Window Title :
File Size : 81,920
File Created Date : 15/08/29 11:02:23 م
File Modified Date : 10/01/29 07:33:08 ص
Filename : C:\Windows\system32\Dwm.exe
Base Address : 0x00EF0000
Created On : 29/12/29 11:00:17 م
Visible Windows : 0
Hidden Windows : 1
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 22264 K
Mem Usage Peak : 41108 K
Page Faults : 34858
Pagefile Usage : 44412 K
Pagefile Peak Usage : 44420 K
File Attributes : A
==================================================

==================================================
Process Name : Explorer.EXE
ProcessID : 1668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : مستكشف Windows
Company : Microsoft Corporation
Window Title : ابدأ
File Size : 2,927,104
File Created Date : 11/12/29 09:12:50 م
File Modified Date : 29/10/29 06:29:41 ص
Filename : C:\Windows\Explorer.EXE
Base Address : 0x00240000
Created On : 29/12/29 11:00:17 م
Visible Windows : 3
Hidden Windows : 56
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 28988 K
Mem Usage Peak : 38852 K
Page Faults : 37370
Pagefile Usage : 29876 K
Pagefile Peak Usage : 38424 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1692
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:17 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\LOCAL SERVICE
Mem Usage : 7784 K
Mem Usage Peak : 33668 K
Page Faults : 15326
Pagefile Usage : 10316 K
Pagefile Peak Usage : 35252 K
File Attributes : A
==================================================

==================================================
Process Name : egui.exe
ProcessID : 332
Priority : Normal
Product Name : ESET Smart Security
Version : 4.0.68 BETA
Description : ESET GUI
Company : ESET
Window Title :
File Size : 1,980,200
File Created Date : 12/11/29 11:34:18 ص
File Modified Date : 12/11/29 11:34:18 ص
Filename : C:\Program Files\ESET\ESET Smart Security\egui.exe
Base Address : 0x00400000
Created On : 29/12/29 11:00:26 م
Visible Windows : 0
Hidden Windows : 1
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 7132 K
Mem Usage Peak : 11516 K
Page Faults : 3426
Pagefile Usage : 3356 K
Pagefile Peak Usage : 3512 K
File Attributes : A
==================================================

==================================================
Process Name : SUPERAntiSpyware.exe
ProcessID : 444
Priority : Normal
Product Name : SUPERAntiSpyware
Version : 4, 23, 0, 1006
Description : SUPERAntiSpyware Application
Company : SUPERAntiSpyware.com
Window Title :
File Size : 1,809,648
File Created Date : 06/12/29 10:50:00 ص
File Modified Date : 25/12/29 05:19:09 ص
Filename : C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Base Address : 0x00400000
Created On : 29/12/29 11:00:27 م
Visible Windows : 0
Hidden Windows : 6
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 412 K
Mem Usage Peak : 74560 K
Page Faults : 313586
Pagefile Usage : 85112 K
Pagefile Peak Usage : 122880 K
File Attributes : A
==================================================

==================================================
Process Name : ekrn.exe
ProcessID : 412
Priority : Normal
Product Name : ESET Smart Security
Version : 4.0.68 BETA
Description : ESET Service
Company : ESET
Window Title :
File Size : 711,240
File Created Date : 12/11/29 11:34:26 ص
File Modified Date : 12/11/29 11:34:26 ص
Filename : C:\Program Files\ESET\ESET Smart Security\ekrn.exe
Base Address : 0x00400000
Created On : 29/12/29 11:00:29 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 46064 K
Mem Usage Peak : 93428 K
Page Faults : 517224
Pagefile Usage : 42756 K
Pagefile Peak Usage : 92660 K
File Attributes : A
==================================================

==================================================
Process Name : openvpnas.exe
ProcessID : 1660
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 50,176
File Created Date : 22/05/28 09:01:38 ص
File Modified Date : 22/05/28 09:01:38 ص
Filename : C:\Program Files\Hotspot Shield\bin\openvpnas.exe
Base Address : 0x00400000
Created On : 29/12/29 11:00:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2424 K
Mem Usage Peak : 2828 K
Page Faults : 869
Pagefile Usage : 700 K
Pagefile Peak Usage : 704 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1496
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 3756 K
Mem Usage Peak : 4632 K
Page Faults : 1320
Pagefile Usage : 1604 K
Pagefile Peak Usage : 1632 K
File Attributes : A
==================================================

==================================================
Process Name : ScsiAccess.exe
ProcessID : 1900
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 181,312
File Created Date : 13/08/29 09:04:55 م
File Modified Date : 13/08/29 09:04:55 م
Filename : C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
Base Address : 0x00400000
Created On : 29/12/29 11:00:31 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1292 K
Mem Usage Peak : 1592 K
Page Faults : 397
Pagefile Usage : 392 K
Pagefile Peak Usage : 392 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 272
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:32 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\LOCAL SERVICE
Mem Usage : 4832 K
Mem Usage Peak : 6020 K
Page Faults : 1670
Pagefile Usage : 3164 K
Pagefile Peak Usage : 3220 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1084
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:00:32 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1852 K
Mem Usage Peak : 2076 K
Page Faults : 549
Pagefile Usage : 480 K
Pagefile Peak Usage : 508 K
File Attributes : A
==================================================

==================================================
Process Name : SearchIndexer.exe
ProcessID : 1076
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 7.0.6001.16503 (longhorn(wmbla).080526-2159)
Description : مفهرس Microsoft Windows Search
Company : Microsoft Corporation
Window Title :
File Size : 439,808
File Created Date : 16/08/29 03:59:26 ص
File Modified Date : 22/05/29 05:18:43 ص
Filename : C:\Windows\system32\SearchIndexer.exe
Base Address : 0x00420000
Created On : 29/12/29 11:00:33 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7396 K
Mem Usage Peak : 11828 K
Page Faults : 6469
Pagefile Usage : 25576 K
Pagefile Peak Usage : 26016 K
File Attributes : A
==================================================

==================================================
Process Name : wmpnscfg.exe
ProcessID : 2560
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.6000.6324 (vista_rtm.061101-2205)
Description : ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 202,240
File Created Date : 15/08/29 11:01:53 م
File Modified Date : 10/01/29 07:33:39 ص
Filename : C:\Program Files\Windows Media Player\wmpnscfg.exe
Base Address : 0x00920000
Created On : 29/12/29 11:00:46 م
Visible Windows : 0
Hidden Windows : 4
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 4412 K
Mem Usage Peak : 5040 K
Page Faults : 1389
Pagefile Usage : 1524 K
Pagefile Peak Usage : 1588 K
File Attributes : A
==================================================

==================================================
Process Name : wmpnetwk.exe
ProcessID : 2600
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.6000.6324 (vista_rtm.061101-2205)
Description : خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 896,512
File Created Date : 15/08/29 11:02:39 م
File Modified Date : 10/01/29 07:33:39 ص
Filename : C:\Program Files\Windows Media Player\wmpnetwk.exe
Base Address : 0x00350000
Created On : 29/12/29 11:00:46 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 7060 K
Mem Usage Peak : 10832 K
Page Faults : 3239
Pagefile Usage : 5636 K
Pagefile Peak Usage : 5772 K
File Attributes : A
==================================================

==================================================
Process Name : unsecapp.exe
ProcessID : 2716
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : Sink to receive asynchronous callbacks for WMI client application
Company : Microsoft Corporation
Window Title :
File Size : 37,888
File Created Date : 15/08/29 11:00:58 م
File Modified Date : 10/01/29 07:33:33 ص
Filename : C:\Windows\system32\wbem\unsecapp.exe
Base Address : 0x009D0000
Created On : 29/12/29 11:00:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 4076 K
Mem Usage Peak : 4340 K
Page Faults : 1362
Pagefile Usage : 2108 K
Pagefile Peak Usage : 2148 K
File Attributes : A
==================================================

==================================================
Process Name : wmiprvse.exe
ProcessID : 2772
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : WMI Provider Host
Company : Microsoft Corporation
Window Title :
File Size : 245,248
File Created Date : 15/08/29 11:02:41 م
File Modified Date : 10/01/29 07:33:39 ص
Filename : C:\Windows\system32\wbem\wmiprvse.exe
Base Address : 0x00070000
Created On : 29/12/29 11:00:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5252 K
Mem Usage Peak : 5548 K
Page Faults : 1926
Pagefile Usage : 3040 K
Pagefile Peak Usage : 3648 K
File Attributes : A
==================================================

==================================================
Process Name : opera.exe
ProcessID : 3232
Priority : Normal
Product Name : Opera Internet Browser
Version : 10476
Description : Opera Internet Browser
Company : Opera Software
Window Title : Transfers - Opera
File Size : 98,816
File Created Date : 12/12/29 07:32:46 م
File Modified Date : 12/12/29 07:32:46 م
Filename : C:\Program Files\Opera\opera.exe
Base Address : 0x00400000
Created On : 29/12/29 11:01:18 م
Visible Windows : 1
Hidden Windows : 9
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 72112 K
Mem Usage Peak : 77356 K
Page Faults : 81232
Pagefile Usage : 69260 K
Pagefile Peak Usage : 72112 K
File Attributes : A
==================================================

==================================================
Process Name : taskeng.exe
ProcessID : 3320
Priority : Below Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : مشغل خدمة جدولة المهام
Company : Microsoft Corporation
Window Title :
File Size : 169,472
File Created Date : 15/08/29 11:02:37 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\taskeng.exe
Base Address : 0x00DE0000
Created On : 29/12/29 11:01:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5124 K
Mem Usage Peak : 5160 K
Page Faults : 1377
Pagefile Usage : 1632 K
Pagefile Peak Usage : 1700 K
File Attributes : A
==================================================

==================================================
Process Name : DllHost.exe
ProcessID : 3524
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : COM Surrogate
Company : Microsoft Corporation
Window Title :
File Size : 7,168
File Created Date : 11/10/27 08:50:22 ص
File Modified Date : 11/10/27 09:45:02 ص
Filename : C:\Windows\system32\DllHost.exe
Base Address : 0x00390000
Created On : 29/12/29 11:01:45 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4624 K
Mem Usage Peak : 4760 K
Page Faults : 1463
Pagefile Usage : 2328 K
Pagefile Peak Usage : 2424 K
File Attributes : A
==================================================

==================================================
Process Name : ServiceLayer.exe
ProcessID : 3672
Priority : Normal
Product Name : PC Connectivity Solution
Version : 7, 0, 110, 0
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 620,544
File Created Date : 13/11/29 06:38:06 ص
File Modified Date : 13/11/29 06:38:06 ص
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 29/12/29 11:01:58 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5408 K
Mem Usage Peak : 5424 K
Page Faults : 1606
Pagefile Usage : 1600 K
Pagefile Peak Usage : 1636 K
File Attributes : A
==================================================

==================================================
Process Name : NclUSBSrv.exe
ProcessID : 3724
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 11, 0
Description : NclUSBSrv Application
Company :
Window Title :
File Size : 130,560
File Created Date : 19/09/29 05:52:04 ص
File Modified Date : 19/09/29 05:52:04 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Base Address : 0x00400000
Created On : 29/12/29 11:01:59 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3160 K
Mem Usage Peak : 3188 K
Page Faults : 1003
Pagefile Usage : 1896 K
Pagefile Peak Usage : 1896 K
File Attributes : A
==================================================

==================================================
Process Name : NclRSSrv.exe
ProcessID : 3744
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 6, 0
Description : NclRSSrv Application
Company :
Window Title :
File Size : 119,808
File Created Date : 29/05/29 05:02:34 ص
File Modified Date : 29/05/29 05:02:34 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Base Address : 0x00400000
Created On : 29/12/29 11:02:00 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2468 K
Mem Usage Peak : 2468 K
Page Faults : 620
Pagefile Usage : 760 K
Pagefile Peak Usage : 764 K
File Attributes : A
==================================================

==================================================
Process Name : uruninstaller.exe
ProcessID : 2388
Priority : Normal
Product Name : Your Uninstaller! Vista
Version : 6.2.1342
Description : Your Uninstaller! - New way to uninstall programs completely and easily.
Company : URSoft,Inc
Window Title :
File Size : 3,339,488
File Created Date : 13/08/29 09:00:50 م
File Modified Date : 16/12/29 11:20:08 ص
Filename : C:\Program Files\Your Uninstaller 2008\uruninstaller.exe
Base Address : 0x00400000
Created On : 29/12/29 11:03:14 م
Visible Windows : 0
Hidden Windows : 2
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 1700 K
Mem Usage Peak : 4480 K
Page Faults : 1647
Pagefile Usage : 3680 K
Pagefile Peak Usage : 5556 K
File Attributes : A
==================================================

==================================================
Process Name : uruninstaller.exe
ProcessID : 2824
Priority : Normal
Product Name : Your Uninstaller! Vista
Version : 6.2.1342
Description : Your Uninstaller! - New way to uninstall programs completely and easily.
Company : URSoft,Inc
Window Title : Your Uninstaller! 2008 PRO
File Size : 3,339,488
File Created Date : 13/08/29 09:00:50 م
File Modified Date : 16/12/29 11:20:08 ص
Filename : C:\Program Files\Your Uninstaller 2008\uruninstaller.exe
Base Address : 0x00400000
Created On : 29/12/29 11:03:16 م
Visible Windows : 2
Hidden Windows : 18
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 32124 K
Mem Usage Peak : 34928 K
Page Faults : 39582
Pagefile Usage : 27684 K
Pagefile Peak Usage : 29924 K
File Attributes : A
==================================================

==================================================
Process Name : TrustedInstaller.exe
ProcessID : 2576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : مثبت الوحدات النمطية لـ Windows
Company : Microsoft Corporation
Window Title :
File Size : 39,424
File Created Date : 15/08/29 11:02:28 م
File Modified Date : 10/01/29 07:33:33 ص
Filename : C:\Windows\servicing\TrustedInstaller.exe
Base Address : 0x005D0000
Created On : 29/12/29 11:03:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 8440 K
Mem Usage Peak : 22820 K
Page Faults : 25125
Pagefile Usage : 6032 K
Pagefile Peak Usage : 14120 K
File Attributes : A
==================================================

==================================================
Process Name : vssvc.exe
ProcessID : 3772
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : Microsoft® Volume Shadow Copy Service
Company : Microsoft Corporation
Window Title :
File Size : 1,054,720
File Created Date : 15/08/29 11:03:58 م
File Modified Date : 10/01/29 07:33:34 ص
Filename : C:\Windows\system32\vssvc.exe
Base Address : 0x00090000
Created On : 29/12/29 11:04:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 12444 K
Mem Usage Peak : 16712 K
Page Faults : 10684
Pagefile Usage : 7928 K
Pagefile Peak Usage : 10128 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 288
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : عملية مضيفة لخدمات Windows
Company : Microsoft Corporation
Window Title :
File Size : 21,504
File Created Date : 15/08/29 11:01:18 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\System32\svchost.exe
Base Address : 0x00D40000
Created On : 29/12/29 11:04:21 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6788 K
Mem Usage Peak : 6816 K
Page Faults : 1786
Pagefile Usage : 3500 K
Pagefile Peak Usage : 3556 K
File Attributes : A
==================================================

==================================================
Process Name : msiexec.exe
ProcessID : 2548
Priority : Normal
Product Name : Windows Installer - Unicode
Version : 4.0.6000.16386 (vista_rtm.061101-2205)
Description : Windows® installer
Company : Microsoft Corporation
Window Title :
File Size : 71,680
File Created Date : 15/08/29 11:00:47 م
File Modified Date : 10/01/29 07:33:16 ص
Filename : C:\Windows\system32\msiexec.exe
Base Address : 0x005E0000
Created On : 29/12/29 11:05:42 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 18188 K
Mem Usage Peak : 29248 K
Page Faults : 20740
Pagefile Usage : 10404 K
Pagefile Peak Usage : 23240 K
File Attributes : A
==================================================

==================================================
Process Name : runn.exe
ProcessID : 3316
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 29/12/29 08:08:26 م
File Modified Date : 22/01/29 10:24:25 م
Filename : C:\Users\ABTCOM~1\AppData\Local\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 29/12/29 11:08:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 2844 K
Mem Usage Peak : 2908 K
Page Faults : 739
Pagefile Usage : 860 K
Pagefile Peak Usage : 868 K
File Attributes : A
==================================================

==================================================
Process Name : cmd.exe
ProcessID : 3572
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 318,976
File Created Date : 15/08/29 11:02:35 م
File Modified Date : 10/01/29 07:33:04 ص
Filename : C:\Windows\system32\cmd.exe
Base Address : 0x4A460000
Created On : 29/12/29 11:08:27 م
Visible Windows : 0
Hidden Windows : 1
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 2344 K
Mem Usage Peak : 2584 K
Page Faults : 882
Pagefile Usage : 1796 K
Pagefile Peak Usage : 3080 K
File Attributes : A
==================================================

==================================================
Process Name : conime.exe
ProcessID : 840
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : Console IME
Company : Microsoft Corporation
Window Title :
File Size : 69,120
File Created Date : 15/08/29 11:01:32 م
File Modified Date : 10/01/29 07:33:04 ص
Filename : C:\Windows\system32\conime.exe
Base Address : 0x00750000
Created On : 29/12/29 11:08:27 م
Visible Windows : 0
Hidden Windows : 2
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 2920 K
Mem Usage Peak : 2920 K
Page Faults : 744
Pagefile Usage : 756 K
Pagefile Peak Usage : 756 K
File Attributes : A
==================================================

==================================================
Process Name : wmiprvse.exe
ProcessID : 2712
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : WMI Provider Host
Company : Microsoft Corporation
Window Title :
File Size : 245,248
File Created Date : 15/08/29 11:02:41 م
File Modified Date : 10/01/29 07:33:39 ص
Filename : C:\Windows\system32\wbem\wmiprvse.exe
Base Address : 0x00070000
Created On : 29/12/29 11:08:28 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\NETWORK SERVICE
Mem Usage : 5780 K
Mem Usage Peak : 5792 K
Page Faults : 1523
Pagefile Usage : 2964 K
Pagefile Peak Usage : 3040 K
File Attributes : A
==================================================

==================================================
Process Name : taskmgr.exe
ProcessID : 1216
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : ‎‎إدارة مهام Windows
Company : Microsoft Corporation
Window Title : إدارة مهام Windows
File Size : 163,840
File Created Date : 15/08/29 11:01:12 م
File Modified Date : 10/01/29 07:33:32 ص
Filename : C:\Windows\system32\taskmgr.exe
Base Address : 0x00030000
Created On : 29/12/29 11:08:53 م
Visible Windows : 1
Hidden Windows : 7
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 8224 K
Mem Usage Peak : 8224 K
Page Faults : 2633
Pagefile Usage : 1944 K
Pagefile Peak Usage : 9580 K
File Attributes : A
==================================================

==================================================
Process Name : CProcess.exe
ProcessID : 2764
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 29/12/29 08:08:25 م
File Modified Date : 08/06/26 04:46:34 ص
Filename : C:\Users\ABTCOM~1\AppData\Local\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 29/12/29 11:09:00 م
Visible Windows : 0
Hidden Windows : 0
User Name : Abtcomputer-PC\Abt computer
Mem Usage : 3764 K
Mem Usage Peak : 3772 K
Page Faults : 1438
Pagefile Usage : 1348 K
Pagefile Peak Usage : 3284 K
File Attributes : A
==================================================

.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\autochk.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
تطبيق تسجيل دخول Userinit
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
مستكشف Windows
Microsoft Corporation
6.00.6001.18164
c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
egui
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
ESET GUI
ESET
4.00.0068.0000
c:\program files\eset\eset smart security\egui.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
SUPERAntiSpyware Application
SUPERAntiSpyware.com
4.23.0000.1006
c:\program files\superantispyware\superantispyware.exe
PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Nokia Launch Application
Nokia
7.01.0019.0000
c:\program files\nokia\nokia pc suite 7\pcsuite.exe

Task Scheduler
\User_Feed_Synchronization-{E7349B1D-7057-421F-BA56-EA29EB4FA43C}
C:\Windows\system32\msfeedssync.exe sync
Microsoft Feeds Synchronization
Microsoft Corporation
7.00.6001.18000
c:\windows\system32\msfeedssync.exe
\{1680FEE1-41D6-4EA2-8600-F1B3F6E9C992}
C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\
Program Compatibility Assistant
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\pcalua.exe
\{A5AA61F6-FE30-4EF0-8DA0-4CE701292698}
C:\Windows\system32\pcalua.exe -a "C:\Users\Abt computer\Desktop\p4m900cdce_vista_logo_210201f\VIAwIShld\setup.exe" -d "C:\Users\Abt computer\Desktop\p4m900cdce_vista_logo_210201f\VIAwIShld"
Program Compatibility Assistant
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\pcalua.exe
[DISABLED] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
HKCR\CLSID\{CF2CF428-325B-48D3-8CA8-7633E36E5A32}
عميل إدارة حقوق Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msdrm.dll
\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
HKCR\CLSID\{BF5CB148-7C77-4D8A-A53E-D81C70CF743C}
عميل إدارة حقوق Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msdrm.dll
\Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
Bluetooth Uninstall Device Task
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\bthudtask.exe
\Microsoft\Windows\CertificateServicesClient\SystemTask
HKCR\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
مكتبة الارتباط الديناميكي لمهمة DIMS
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dimsjob.dll
\Microsoft\Windows\CertificateServicesClient\UserTask
HKCR\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
مكتبة الارتباط الديناميكي لمهمة DIMS
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dimsjob.dll
\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
HKCR\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
مكتبة الارتباط الديناميكي لمهمة DIMS
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dimsjob.dll
\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
أداة دمج SQM لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wsqmcons.exe
\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
أداة دمج SQM لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wsqmcons.exe
\Microsoft\Windows\Customer Experience Improvement Program\Uploader
%windir%\system32\WSqmCons.exe -u
أداة دمج SQM لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wsqmcons.exe
\Microsoft\Windows\Defrag\ManualDefrag
%windir%\system32\defrag.exe \\?\Volume{107e2ebf-6a21-11dd-9d73-806e6f6e6963}\
Disk Defragmenter Module
Microsoft Corp.
6.00.6001.18000
c:\windows\system32\defrag.exe
\Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c -i
Disk Defragmenter Module
Microsoft Corp.
6.00.6001.18000
c:\windows\system32\defrag.exe
[DISABLED] \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
%windir%\system32\DFDWiz.exe
‎‎محلل المستخدم لتشخيص الأقراص لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dfdwiz.exe
\Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0) -gc
Windows Media Center Store Update Manager
Microsoft Corporation
6.00.6001.18115
c:\windows\ehome\mcupdate.exe
\Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\MobilePC\HotStart
HKCR\CLSID\{06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Microsoft Windows HotStart User Agent
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\hotstartuseragent.dll
\Microsoft\Windows\MobilePC\TMM
HKCR\CLSID\{35EF4182-F900-4632-B072-8639E4478A61}
إدارة شاشات العرض المتعددة المؤقتة لـ Microsoft
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\tmm.dll
\Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
MUI Language pack cleanup
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\lpremove.exe
\Microsoft\Windows\Multimedia\SystemSoundsService
HKCR\CLSID\{2DEA658F-54C1-4227-AF9B-260AB5FC3543}
خدمة تشغيل الصوت
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\playsndsrv.dll
\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
HKCR\CLSID\{F09878A1-4652-4292-AA63-8C7D4FD7648F}
Quarantine Agent Proxy
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\qagent.dll
\Microsoft\Windows\RAC\RACAgent
%windir%\system32\RacAgent.exe
Reliability analysis metrics calculation executable
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\racagent.exe
\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
%windir%\system32\RAServer.exe /offerraupdate
خادم COM الخاص بالمساعدة عن بُعد لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\raserver.exe
\Microsoft\Windows\Shell\CrawlStartPages
HKCR\CLSID\{51653423-E62D-4FF7-894A-DABB2B8E21E2}
خيارات الفهرسة
Microsoft Corporation
7.00.6001.16503
c:\windows\system32\srchadmin.dll
[DISABLED] \Microsoft\Windows\SideShow\AutoWake
HKCR\CLSID\{E51DFD48-AA36-4B45-BB52-E831F02E8316}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
\Microsoft\Windows\SideShow\GadgetManager
HKCR\CLSID\{FF87090D-4A9A-4F47-879B-29A80C355D61}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
[DISABLED] \Microsoft\Windows\SideShow\SessionAgent
HKCR\CLSID\{45F26E9E-6199-477F-85DA-AF1EDFE067B1}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
[DISABLED] \Microsoft\Windows\SideShow\SystemDataProviders
HKCR\CLSID\{7CCA6768-8373-4D28-8876-83E8B4E3A969}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
\Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Microsoft® Windows System Protection Configuration Library
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\srrstr.dll
\Microsoft\Windows\Tcpip\IpAddressConflict1
rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
واجهة تطبيقات البرامج لعميل إطار تشخيص الشبكة
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\ndfapi.dll
\Microsoft\Windows\Tcpip\IpAddressConflict2
rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
واجهة تطبيقات البرامج لعميل إطار تشخيص الشبكة
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\ndfapi.dll
\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
HKCR\CLSID\{01575CFE-9A55-4003-A5E1-F38D1EBDCBE1}
MsCtfMonitor DLL
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msctfmonitor.dll
\Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
A tool to aid in developing services for WindowsNT
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\sc.exe
\Microsoft\Windows\WDI\ResolutionHost
HKCR\CLSID\{900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1}
بنية التشخيص الأساسية لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wdi.dll
\Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
Windows Problem Reporting
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wermgr.exe
\Microsoft\Windows\Wired\GatherWiredInfo
%windir%\system32\gatherWiredInfo.vbs
c:\windows\system32\gatherwiredinfo.vbs
\Microsoft\Windows\Wireless\GatherWirelessInfo
%windir%\system32\gatherWirelessInfo.vbs
c:\windows\system32\gatherwirelessinfo.vbs
\Microsoft\Windows Defender\MP Scheduled Scan
c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges
Windows Defender Command Line Utility
Microsoft Corporation
1.01.1600.0000
c:\program files\windows defender\mpcmdrun.exe
.
.
----------- End Report ---------------
 
توقيع : yahyaalsaeed
تأييد 0
بارك الله فيك اخي الغالي على متابعتك واعتذر عن تاخري بالرد لاتقطاع النت
أنقر للتوسيع...

حالنا واحد يالغالي :)

التقرير سليم اخي

فقط نظف جهازك

نزل هذه الاداة واتبع الشرح التالي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبيفقط


شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة


002.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:16:04 PM, on 1/7/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\asus\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Sony Ericsson\Wireless Manager\GCXXManager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\CManager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\*******.IE5\2NN8D8GP\Zyzoom_HijackThis[1].exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: ????? ???? Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O2 - BHO: AF BHO - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - C:\Program Files\AnchorFree\bin\AFBho.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AFToolbar - {1F385865-F3D4-41ff-960D-7B7D0A7A72F6} - C:\Program Files\AnchorFree\bin\AFToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GCXX-Manager-Class] "C:\Program Files\Sony Ericsson\Wireless Manager\GCXXManager.exe" -startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AFProg] C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{36B53FA8-DE17-43B1-AAF3-1C89E61B7189}: NameServer = 84.23.101.84 84.23.101.85
O17 - HKLM\System\CS1\Services\Tcpip\..\{36B53FA8-DE17-43B1-AAF3-1C89E61B7189}: NameServer = 84.23.101.84 84.23.101.85
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\asus\NB Probe\SPM\spmgr.exe
--
End of file - 7674 bytes
 
تأييد 0
انا فيستا كيف الحل
 
تأييد 0
تقريرك سليم اخي
هل تواجه اي مشاكل ؟
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى