1. إستبعاد الملاحظة
  2. الإدارة العامة

    صفحة منتديات زيزووم للأمن والحماية

  3. الإدارة العامة

    الصفحة الرسمية لمنتديات زيزووم للأمن والحماية الفيس بوك

  4. الإدارة العامة

    الصفحة الرسمية لمنتديات زيزووم للأمن والحماية التلكرام

أداة SmitfraudFix _ لفحص وتنظيف الجهاز من الدعايات المزعجه ( شرح بالصور )

الموضوع في 'منتدى [ حلول مشاكل الحاسوب الشائعة ]' بواسطة زيزوووم, بتاريخ ‏ديسمبر 4, 2007.

حالة الموضوع:
مغلق
  1. سيف الغلا

    سيف الغلا زيزوومى فعال

    إنضم إلينا في:
    ‏ديسمبر 11, 2007
    المشاركات:
    198
    الإعجابات :
    1
    نقاط الجائزة:
    250
    الإقامة:
    مملكة ابو متعب
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    مشكور اخوي العزيز
    الدعايات مجننتني
    استخدمت الاداه لكن ترجع حين اشغل الجهاز في اليوم الثاني
    اي كل يوم اشغل الجهاز اقوم بتنظيفة بالاداه
    فية حل انها تروح نهاياً اشرحلي لوسمحت
     
  2. علي عبد الستار

    علي عبد الستار زيزوومي جديد

    إنضم إلينا في:
    ‏نوفمبر 21, 2007
    المشاركات:
    2
    الإعجابات :
    0
    نقاط الجائزة:
    0
    الإقامة:
    baghdad
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    السلام عليكم

    يسلمو على هذه الاداة والله فعلا محتاج هذه الاداة

    السلام عليكم
     
  3. أبو رهيم

    أبو رهيم زيزوومي جديد

    إنضم إلينا في:
    ‏أغسطس 2, 2007
    المشاركات:
    56
    الإعجابات :
    2
    نقاط الجائزة:
    50
    الإقامة:
    السعودية
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    ماشاء الله تبارك الله
    الله يقويك أخوي تركي
    مدرسة في الحماية الله يحميك ..
     
  4. sdook

    sdook زيزوومي جديد

    إنضم إلينا في:
    ‏ديسمبر 7, 2007
    المشاركات:
    964
    الإعجابات :
    8
    نقاط الجائزة:
    0
    الإقامة:
    In heart Playground Volleyball
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    مشكور ورحم الله والديك
     
  5. أسير&الشعر

    أسير&الشعر زيزوومي نشيط

    إنضم إلينا في:
    ‏أكتوبر 2, 2007
    المشاركات:
    117
    الإعجابات :
    0
    نقاط الجائزة:
    120
    الإقامة:
    ksa
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    هذا التقرير الي طلع معاي..

    SmitFraudFix v2.278
    Scan done at 20:55:33.14, Sat 02/02/2008
    Run from C:\Documents and Settings\N a W a F\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    127.0.0.1 localhost
    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    Error while deleting D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll.


    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
    S!Ri's WS2Fix: LSP not Found.

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    IEDFix.exe by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» DNS
    Description: Intel(R) PRO/Wireless 2200BG Network Connection - Kaspersky Anti-Virus NDIS Miniport
    DNS Server Search Order: 192.168.1.254

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{61548549-345D-4C98-92C3-62421BF61BBC}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    والله يعطيك العافيه يبو عتب:)

    والله يرحم موتاك وموتى المسلمين..

    سلام
     
  6. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    يا هلا وغلا بالجميع
    اسعدني جدا تواجدكم وردودكم الجميلة
    تحيه من القلب للجميع
     
  7. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    :openmouth::openmouth: من متى هذا :blusnuphing::blusnuphing:
    كل العذر اخوي على التأخير ,,

    التقرير سليم :iconmju30:
     
  8. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    ويجزاك خير ويبارك فيك

    وجد عندك ملفات ضاره وتم حذفها
     
  9. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    هلااا فيك اخي العزيز

    التحذير بوجود ملف خطر وليس "فايروس"
     
  10. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP




    هلااا فيك ,, وعذرا على التأخير

    اعمل هذا التقرير ,, اذا مازلت تعاني من المشكله :blbyeh:

    طيب اعمل تقرير هايجاك
    حمل هذا الملف وشغله ,, لحظات يظهر لك تقرير
    انسخه والصقه بردك القادم

    http://www.zyzoom.net/soft/security/tools/Zyzoom_3IN1_hijackthis_&_RunningProcess_&_StartupList.exe
     
  11. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP



    ووالديك وجميع المسلمين

    عندك ملف وما استطاعة الاداة من حذفه

    اعمل تقرير هايجاك
    حمل هذا الملف وشغله ,, لحظات يظهر لك تقرير
    انسخه والصقه بردك القادم

    http://www.zyzoom.net/soft/security/tools/Zyzoom_3IN1_hijackthis_&_RunningProcess_&_StartupList.exe
     
  12. أسير&الشعر

    أسير&الشعر زيزوومي نشيط

    إنضم إلينا في:
    ‏أكتوبر 2, 2007
    المشاركات:
    117
    الإعجابات :
    0
    نقاط الجائزة:
    120
    الإقامة:
    ksa
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    .
    --------------------------\\\ Start Report Of HijackThis ---------------
    .
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:40:07 م, on 02/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\DU Meter\DUMeterSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
    C:\Program Files\LG Software\On Screen Display\Hotkey.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\TorCP\torcp.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\DU Meter\DUMeter.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    C:\WINDOWS\zpitsp.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\lg_swupdate\tmcheck.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\svchost.exe
    C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
    C:\WINDOWS\system32\cmd.exe
    C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.37.63.11:80
    F2 - REG:system.ini: Shell=Explorer.exe c:\windows\Autorun.exe
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\icom accelerator\components\NOWImaging.dll (file missing)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
    O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [lrrpfgcp] C:\WINDOWS\lrrpfgcp.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
    O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplorer.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [InkMonitor] C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: gce.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &BitSpirit حمله باستخدام
    - C:\Program Files\BitSpirit\bsurl.htm
    O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: أضافة إلى مضاد الأعلان - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
    O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
    http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175174415265
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177550462406
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

    --
    End of file - 9992 bytes
    .
    .
    --------------------------\\\ End Report Of Of HijackThis ---------------
    .
    .
    .
    .
    --------------------------\\\ Start Report Of Running Processes ---------------
    .
    ==================================================
    Process Name : smss.exe
    ProcessID : 960
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows NT Session Manager
    Company : Microsoft Corporation
    Window Title :
    File Size : 50,688
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\smss.exe
    Base Address : 0x48580000
    Created On : 25/01/1429 08:38:00 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 428 K
    Mem Usage Peak : 668 K
    Page Faults : 292
    Pagefile Usage : 168 K
    Pagefile Peak Usage : 1676 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : csrss.exe
    ProcessID : 1016
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Client Server Runtime Process
    Company : Microsoft Corporation
    Window Title :
    File Size : 6,144
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\csrss.exe
    Base Address : 0x4A680000
    Created On : 25/01/1429 08:38:03 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 5464 K
    Mem Usage Peak : 5660 K
    Page Faults : 9805
    Pagefile Usage : 2068 K
    Pagefile Peak Usage : 2164 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : winlogon.exe
    ProcessID : 1040
    Priority : High
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows NT Logon Application
    Company : Microsoft Corporation
    Window Title :
    File Size : 502,272
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\winlogon.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:04 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 4180 K
    Mem Usage Peak : 16352 K
    Page Faults : 9416
    Pagefile Usage : 6616 K
    Pagefile Peak Usage : 8648 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : services.exe
    ProcessID : 1084
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Services and Controller app
    Company : Microsoft Corporation
    Window Title :
    File Size : 108,032
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\services.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:04 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 4020 K
    Mem Usage Peak : 4024 K
    Page Faults : 3008
    Pagefile Usage : 1908 K
    Pagefile Peak Usage : 2020 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : lsass.exe
    ProcessID : 1096
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : LSA Shell (Export Version)
    Company : Microsoft Corporation
    Window Title :
    File Size : 13,312
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\lsass.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:04 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 1620 K
    Mem Usage Peak : 7348 K
    Page Faults : 6820
    Pagefile Usage : 4440 K
    Pagefile Peak Usage : 4472 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 1252
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:05 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 5560 K
    Mem Usage Peak : 5612 K
    Page Faults : 1623
    Pagefile Usage : 3284 K
    Pagefile Peak Usage : 23396 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 1332
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:06 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 4920 K
    Mem Usage Peak : 4924 K
    Page Faults : 1419
    Pagefile Usage : 2176 K
    Pagefile Peak Usage : 2320 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 1380
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:06 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 40080 K
    Mem Usage Peak : 133616 K
    Page Faults : 218135
    Pagefile Usage : 27932 K
    Pagefile Peak Usage : 122020 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : StyleXPService.exe
    ProcessID : 1408
    Priority : Normal
    Product Name : StyleXPService Module
    Version : 0, 20, 0, 3000
    Description : StyleXPService Module
    Company :
    Window Title :
    File Size : 372,736
    File Created Date : 26/04/1427 06:31:06 م
    File Modified Date : 26/04/1427 06:31:06 م
    Filename : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:06 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 3700 K
    Mem Usage Peak : 4164 K
    Page Faults : 203620
    Pagefile Usage : 1128 K
    Pagefile Peak Usage : 1356 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 1580
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:06 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 3784 K
    Mem Usage Peak : 3904 K
    Page Faults : 1137
    Pagefile Usage : 1472 K
    Pagefile Peak Usage : 1612 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 1652
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:07 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 9932 K
    Mem Usage Peak : 9976 K
    Page Faults : 6824
    Pagefile Usage : 6884 K
    Pagefile Peak Usage : 6960 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : spoolsv.exe
    ProcessID : 288
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    Description : Spooler SubSystem App
    Company : Microsoft Corporation
    Window Title :
    File Size : 57,856
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 04/05/1426 11:53:32 م
    Filename : C:\WINDOWS\system32\spoolsv.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 6196 K
    Mem Usage Peak : 6212 K
    Page Faults : 1804
    Pagefile Usage : 3864 K
    Pagefile Peak Usage : 4016 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : avp.exe
    ProcessID : 404
    Priority : Normal
    Product Name : Kaspersky Anti-Virus
    Version : 7.0.0.125
    Description : Kaspersky Anti-Virus
    Company : Kaspersky Lab
    Window Title :
    File Size : 218,376
    File Created Date : 13/06/1428 09:51:38 ص
    File Modified Date : 13/06/1428 09:51:38 ص
    Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 23388 K
    Mem Usage Peak : 83936 K
    Page Faults : 438757
    Pagefile Usage : 50292 K
    Pagefile Peak Usage : 115600 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : BTNtService.exe
    ProcessID : 436
    Priority : Normal
    Product Name :
    Version :
    Description :
    Company :
    Window Title :
    File Size : 110,592
    File Created Date : 16/03/1428 11:36:21 م
    File Modified Date : 27/02/1426 11:03:28 م
    Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 2776 K
    Mem Usage Peak : 2776 K
    Page Faults : 774
    Pagefile Usage : 1916 K
    Pagefile Peak Usage : 1964 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : DUMeterSvc.exe
    ProcessID : 464
    Priority : Normal
    Product Name : DU Meter
    Version : 4.0 Build R3009
    Description : DU Meter Service
    Company : Hagel Technologies Ltd
    Window Title :
    File Size : 1,382,672
    File Created Date : 18/01/1429 09:15:37 م
    File Modified Date : 04/10/1428 12:19:38 م
    Filename : C:\Program Files\DU Meter\DUMeterSvc.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:09 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 7052 K
    Mem Usage Peak : 7052 K
    Page Faults : 4317
    Pagefile Usage : 7248 K
    Pagefile Peak Usage : 8408 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 612
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:09 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 3788 K
    Mem Usage Peak : 3796 K
    Page Faults : 1005
    Pagefile Usage : 1716 K
    Pagefile Peak Usage : 1740 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : WMPNetwk.exe
    ProcessID : 108
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 11.0.5721.5145 (WMP_11.061018-2006)
    Description : خدمة مشاركة الشبكة لـ Windows Media Player
    Company : Microsoft Corporation
    Window Title :
    File Size : 909,312
    File Created Date : 11/11/1427 07:03:38 م
    File Modified Date : 11/11/1427 07:03:38 م
    Filename : C:\Program Files\Windows Media Player\WMPNetwk.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:10 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 26200 K
    Mem Usage Peak : 26208 K
    Page Faults : 10494
    Pagefile Usage : 10556 K
    Pagefile Peak Usage : 10624 K
    File Attributes :
    ==================================================

    ==================================================
    Process Name : alg.exe
    ProcessID : 1992
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Application Layer Gateway Service
    Company : Microsoft Corporation
    Window Title :
    File Size : 44,544
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\alg.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:13 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 3864 K
    Mem Usage Peak : 3872 K
    Page Faults : 1032
    Pagefile Usage : 1292 K
    Pagefile Peak Usage : 1316 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : SynTPLpr.exe
    ProcessID : 2424
    Priority : Normal
    Product Name : Synaptics Pointing Device Driver
    Version : 7.12.9.4 14Feb05
    Description : TouchPad Driver Helper Application
    Company : Synaptics, Inc.
    Window Title :
    File Size : 98,396
    File Created Date : 11/03/1428 10:05:53 ص
    File Modified Date : 06/01/1426 08:59:12 ص
    Filename : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3588 K
    Mem Usage Peak : 3648 K
    Page Faults : 1065
    Pagefile Usage : 1036 K
    Pagefile Peak Usage : 1072 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : SynTPEnh.exe
    ProcessID : 2432
    Priority : Normal
    Product Name : Synaptics Pointing Device Driver
    Version : 7.12.9.4 14Feb05
    Description : Synaptics TouchPad Enhancements
    Company : Synaptics, Inc.
    Window Title :
    File Size : 667,740
    File Created Date : 11/03/1428 10:05:52 ص
    File Modified Date : 06/01/1426 08:58:10 ص
    Filename : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 1
    Hidden Windows : 7
    User Name : NAWAF\N a W a F
    Mem Usage : 5412 K
    Mem Usage Peak : 5412 K
    Page Faults : 1576
    Pagefile Usage : 1756 K
    Pagefile Peak Usage : 1772 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : batterymiser.exe
    ProcessID : 2440
    Priority : Normal
    Product Name : Battery Miser
    Version : 3, 37, 0, 0
    Description : Battery Miser
    Company : LG Electronics Inc.
    Window Title :
    File Size : 335,872
    File Created Date : 11/03/1428 10:14:16 ص
    File Modified Date : 06/05/1427 12:54:34 ص
    Filename : C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 4488 K
    Mem Usage Peak : 5288 K
    Page Faults : 6003
    Pagefile Usage : 2816 K
    Pagefile Peak Usage : 2880 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : Hotkey.exe
    ProcessID : 2448
    Priority : Normal
    Product Name : HotKey
    Version : 1, 0, 0, 0
    Description : HotKey
    Company : LG Electronics
    Window Title :
    File Size : 86,016
    File Created Date : 11/03/1428 10:14:42 ص
    File Modified Date : 19/05/1426 02:09:56 ص
    Filename : C:\Program Files\LG Software\On Screen Display\Hotkey.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 5
    User Name : NAWAF\N a W a F
    Mem Usage : 6244 K
    Mem Usage Peak : 6296 K
    Page Faults : 1869
    Pagefile Usage : 3004 K
    Pagefile Peak Usage : 3880 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : AGRSMMSG.exe
    ProcessID : 2464
    Priority : Normal
    Product Name : Agere SoftModem Messaging Applet
    Version : 2.1.47.8 2.1.47.8 11/09/2004 17:19:25
    Description : SoftModem Messaging Applet
    Company : Agere Systems
    Window Title :
    File Size : 88,358
    File Created Date : 11/03/1428 02:04:42 م
    File Modified Date : 27/09/1425 08:19:26 ص
    Filename : C:\WINDOWS\AGRSMMSG.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3520 K
    Mem Usage Peak : 3576 K
    Page Faults : 1029
    Pagefile Usage : 996 K
    Pagefile Peak Usage : 996 K
    File Attributes : AR
    ==================================================

    ==================================================
    Process Name : RunDll32.exe
    ProcessID : 2472
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Run a DLL as an App
    Company : Microsoft Corporation
    Window Title :
    File Size : 33,280
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\RunDll32.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 5428 K
    Mem Usage Peak : 5500 K
    Page Faults : 4211
    Pagefile Usage : 2860 K
    Pagefile Peak Usage : 2864 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : hkcmd.exe
    ProcessID : 2488
    Priority : Normal
    Product Name : Intel(R) Common User Interface
    Version : 3.0.0.4497
    Description : hkcmd Module
    Company : Intel Corporation
    Window Title :
    File Size : 77,824
    File Created Date : 11/03/1428 09:55:02 ص
    File Modified Date : 09/01/1427 11:36:06 م
    Filename : C:\WINDOWS\system32\hkcmd.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 12
    User Name : NAWAF\N a W a F
    Mem Usage : 3712 K
    Mem Usage Peak : 3780 K
    Page Faults : 1045
    Pagefile Usage : 912 K
    Pagefile Peak Usage : 976 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : igfxpers.exe
    ProcessID : 2496
    Priority : Normal
    Product Name : Intel(R) Common User Interface
    Version : 3.0.0.4497
    Description : persistence Module
    Company : Intel Corporation
    Window Title :
    File Size : 118,784
    File Created Date : 09/01/1427 11:40:02 م
    File Modified Date : 09/01/1427 11:40:02 م
    Filename : C:\WINDOWS\system32\igfxpers.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3684 K
    Mem Usage Peak : 3756 K
    Page Faults : 1025
    Pagefile Usage : 880 K
    Pagefile Peak Usage : 896 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : avp.exe
    ProcessID : 2504
    Priority : Normal
    Product Name : Kaspersky Anti-Virus
    Version : 7.0.0.125
    Description : Kaspersky Anti-Virus
    Company : Kaspersky Lab
    Window Title :
    File Size : 218,376
    File Created Date : 13/06/1428 09:51:38 ص
    File Modified Date : 13/06/1428 09:51:38 ص
    Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:15 م
    Visible Windows : 0
    Hidden Windows : 8
    User Name : NAWAF\N a W a F
    Mem Usage : 3484 K
    Mem Usage Peak : 9688 K
    Page Faults : 13678
    Pagefile Usage : 7508 K
    Pagefile Peak Usage : 7636 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : realsched.exe
    ProcessID : 2560
    Priority : Normal
    Product Name : RealPlayer (32-bit)
    Version : 0.1.0.3760
    Description : RealNetworks Scheduler
    Company : RealNetworks, Inc.
    Window Title :
    File Size : 185,896
    File Created Date : 29/09/1428 03:29:59 م
    File Modified Date : 29/09/1428 03:29:59 م
    Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 192 K
    Mem Usage Peak : 3396 K
    Page Faults : 17055
    Pagefile Usage : 1232 K
    Pagefile Peak Usage : 1240 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : IP Operator 2005.exe
    ProcessID : 2568
    Priority : Normal
    Product Name : IPO3 ?? ????
    Version : 1, 0, 0, 1
    Description : IPO3 MFC ?? ????
    Company :
    Window Title :
    File Size : 1,028,096
    File Created Date : 11/03/1428 10:14:54 ص
    File Modified Date : 11/05/1426 08:02:44 م
    Filename : C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 16
    User Name : NAWAF\N a W a F
    Mem Usage : 7224 K
    Mem Usage Peak : 7352 K
    Page Faults : 1974
    Pagefile Usage : 2860 K
    Pagefile Peak Usage : 2860 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : jusched.exe
    ProcessID : 2576
    Priority : Normal
    Product Name : Java(TM) Platform SE 6 U3
    Version : 6.0.30.5
    Description : Java(TM) Platform SE binary
    Company : Sun Microsystems, Inc.
    Window Title :
    File Size : 132,496
    File Created Date : 23/10/1428 10:59:03 م
    File Modified Date : 13/09/1428 10:11:35 م
    Filename : C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2684 K
    Mem Usage Peak : 2684 K
    Page Faults : 716
    Pagefile Usage : 872 K
    Pagefile Peak Usage : 872 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : hpztsb09.exe
    ProcessID : 2584
    Priority : Normal
    Product Name : HP DeskJet
    Version : 2.236.4.0
    Description :
    Company : HP
    Window Title :
    File Size : 176,128
    File Created Date : 27/11/1428 10:26:23 م
    File Modified Date : 05/07/1424 11:42:50 ص
    Filename : C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3748 K
    Mem Usage Peak : 3876 K
    Page Faults : 1322
    Pagefile Usage : 1140 K
    Pagefile Peak Usage : 1272 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : HPWuSchd.exe
    ProcessID : 2592
    Priority : Normal
    Product Name : Hewlett-Packard hpwuSchd
    Version : 1, 0, 0, 2
    Description : hpwuSchd
    Company : Hewlett-Packard
    Window Title :
    File Size : 49,152
    File Created Date : 25/04/1424 08:24:48 ص
    File Modified Date : 25/04/1424 08:24:48 ص
    Filename : C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3200 K
    Mem Usage Peak : 3264 K
    Page Faults : 920
    Pagefile Usage : 824 K
    Pagefile Peak Usage : 824 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : hpcmpmgr.exe
    ProcessID : 2600
    Priority : Normal
    Product Name : hp coretech (COmponent REuse TECHnology)
    Version : 2.1.1
    Description : HP Framework Component Manager Service
    Company : Hewlett-Packard Company
    Window Title :
    File Size : 233,472
    File Created Date : 27/08/1424 04:51:18 م
    File Modified Date : 27/08/1424 04:51:18 م
    Filename : C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 9076 K
    Mem Usage Peak : 9188 K
    Page Faults : 2773
    Pagefile Usage : 4980 K
    Pagefile Peak Usage : 5876 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : hpotdd01.exe
    ProcessID : 2608
    Priority : Normal
    Product Name : Hewlett-Packard hpotdd01
    Version : 1, 0, 0, 1
    Description : hpotdd01
    Company : Hewlett-Packard
    Window Title :
    File Size : 229,437
    File Created Date : 20/03/1424 03:37:08 م
    File Modified Date : 20/03/1424 03:37:08 م
    Filename : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 5052 K
    Mem Usage Peak : 5116 K
    Page Faults : 2006
    Pagefile Usage : 1544 K
    Pagefile Peak Usage : 1544 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : InkMonitor.exe
    ProcessID : 2616
    Priority : Normal
    Product Name : InkMonitor Application
    Version : 2.1.2
    Description : InkMonitor
    Company :
    Window Title :
    File Size : 143,360
    File Created Date : 02/01/1422 07:29:46 م
    File Modified Date : 02/01/1422 07:29:46 م
    Filename : C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 4040 K
    Mem Usage Peak : 4104 K
    Page Faults : 1136
    Pagefile Usage : 972 K
    Pagefile Peak Usage : 972 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : ctfmon.exe
    ProcessID : 2624
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : CTF Loader
    Company : Microsoft Corporation
    Window Title :
    File Size : 15,360
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\ctfmon.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 5
    User Name : NAWAF\N a W a F
    Mem Usage : 3980 K
    Mem Usage Peak : 4072 K
    Page Faults : 1393
    Pagefile Usage : 1044 K
    Pagefile Peak Usage : 1056 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : MsnMsgr.Exe
    ProcessID : 2632
    Priority : Normal
    Product Name : Messenger
    Version : 8.1.0178.00
    Description : Messenger
    Company : Microsoft Corporation
    Window Title :
    File Size : 5,674,352
    File Created Date : 01/01/1428 08:55:14 م
    File Modified Date : 01/01/1428 08:55:14 م
    Filename : C:\Program Files\MSN Messenger\MsnMsgr.Exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 1
    Hidden Windows : 40
    User Name : NAWAF\N a W a F
    Mem Usage : 23968 K
    Mem Usage Peak : 47992 K
    Page Faults : 76297
    Pagefile Usage : 41392 K
    Pagefile Peak Usage : 45484 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : torcp.exe
    ProcessID : 2648
    Priority : Normal
    Product Name : TorCP
    Version : 0.0.4
    Description : Tor Control Panel
    Company : Matt Edman
    Window Title :
    File Size : 225,280
    File Created Date : 11/11/1426 07:51:36 م
    File Modified Date : 11/11/1426 07:51:36 م
    Filename : C:\Program Files\TorCP\torcp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 6
    User Name : NAWAF\N a W a F
    Mem Usage : 5032 K
    Mem Usage Peak : 5132 K
    Page Faults : 350193
    Pagefile Usage : 1128 K
    Pagefile Peak Usage : 1192 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : StyleXP.exe
    ProcessID : 2656
    Priority : Normal
    Product Name : StyleXP Application
    Version : 0, 30, 19, 0
    Description : StyleXP Application
    Company :
    Window Title :
    File Size : 1,372,160
    File Created Date : 26/04/1427 06:31:39 م
    File Modified Date : 26/04/1427 06:31:39 م
    Filename : C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 15856 K
    Mem Usage Peak : 16040 K
    Page Faults : 9659
    Pagefile Usage : 11664 K
    Pagefile Peak Usage : 15728 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : WMPNSCFG.exe
    ProcessID : 2672
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 11.0.5721.5145 (WMP_11.061018-2006)
    Description : ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
    Company : Microsoft Corporation
    Window Title :
    File Size : 204,288
    File Created Date : 11/11/1427 07:03:46 م
    File Modified Date : 11/11/1427 07:03:46 م
    Filename : C:\Program Files\Windows Media Player\WMPNSCFG.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 4788 K
    Mem Usage Peak : 4848 K
    Page Faults : 1330
    Pagefile Usage : 1288 K
    Pagefile Peak Usage : 1304 K
    File Attributes :
    ==================================================

    ==================================================
    Process Name : DUMeter.exe
    ProcessID : 2680
    Priority : Normal
    Product Name : DU Meter
    Version : 4.0 Build R3009
    Description : DU Meter Monitor
    Company : Hagel Technologies Ltd
    Window Title : DU Meter
    File Size : 2,582,288
    File Created Date : 18/01/1429 09:15:36 م
    File Modified Date : 04/10/1428 12:19:36 م
    Filename : C:\Program Files\DU Meter\DUMeter.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 1
    Hidden Windows : 11
    User Name : NAWAF\N a W a F
    Mem Usage : 6284 K
    Mem Usage Peak : 7900 K
    Page Faults : 6418
    Pagefile Usage : 4740 K
    Pagefile Peak Usage : 5732 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : IDMan.exe
    ProcessID : 2752
    Priority : Normal
    Product Name : Internet Download Manager (IDM)
    Version : 5.12.6.0
    Description : Internet Download Manager (IDM)
    Company : Tonec Inc.
    Window Title :
    File Size : 2,577,840
    File Created Date : 15/01/1429 01:06:25 م
    File Modified Date : 25/01/1429 05:35:58 م
    Filename : C:\Program Files\Internet Download Manager\IDMan.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 7
    User Name : NAWAF\N a W a F
    Mem Usage : 16772 K
    Mem Usage Peak : 17952 K
    Page Faults : 10062
    Pagefile Usage : 6952 K
    Pagefile Peak Usage : 8276 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : BlueSoleil.exe
    ProcessID : 2780
    Priority : Normal
    Product Name : BlueSoleil
    Version : 1, 6, 1, 4
    Description : Bluetooth Application
    Company : IVT Corporation
    Window Title :
    File Size : 1,183,744
    File Created Date : 16/03/1428 11:36:15 م
    File Modified Date : 29/04/1426 08:23:08 م
    Filename : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 8
    User Name : NAWAF\N a W a F
    Mem Usage : 11920 K
    Mem Usage Peak : 12020 K
    Page Faults : 4355
    Pagefile Usage : 6684 K
    Pagefile Peak Usage : 6692 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : gce.exe
    ProcessID : 2788
    Priority : Normal
    Product Name : gce
    Version : 5.00
    Description :
    Company : Leithauser Research
    Window Title : Clock Guard Enforcer
    File Size : 30,720
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 07:02:08 م
    Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 1
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 4528 K
    Mem Usage Peak : 4528 K
    Page Faults : 1243
    Pagefile Usage : 1136 K
    Pagefile Peak Usage : 1140 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : WZQKPICK.EXE
    ProcessID : 2836
    Priority : Normal
    Product Name : WinZip
    Version : 1.0 (32-bit)
    Description : WinZip Executable
    Company : WinZip Computing, S.L.
    Window Title :
    File Size : 394,856
    File Created Date : 21/11/1428 08:10:00 ص
    File Modified Date : 21/11/1428 08:10:00 ص
    Filename : C:\Program Files\WinZip\WZQKPICK.EXE
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:16 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3784 K
    Mem Usage Peak : 3868 K
    Page Faults : 1076
    Pagefile Usage : 872 K
    Pagefile Peak Usage : 872 K
    File Attributes : AR
    ==================================================

    ==================================================
    Process Name : wmiprvse.exe
    ProcessID : 904
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : WMI
    Company : Microsoft Corporation
    Window Title :
    File Size : 218,112
    File Created Date : 11/03/1428 07:02:08 ص
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 08:38:24 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 5884 K
    Mem Usage Peak : 6068 K
    Page Faults : 2319
    Pagefile Usage : 2036 K
    Pagefile Peak Usage : 3092 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : gce.exe
    ProcessID : 1880
    Priority : Normal
    Product Name : gce
    Version : 5.00
    Description :
    Company : Leithauser Research
    Window Title : wsgc
    File Size : 30,720
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 07:02:08 م
    Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:25 م
    Visible Windows : 1
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 4276 K
    Mem Usage Peak : 4280 K
    Page Faults : 1166
    Pagefile Usage : 1132 K
    Pagefile Peak Usage : 1136 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : zpitsp.exe
    ProcessID : 1908
    Priority : Normal
    Product Name : WatcherCG
    Version : 1.01
    Description :
    Company : Leithauser Research
    Window Title : ctgpp
    File Size : 13,312
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 06:43:56 م
    Filename : C:\WINDOWS\zpitsp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:25 م
    Visible Windows : 1
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 4288 K
    Mem Usage Peak : 4356 K
    Page Faults : 1235
    Pagefile Usage : 1172 K
    Pagefile Peak Usage : 1176 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : IEMonitor.exe
    ProcessID : 2940
    Priority : Normal
    Product Name : IEMonitor Application
    Version : 3, 0, 0, 1
    Description : Internet Download Manager agent for click monitoring in IE-based browsers
    Company : Tonec Inc.
    Window Title :
    File Size : 251,576
    File Created Date : 15/01/1429 01:06:20 م
    File Modified Date : 02/02/1428 02:53:52 م
    Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:38:53 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 6468 K
    Mem Usage Peak : 6540 K
    Page Faults : 4119
    Pagefile Usage : 3120 K
    Pagefile Peak Usage : 3244 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : tmcheck.exe
    ProcessID : 2084
    Priority : Normal
    Product Name : LG Intelligent Update
    Version : 1.00
    Description :
    Company : CST
    Window Title :
    File Size : 20,480
    File Created Date : 11/03/1428 09:51:18 ص
    File Modified Date : 12/11/1425 11:46:54 م
    Filename : C:\Program Files\lg_swupdate\tmcheck.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:40:29 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 3928 K
    Mem Usage Peak : 3984 K
    Page Faults : 1085
    Pagefile Usage : 1076 K
    Pagefile Peak Usage : 1076 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : usnsvc.exe
    ProcessID : 2296
    Priority : Normal
    Product Name : Messenger
    Version : 8.1.0178.00
    Description : Messenger Sharing USN Journal Reader Service
    Company : Microsoft Corporation
    Window Title :
    File Size : 97,136
    File Created Date : 01/01/1428 08:54:14 م
    File Modified Date : 01/01/1428 08:54:14 م
    Filename : C:\Program Files\MSN Messenger\usnsvc.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 08:40:46 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 2816 K
    Mem Usage Peak : 2816 K
    Page Faults : 765
    Pagefile Usage : 980 K
    Pagefile Peak Usage : 980 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : explorer.exe
    ProcessID : 3064
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
    Description : Windows Explorer
    Company : Microsoft Corporation
    Window Title : Program Manager
    File Size : 1,033,216
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 28/05/1428 10:23:07 ص
    Filename : C:\WINDOWS\explorer.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 09:01:29 م
    Visible Windows : 2
    Hidden Windows : 30
    User Name : NAWAF\N a W a F
    Mem Usage : 24196 K
    Mem Usage Peak : 26212 K
    Page Faults : 31739
    Pagefile Usage : 16248 K
    Pagefile Peak Usage : 18660 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : iexplore.exe
    ProcessID : 3712
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Internet Explorer
    Company : Microsoft Corporation
    Window Title : أداة SmitfraudFix _ لفحص وتنظيف الجهاز من الدعايات المزعجه ( شرح بالصور ) - الصفحة 3 - زيزوووم - Microsoft Internet Explorer
    File Size : 93,184
    File Created Date : 11/03/1428 07:04:12 ص
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\Program Files\Internet Explorer\iexplore.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 09:11:31 م
    Visible Windows : 4
    Hidden Windows : 65
    User Name : NAWAF\N a W a F
    Mem Usage : 63880 K
    Mem Usage Peak : 66484 K
    Page Faults : 48443
    Pagefile Usage : 46428 K
    Pagefile Peak Usage : 49480 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : svchost.exe
    ProcessID : 836
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 09:20:37 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 4504 K
    Mem Usage Peak : 4524 K
    Page Faults : 1251
    Pagefile Usage : 2640 K
    Pagefile Peak Usage : 2756 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : runn.exe
    ProcessID : 3956
    Priority : Normal
    Product Name :
    Version :
    Description :
    Company :
    Window Title :
    File Size : 71,680
    File Created Date : 25/01/1429 06:39:58 م
    File Modified Date : 23/01/1429 10:24:25 م
    Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 09:39:58 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2520 K
    Mem Usage Peak : 2532 K
    Page Faults : 736
    Pagefile Usage : 824 K
    Pagefile Peak Usage : 928 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : cmd.exe
    ProcessID : 2368
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows Command Processor
    Company : Microsoft Corporation
    Window Title :
    File Size : 388,608
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\cmd.exe
    Base Address : 0x4AD00000
    Created On : 25/01/1429 09:39:58 م
    Visible Windows : 0
    Hidden Windows : 1
    User Name : NAWAF\N a W a F
    Mem Usage : 3048 K
    Mem Usage Peak : 3112 K
    Page Faults : 886
    Pagefile Usage : 2156 K
    Pagefile Peak Usage : 2232 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : wmiprvse.exe
    ProcessID : 1496
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : WMI
    Company : Microsoft Corporation
    Window Title :
    File Size : 218,112
    File Created Date : 11/03/1428 07:02:08 ص
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 09:40:00 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 5796 K
    Mem Usage Peak : 5796 K
    Page Faults : 1507
    Pagefile Usage : 3016 K
    Pagefile Peak Usage : 3016 K
    File Attributes : A
    ==================================================

    ==================================================
    Process Name : CProcess.exe
    ProcessID : 3764
    Priority : Normal
    Product Name : CurrProcess
    Version : 1.11
    Description : CurrProcess
    Company : NirSoft
    Window Title :
    File Size : 35,840
    File Created Date : 25/01/1429 06:39:58 م
    File Modified Date : 08/06/1426 04:46:34 ص
    Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\CProcess.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 09:40:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2572 K
    Mem Usage Peak : 2672 K
    Page Faults : 1421
    Pagefile Usage : 1116 K
    Pagefile Peak Usage : 1216 K
    File Attributes : A
    ==================================================

    .
    .
    --------------------------\\\ End Report Of Running Processes ---------------
    .
    .
    .
    .
    --------------------------\\\ Windows XP Startup List ---------------
    .

    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    autocheck autochk *
    autocheck autochk *
    Auto Check Utility
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\autochk.exe

    HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
    rdpclip
    rdpclip
    RDP Clip Monitor
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\rdpclip.exe

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\system32\userinit.exe
    Userinit Logon Application
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\userinit.exe

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
    Explorer.exe
    Explorer.exe
    Windows Explorer
    Microsoft Corporation
    6.00.2900.3156
    c:\windows\explorer.exe
    c:\windows\Autorun.exe
    c:\windows\Autorun.exe
    File not found: c:\windows\Autorun.exe

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    NeroFilterCheck
    C:\WINDOWS\system32\NeroCheck.exe
    NeroCheck
    Ahead Software Gmbh
    1.00.0000.0002
    c:\windows\system32\nerocheck.exe
    LG Intelligent Update
    "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
    CST
    1.00.0000.0000
    c:\program files\lg_swupdate\autoupdate.exe
    SynTPLpr
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    TouchPad Driver Helper Application
    Synaptics, Inc.
    7.12.0009.0004
    c:\program files\synaptics\syntp\syntplpr.exe
    SynTPEnh
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Synaptics TouchPad Enhancements
    Synaptics, Inc.
    7.12.0009.0004
    c:\program files\synaptics\syntp\syntpenh.exe
    batterymiser
    "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
    Battery Miser
    LG Electronics Inc.
    3.37.0000.0000
    c:\program files\lg software\battery miser 2005\batterymiser.exe
    KeybdUtility
    "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
    HotKey
    LG Electronics
    1.00.0000.0000
    c:\program files\lg software\on screen display\hotkey.exe
    High Definition Audio Property Page Shortcut
    HDAShCut.exe
    High Definition Audio Property Page Shortcut v1.0a
    Windows (R) Server 2003 DDK provider
    5.10.0001.5013
    c:\windows\system32\hdashcut.exe
    AGRSMMSG
    AGRSMMSG.exe
    SoftModem Messaging Applet
    Agere Systems
    2.01.0047.0008
    c:\windows\agrsmmsg.exe
    Cmaudio
    RunDll32 cmicnfg.cpl,CMICtrlWnd
    CmiCnfg DLL
    C-Media Corporation
    1.00.0046.0004
    c:\windows\system\cmicnfg.cpl
    igfxtray
    C:\WINDOWS\system32\igfxtray.exe
    igfxTray Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\igfxtray.exe
    igfxhkcmd
    C:\WINDOWS\system32\hkcmd.exe
    hkcmd Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\hkcmd.exe
    igfxpers
    C:\WINDOWS\system32\igfxpers.exe
    persistence Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\igfxpers.exe
    lrrpfgcp
    C:\WINDOWS\lrrpfgcp.exe
    Leithauser Research
    1.00.0000.0000
    c:\windows\lrrpfgcp.exe
    TkBellExe
    "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    RealNetworks Scheduler
    RealNetworks, Inc.
    0.01.0000.3760
    c:\program files\common files\real\update_ob\realsched.exe
    IPO3
    "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
    IPO3 MFC ?? ????
    1.00.0000.0001
    c:\program files\lg software\ip operator 2005\ip operator 2005.exe
    Explorer
    C:\WINDOWS\iexplorer.exe
    File not found: C:\WINDOWS\iexplorer.exe
    SunJavaUpdateSched
    "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    Java(TM) Platform SE binary
    Sun Microsystems, Inc.
    6.00.0030.0005
    c:\program files\java\jre1.6.0_03\bin\jusched.exe
    HPDJ Taskbar Utility
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    HP
    2.236.0004.0000
    c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
    HP Software Update
    "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    hpwuSchd
    Hewlett-Packard
    1.00.0000.0002
    c:\program files\hewlett-packard\hp software update\hpwuschd.exe
    HP Component Manager
    "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    HP Framework Component Manager Service
    Hewlett-Packard Company
    2.01.0001.0000
    c:\program files\hp\hpcoretech\hpcmpmgr.exe
    DeviceDiscovery
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    hpotdd01
    Hewlett-Packard
    1.00.0000.0001
    c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
    InkMonitor
    C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    InkMonitor
    2.01.0002.0001
    c:\program files\pokluda\inkmonitor\inkmonitor.exe

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    BlueSoleil.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
    Bluetooth Application
    IVT Corporation
    1.06.0001.0004
    c:\program files\ivt corporation\bluesoleil\bluesoleil.exe
    gce.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Leithauser Research
    5.00.0000.0000
    c:\documents and settings\all users\start menu\programs\startup\gce.exe
    WinZip Quick Pick.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    WinZip Executable
    WinZip Computing, S.L.
    1.00.7403.0000
    c:\program files\winzip\wzqkpick.exe

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    ctfmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    CTF Loader
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\ctfmon.exe
    MsnMsgr
    "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    Messenger
    Microsoft Corporation
    8.01.0178.0000
    c:\program files\msn messenger\msnmsgr.exe
    MSMSGS
    "C:\Program Files\Messenger\msmsgs.exe" /background
    Windows Messenger
    Microsoft Corporation
    4.07.0000.3001
    c:\program files\messenger\msmsgs.exe
    TorCP
    C:\Program Files\TorCP\torcp.exe
    Tor Control Panel
    Matt Edman
    0.00.0004.0000
    c:\program files\torcp\torcp.exe
    STYLEXP
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    StyleXP Application
    0.30.0000.0000
    c:\program files\tgtsoft\stylexp\stylexp.exe
    BitComet
    "D:\Program Files\BitComet\BitComet.exe" /tray
    File not found: D:\Program Files\BitComet\BitComet.exe
    WMPNSCFG
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
    Microsoft Corporation
    11.00.5721.5145
    c:\program files\windows media player\wmpnscfg.exe
    DU Meter
    C:\Program Files\DU Meter\DUMeter.exe
    DU Meter Monitor
    Hagel Technologies Ltd
    4.00.3009.0000
    c:\program files\du meter\dumeter.exe
    IDMan
    C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    Internet Download Manager (IDM)
    Tonec Inc.
    5.12.0006.0000
    c:\program files\internet download manager\idman.exe
    .
    .
    ----------- End Report ---------------

     
  13. $$العاشق$$

    $$العاشق$$ زيزوومي نشيط

    إنضم إلينا في:
    ‏يوليو 22, 2007
    المشاركات:
    173
    الإعجابات :
    3
    نقاط الجائزة:
    200
    الإقامة:
    ღ عـز الديـ. .k.s.a. ـار ღ
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    تقريري للاب توب :openmouth:


    SmitFraudFix v2.278
    Scan done at 21:43:53.07, Sat 02/02/2008
    Run from D:\ ©ںê¤ èê ïي¢©\يں‍•é\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode
    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!
    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll
    »»»»»»»»»»»»»»»»»»»»»»»» Killing process

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD
    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
    S!Ri's WS2Fix: LSP not Found.

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    IEDFix.exe by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» DNS
    Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
    DNS Server Search Order: 212.76.68.200
    DNS Server Search Order: 212.76.68.201
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{3518B225-080C-4E04-A840-DEC45DA25B4E}: DhcpNameServer=212.76.68.200 212.76.68.201
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{3518B225-080C-4E04-A840-DEC45DA25B4E}: DhcpNameServer=212.76.68.200 212.76.68.201
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.76.68.200 212.76.68.201
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.76.68.200 212.76.68.201

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!
    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» End
     
  14. أبوسلام

    أبوسلام زيزوومى متألق

    إنضم إلينا في:
    ‏نوفمبر 10, 2007
    المشاركات:
    285
    الإعجابات :
    59
    نقاط الجائزة:
    380
    الإقامة:
    non
    برامج الحماية:
    Microsoft Security Essentials
    نظام التشغيل:
    Windows XP



    جزاك الله خيرًا

    [​IMG]


     
  15. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    أخوي اسير الشعر

    لاهنت حمل الملف هذا وقم بتشغيله
    http://www.files2net.com/files/56933563/zzzzz.zip

    بعدها اعد تشغيل جهازك ,,,

    واعمل تقرير جديد ,,
    وفضلااا لا امراا ,, لا تكبر الخط
     
  16. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    التقرير حلوو ياحلوو
     
  17. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    ويجزاك خير ويبارك فيك
     
  18. نوووف

    نوووف زيزوومى مميز

    إنضم إلينا في:
    ‏يناير 14, 2008
    المشاركات:
    983
    الإعجابات :
    42
    نقاط الجائزة:
    530
    الجنس:
    أنثى
    الإقامة:
    ѕαυ∂ι αяαвια
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows 7
    هذا تقريري:iconmju30:

    SmitFraudFix v2.278
    Scan done at 22:48:01.32, Sat 02/02/2008
    Run from C:\Documents and Settings\Administrator\Application Data\IDM\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode
    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!
    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll
    »»»»»»»»»»»»»»»»»»»»»»»» Killing process

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    127.0.0.1 localhost
    127.0.0.1 www.winantivirus.com
    127.0.0.1 winantivirus.com

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
    S!Ri's WS2Fix: LSP not Found.

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

    »»»»»»»»»»»»»»»»»»»»»»»» DNS
    Description: VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
    DNS Server Search Order: 192.168.1.254
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{E5BFA856-32AA-485B-92CC-77C00139DFE2}: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!
    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» End
     
  19. أسير&الشعر

    أسير&الشعر زيزوومي نشيط

    إنضم إلينا في:
    ‏أكتوبر 2, 2007
    المشاركات:
    117
    الإعجابات :
    0
    نقاط الجائزة:
    120
    الإقامة:
    ksa
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    .
    --------------------------\\\ Start Report Of HijackThis ---------------
    .
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:14:13 م, on 02/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\DU Meter\DUMeterSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
    C:\Program Files\LG Software\On Screen Display\Hotkey.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TorCP\torcp.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\DU Meter\DUMeter.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    C:\WINDOWS\zpitsp.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\lg_swupdate\tmcheck.exe
    C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
    C:\WINDOWS\system32\cmd.exe
    C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.37.63.11:80
    F2 - REG:system.ini: Shell=Explorer.exe c:\windows\Autorun.exe
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\icom accelerator\components\NOWImaging.dll (file missing)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
    O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [lrrpfgcp] C:\WINDOWS\lrrpfgcp.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
    O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplorer.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [InkMonitor] C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: gce.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &BitSpirit حمله باستخدام
    - C:\Program Files\BitSpirit\bsurl.htm
    O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: أضافة إلى مضاد الأعلان - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
    O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175174415265
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177550462406
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    --
    End of file - 10095 bytes
    .
    .
    --------------------------\\\ End Report Of Of HijackThis ---------------
    .
    .
    .
    .
    --------------------------\\\ Start Report Of Running Processes ---------------
    .
    ==================================================
    Process Name : smss.exe
    ProcessID : 960
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows NT Session Manager
    Company : Microsoft Corporation
    Window Title :
    File Size : 50,688
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\smss.exe
    Base Address : 0x48580000
    Created On : 25/01/1429 11:10:11 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 428 K
    Mem Usage Peak : 480 K
    Page Faults : 222
    Pagefile Usage : 168 K
    Pagefile Peak Usage : 1676 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : csrss.exe
    ProcessID : 1016
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Client Server Runtime Process
    Company : Microsoft Corporation
    Window Title :
    File Size : 6,144
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\csrss.exe
    Base Address : 0x4A680000
    Created On : 25/01/1429 11:10:13 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 4548 K
    Mem Usage Peak : 4728 K
    Page Faults : 3300
    Pagefile Usage : 2016 K
    Pagefile Peak Usage : 2024 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : winlogon.exe
    ProcessID : 1040
    Priority : High
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows NT Logon Application
    Company : Microsoft Corporation
    Window Title :
    File Size : 502,272
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\winlogon.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:14 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 4088 K
    Mem Usage Peak : 17324 K
    Page Faults : 8518
    Pagefile Usage : 6756 K
    Pagefile Peak Usage : 8692 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : services.exe
    ProcessID : 1084
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Services and Controller app
    Company : Microsoft Corporation
    Window Title :
    File Size : 108,032
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\services.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:15 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 3936 K
    Mem Usage Peak : 3972 K
    Page Faults : 3048
    Pagefile Usage : 1844 K
    Pagefile Peak Usage : 2016 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : lsass.exe
    ProcessID : 1096
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : LSA Shell (Export Version)
    Company : Microsoft Corporation
    Window Title :
    File Size : 13,312
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\lsass.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:15 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 7256 K
    Mem Usage Peak : 7264 K
    Page Faults : 2060
    Pagefile Usage : 4280 K
    Pagefile Peak Usage : 4364 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 1252
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:15 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 5564 K
    Mem Usage Peak : 5616 K
    Page Faults : 1541
    Pagefile Usage : 3360 K
    Pagefile Peak Usage : 23396 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 1332
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:16 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 4824 K
    Mem Usage Peak : 4824 K
    Page Faults : 1380
    Pagefile Usage : 2112 K
    Pagefile Peak Usage : 2272 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 1372
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:16 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 32484 K
    Mem Usage Peak : 35016 K
    Page Faults : 20329
    Pagefile Usage : 21260 K
    Pagefile Peak Usage : 28764 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : StyleXPService.exe
    ProcessID : 1420
    Priority : Normal
    Product Name : StyleXPService Module
    Version : 0, 20, 0, 3000
    Description : StyleXPService Module
    Company :
    Window Title :
    File Size : 372,736
    File Created Date : 26/04/1427 06:31:06 م
    File Modified Date : 26/04/1427 06:31:06 م
    Filename : C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:16 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 3564 K
    Mem Usage Peak : 3932 K
    Page Faults : 11320
    Pagefile Usage : 1084 K
    Pagefile Peak Usage : 1280 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 1544
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:18 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 3788 K
    Mem Usage Peak : 3800 K
    Page Faults : 1062
    Pagefile Usage : 1524 K
    Pagefile Peak Usage : 1548 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 1656
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:18 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 9476 K
    Mem Usage Peak : 9484 K
    Page Faults : 3293
    Pagefile Usage : 6232 K
    Pagefile Peak Usage : 6396 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : spoolsv.exe
    ProcessID : 1940
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    Description : Spooler SubSystem App
    Company : Microsoft Corporation
    Window Title :
    File Size : 57,856
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 04/05/1426 11:53:32 م
    Filename : C:\WINDOWS\system32\spoolsv.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:18 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 6140 K
    Mem Usage Peak : 6140 K
    Page Faults : 1776
    Pagefile Usage : 3924 K
    Pagefile Peak Usage : 3996 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : avp.exe
    ProcessID : 2032
    Priority : Normal
    Product Name : Kaspersky Anti-Virus
    Version : 7.0.0.125
    Description : Kaspersky Anti-Virus
    Company : Kaspersky Lab
    Window Title :
    File Size : 218,376
    File Created Date : 13/06/1428 09:51:38 ص
    File Modified Date : 13/06/1428 09:51:38 ص
    Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:19 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 12176 K
    Mem Usage Peak : 46364 K
    Page Faults : 55361
    Pagefile Usage : 47464 K
    Pagefile Peak Usage : 60860 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : BTNtService.exe
    ProcessID : 148
    Priority : Normal
    Product Name :
    Version :
    Description :
    Company :
    Window Title :
    File Size : 110,592
    File Created Date : 16/03/1428 11:36:21 م
    File Modified Date : 27/02/1426 11:03:28 م
    Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:19 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 2772 K
    Mem Usage Peak : 2772 K
    Page Faults : 773
    Pagefile Usage : 1916 K
    Pagefile Peak Usage : 1964 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : DUMeterSvc.exe
    ProcessID : 172
    Priority : Normal
    Product Name : DU Meter
    Version : 4.0 Build R3009
    Description : DU Meter Service
    Company : Hagel Technologies Ltd
    Window Title :
    File Size : 1,382,672
    File Created Date : 18/01/1429 09:15:37 م
    File Modified Date : 04/10/1428 12:19:38 م
    Filename : C:\Program Files\DU Meter\DUMeterSvc.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:19 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 6936 K
    Mem Usage Peak : 6944 K
    Page Faults : 4186
    Pagefile Usage : 7280 K
    Pagefile Peak Usage : 8424 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : svchost.exe
    ProcessID : 596
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Generic Host Process for Win32 Services
    Company : Microsoft Corporation
    Window Title :
    File Size : 14,336
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\svchost.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:20 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 3792 K
    Mem Usage Peak : 3792 K
    Page Faults : 1004
    Pagefile Usage : 1740 K
    Pagefile Peak Usage : 1740 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : Explorer.exe
    ProcessID : 624
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
    Description : Windows Explorer
    Company : Microsoft Corporation
    Window Title : Program Manager
    File Size : 1,033,216
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 28/05/1428 10:23:07 ص
    Filename : C:\WINDOWS\Explorer.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:20 م
    Visible Windows : 2
    Hidden Windows : 26
    User Name : NAWAF\N a W a F
    Mem Usage : 22656 K
    Mem Usage Peak : 22676 K
    Page Faults : 12910
    Pagefile Usage : 15084 K
    Pagefile Peak Usage : 15776 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : WMPNetwk.exe
    ProcessID : 1796
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 11.0.5721.5145 (WMP_11.061018-2006)
    Description : خدمة مشاركة الشبكة لـ Windows Media Player
    Company : Microsoft Corporation
    Window Title :
    File Size : 909,312
    File Created Date : 11/11/1427 07:03:38 م
    File Modified Date : 11/11/1427 07:03:38 م
    Filename : C:\Program Files\Windows Media Player\WMPNetwk.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:22 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 26120 K
    Mem Usage Peak : 26128 K
    Page Faults : 10446
    Pagefile Usage : 10308 K
    Pagefile Peak Usage : 10480 K
    File Attributes :
    ==================================================
    ==================================================
    Process Name : alg.exe
    ProcessID : 1876
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Application Layer Gateway Service
    Company : Microsoft Corporation
    Window Title :
    File Size : 44,544
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\System32\alg.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 3864 K
    Mem Usage Peak : 3872 K
    Page Faults : 1030
    Pagefile Usage : 1308 K
    Pagefile Peak Usage : 1320 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : SynTPLpr.exe
    ProcessID : 2056
    Priority : Normal
    Product Name : Synaptics Pointing Device Driver
    Version : 7.12.9.4 14Feb05
    Description : TouchPad Driver Helper Application
    Company : Synaptics, Inc.
    Window Title :
    File Size : 98,396
    File Created Date : 11/03/1428 10:05:53 ص
    File Modified Date : 06/01/1426 08:59:12 ص
    Filename : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3052 K
    Mem Usage Peak : 3052 K
    Page Faults : 871
    Pagefile Usage : 1000 K
    Pagefile Peak Usage : 1092 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : SynTPEnh.exe
    ProcessID : 2064
    Priority : Normal
    Product Name : Synaptics Pointing Device Driver
    Version : 7.12.9.4 14Feb05
    Description : Synaptics TouchPad Enhancements
    Company : Synaptics, Inc.
    Window Title :
    File Size : 667,740
    File Created Date : 11/03/1428 10:05:52 ص
    File Modified Date : 06/01/1426 08:58:10 ص
    Filename : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 8
    User Name : NAWAF\N a W a F
    Mem Usage : 4524 K
    Mem Usage Peak : 4524 K
    Page Faults : 1306
    Pagefile Usage : 1656 K
    Pagefile Peak Usage : 1772 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : batterymiser.exe
    ProcessID : 2072
    Priority : Normal
    Product Name : Battery Miser
    Version : 3, 37, 0, 0
    Description : Battery Miser
    Company : LG Electronics Inc.
    Window Title :
    File Size : 335,872
    File Created Date : 11/03/1428 10:14:16 ص
    File Modified Date : 06/05/1427 12:54:34 ص
    Filename : C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3508 K
    Mem Usage Peak : 5316 K
    Page Faults : 2825
    Pagefile Usage : 2740 K
    Pagefile Peak Usage : 2804 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : Hotkey.exe
    ProcessID : 2080
    Priority : Normal
    Product Name : HotKey
    Version : 1, 0, 0, 0
    Description : HotKey
    Company : LG Electronics
    Window Title :
    File Size : 86,016
    File Created Date : 11/03/1428 10:14:42 ص
    File Modified Date : 19/05/1426 02:09:56 ص
    Filename : C:\Program Files\LG Software\On Screen Display\Hotkey.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 5
    User Name : NAWAF\N a W a F
    Mem Usage : 5724 K
    Mem Usage Peak : 5736 K
    Page Faults : 1641
    Pagefile Usage : 2996 K
    Pagefile Peak Usage : 3880 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : AGRSMMSG.exe
    ProcessID : 2096
    Priority : Normal
    Product Name : Agere SoftModem Messaging Applet
    Version : 2.1.47.8 2.1.47.8 11/09/2004 17:19:25
    Description : SoftModem Messaging Applet
    Company : Agere Systems
    Window Title :
    File Size : 88,358
    File Created Date : 11/03/1428 02:04:42 م
    File Modified Date : 27/09/1425 08:19:26 ص
    Filename : C:\WINDOWS\AGRSMMSG.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 2852 K
    Mem Usage Peak : 2852 K
    Page Faults : 797
    Pagefile Usage : 924 K
    Pagefile Peak Usage : 948 K
    File Attributes : AR
    ==================================================
    ==================================================
    Process Name : RunDll32.exe
    ProcessID : 2104
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Run a DLL as an App
    Company : Microsoft Corporation
    Window Title :
    File Size : 33,280
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\RunDll32.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 4892 K
    Mem Usage Peak : 4896 K
    Page Faults : 1550
    Pagefile Usage : 2824 K
    Pagefile Peak Usage : 2832 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : hkcmd.exe
    ProcessID : 2120
    Priority : Normal
    Product Name : Intel(R) Common User Interface
    Version : 3.0.0.4497
    Description : hkcmd Module
    Company : Intel Corporation
    Window Title :
    File Size : 77,824
    File Created Date : 11/03/1428 09:55:02 ص
    File Modified Date : 09/01/1427 11:36:06 م
    Filename : C:\WINDOWS\system32\hkcmd.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 12
    User Name : NAWAF\N a W a F
    Mem Usage : 3152 K
    Mem Usage Peak : 3164 K
    Page Faults : 835
    Pagefile Usage : 892 K
    Pagefile Peak Usage : 976 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : igfxpers.exe
    ProcessID : 2128
    Priority : Normal
    Product Name : Intel(R) Common User Interface
    Version : 3.0.0.4497
    Description : persistence Module
    Company : Intel Corporation
    Window Title :
    File Size : 118,784
    File Created Date : 09/01/1427 11:40:02 م
    File Modified Date : 09/01/1427 11:40:02 م
    Filename : C:\WINDOWS\system32\igfxpers.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3132 K
    Mem Usage Peak : 3144 K
    Page Faults : 817
    Pagefile Usage : 864 K
    Pagefile Peak Usage : 884 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : realsched.exe
    ProcessID : 2144
    Priority : Normal
    Product Name : RealPlayer (32-bit)
    Version : 0.1.0.3760
    Description : RealNetworks Scheduler
    Company : RealNetworks, Inc.
    Window Title :
    File Size : 185,896
    File Created Date : 29/09/1428 03:29:59 م
    File Modified Date : 29/09/1428 03:29:59 م
    Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 244 K
    Mem Usage Peak : 3448 K
    Page Faults : 3733
    Pagefile Usage : 1204 K
    Pagefile Peak Usage : 1240 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : IP Operator 2005.exe
    ProcessID : 2152
    Priority : Normal
    Product Name : IPO3 ?? ????
    Version : 1, 0, 0, 1
    Description : IPO3 MFC ?? ????
    Company :
    Window Title :
    File Size : 1,028,096
    File Created Date : 11/03/1428 10:14:54 ص
    File Modified Date : 11/05/1426 08:02:44 م
    Filename : C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 16
    User Name : NAWAF\N a W a F
    Mem Usage : 7024 K
    Mem Usage Peak : 7036 K
    Page Faults : 1826
    Pagefile Usage : 2848 K
    Pagefile Peak Usage : 2864 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : jusched.exe
    ProcessID : 2160
    Priority : Normal
    Product Name : Java(TM) Platform SE 6 U3
    Version : 6.0.30.5
    Description : Java(TM) Platform SE binary
    Company : Sun Microsystems, Inc.
    Window Title :
    File Size : 132,496
    File Created Date : 23/10/1428 10:59:03 م
    File Modified Date : 13/09/1428 10:11:35 م
    Filename : C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2612 K
    Mem Usage Peak : 2612 K
    Page Faults : 698
    Pagefile Usage : 872 K
    Pagefile Peak Usage : 872 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : hpztsb09.exe
    ProcessID : 2168
    Priority : Normal
    Product Name : HP DeskJet
    Version : 2.236.4.0
    Description :
    Company : HP
    Window Title :
    File Size : 176,128
    File Created Date : 27/11/1428 10:26:23 م
    File Modified Date : 05/07/1424 11:42:50 ص
    Filename : C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3304 K
    Mem Usage Peak : 3304 K
    Page Faults : 907
    Pagefile Usage : 1108 K
    Pagefile Peak Usage : 1108 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : HPWuSchd.exe
    ProcessID : 2176
    Priority : Normal
    Product Name : Hewlett-Packard hpwuSchd
    Version : 1, 0, 0, 2
    Description : hpwuSchd
    Company : Hewlett-Packard
    Window Title :
    File Size : 49,152
    File Created Date : 25/04/1424 08:24:48 ص
    File Modified Date : 25/04/1424 08:24:48 ص
    Filename : C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 2596 K
    Mem Usage Peak : 2596 K
    Page Faults : 704
    Pagefile Usage : 776 K
    Pagefile Peak Usage : 776 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : hpcmpmgr.exe
    ProcessID : 2184
    Priority : Normal
    Product Name : hp coretech (COmponent REuse TECHnology)
    Version : 2.1.1
    Description : HP Framework Component Manager Service
    Company : Hewlett-Packard Company
    Window Title :
    File Size : 233,472
    File Created Date : 27/08/1424 04:51:18 م
    File Modified Date : 27/08/1424 04:51:18 م
    Filename : C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 8792 K
    Mem Usage Peak : 8804 K
    Page Faults : 2615
    Pagefile Usage : 5040 K
    Pagefile Peak Usage : 5880 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : hpotdd01.exe
    ProcessID : 2228
    Priority : Normal
    Product Name : Hewlett-Packard hpotdd01
    Version : 1, 0, 0, 1
    Description : hpotdd01
    Company : Hewlett-Packard
    Window Title :
    File Size : 229,437
    File Created Date : 20/03/1424 03:37:08 م
    File Modified Date : 20/03/1424 03:37:08 م
    Filename : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:25 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 4488 K
    Mem Usage Peak : 4488 K
    Page Faults : 1806
    Pagefile Usage : 1508 K
    Pagefile Peak Usage : 1508 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : InkMonitor.exe
    ProcessID : 2260
    Priority : Normal
    Product Name : InkMonitor Application
    Version : 2.1.2
    Description : InkMonitor
    Company :
    Window Title :
    File Size : 143,360
    File Created Date : 02/01/1422 07:29:46 م
    File Modified Date : 02/01/1422 07:29:46 م
    Filename : C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 3276 K
    Mem Usage Peak : 3276 K
    Page Faults : 879
    Pagefile Usage : 856 K
    Pagefile Peak Usage : 856 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : avp.exe
    ProcessID : 2284
    Priority : Normal
    Product Name : Kaspersky Anti-Virus
    Version : 7.0.0.125
    Description : Kaspersky Anti-Virus
    Company : Kaspersky Lab
    Window Title :
    File Size : 218,376
    File Created Date : 13/06/1428 09:51:38 ص
    File Modified Date : 13/06/1428 09:51:38 ص
    Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 5
    User Name : NAWAF\N a W a F
    Mem Usage : 5748 K
    Mem Usage Peak : 9424 K
    Page Faults : 4576
    Pagefile Usage : 5408 K
    Pagefile Peak Usage : 5476 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : ctfmon.exe
    ProcessID : 2292
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : CTF Loader
    Company : Microsoft Corporation
    Window Title :
    File Size : 15,360
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\ctfmon.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 5
    User Name : NAWAF\N a W a F
    Mem Usage : 3640 K
    Mem Usage Peak : 3640 K
    Page Faults : 1039
    Pagefile Usage : 1040 K
    Pagefile Peak Usage : 1052 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : MsnMsgr.Exe
    ProcessID : 2300
    Priority : Normal
    Product Name : Messenger
    Version : 8.1.0178.00
    Description : Messenger
    Company : Microsoft Corporation
    Window Title :
    File Size : 5,674,352
    File Created Date : 01/01/1428 08:55:14 م
    File Modified Date : 01/01/1428 08:55:14 م
    Filename : C:\Program Files\MSN Messenger\MsnMsgr.Exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 1
    Hidden Windows : 38
    User Name : NAWAF\N a W a F
    Mem Usage : 11860 K
    Mem Usage Peak : 48448 K
    Page Faults : 30934
    Pagefile Usage : 32456 K
    Pagefile Peak Usage : 37424 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : msmsgs.exe
    ProcessID : 2308
    Priority : Normal
    Product Name : Messenger
    Version : 4.7.3001
    Description : Windows Messenger
    Company : Microsoft Corporation
    Window Title :
    File Size : 1,694,208
    File Created Date : 11/03/1428 07:02:58 ص
    File Modified Date : 29/08/1425 04:24:37 م
    Filename : C:\Program Files\Messenger\msmsgs.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 7
    User Name : NAWAF\N a W a F
    Mem Usage : 1772 K
    Mem Usage Peak : 5264 K
    Page Faults : 1786
    Pagefile Usage : 1496 K
    Pagefile Peak Usage : 1512 K
    File Attributes :
    ==================================================
    ==================================================
    Process Name : torcp.exe
    ProcessID : 2324
    Priority : Normal
    Product Name : TorCP
    Version : 0.0.4
    Description : Tor Control Panel
    Company : Matt Edman
    Window Title :
    File Size : 225,280
    File Created Date : 11/11/1426 07:51:36 م
    File Modified Date : 11/11/1426 07:51:36 م
    Filename : C:\Program Files\TorCP\torcp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 6
    User Name : NAWAF\N a W a F
    Mem Usage : 4524 K
    Mem Usage Peak : 4624 K
    Page Faults : 22198
    Pagefile Usage : 1068 K
    Pagefile Peak Usage : 1132 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : StyleXP.exe
    ProcessID : 2360
    Priority : Normal
    Product Name : StyleXP Application
    Version : 0, 30, 19, 0
    Description : StyleXP Application
    Company :
    Window Title :
    File Size : 1,372,160
    File Created Date : 26/04/1427 06:31:39 م
    File Modified Date : 26/04/1427 06:31:39 م
    Filename : C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 16208 K
    Mem Usage Peak : 16208 K
    Page Faults : 9418
    Pagefile Usage : 11664 K
    Pagefile Peak Usage : 15640 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : WMPNSCFG.exe
    ProcessID : 2396
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 11.0.5721.5145 (WMP_11.061018-2006)
    Description : ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
    Company : Microsoft Corporation
    Window Title :
    File Size : 204,288
    File Created Date : 11/11/1427 07:03:46 م
    File Modified Date : 11/11/1427 07:03:46 م
    Filename : C:\Program Files\Windows Media Player\WMPNSCFG.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 4404 K
    Mem Usage Peak : 4404 K
    Page Faults : 1164
    Pagefile Usage : 1236 K
    Pagefile Peak Usage : 1276 K
    File Attributes :
    ==================================================
    ==================================================
    Process Name : DUMeter.exe
    ProcessID : 2416
    Priority : Normal
    Product Name : DU Meter
    Version : 4.0 Build R3009
    Description : DU Meter Monitor
    Company : Hagel Technologies Ltd
    Window Title : DU Meter
    File Size : 2,582,288
    File Created Date : 18/01/1429 09:15:36 م
    File Modified Date : 04/10/1428 12:19:36 م
    Filename : C:\Program Files\DU Meter\DUMeter.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 1
    Hidden Windows : 11
    User Name : NAWAF\N a W a F
    Mem Usage : 1440 K
    Mem Usage Peak : 7780 K
    Page Faults : 4510
    Pagefile Usage : 4696 K
    Pagefile Peak Usage : 5716 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : IDMan.exe
    ProcessID : 2444
    Priority : Normal
    Product Name : Internet Download Manager (IDM)
    Version : 5.12.6.0
    Description : Internet Download Manager (IDM)
    Company : Tonec Inc.
    Window Title : خصائص الملف
    File Size : 2,577,840
    File Created Date : 15/01/1429 01:06:25 م
    File Modified Date : 25/01/1429 05:35:58 م
    Filename : C:\Program Files\Internet Download Manager\IDMan.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 2
    Hidden Windows : 7
    User Name : NAWAF\N a W a F
    Mem Usage : 10568 K
    Mem Usage Peak : 10568 K
    Page Faults : 4223
    Pagefile Usage : 4204 K
    Pagefile Peak Usage : 4208 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : BlueSoleil.exe
    ProcessID : 2464
    Priority : Normal
    Product Name : BlueSoleil
    Version : 1, 6, 1, 4
    Description : Bluetooth Application
    Company : IVT Corporation
    Window Title :
    File Size : 1,183,744
    File Created Date : 16/03/1428 11:36:15 م
    File Modified Date : 29/04/1426 08:23:08 م
    Filename : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 0
    Hidden Windows : 8
    User Name : NAWAF\N a W a F
    Mem Usage : 11416 K
    Mem Usage Peak : 11468 K
    Page Faults : 4188
    Pagefile Usage : 6568 K
    Pagefile Peak Usage : 6628 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : gce.exe
    ProcessID : 2472
    Priority : Normal
    Product Name : gce
    Version : 5.00
    Description :
    Company : Leithauser Research
    Window Title : Clock Guard Enforcer
    File Size : 30,720
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 07:02:08 م
    Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:26 م
    Visible Windows : 1
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3996 K
    Mem Usage Peak : 3996 K
    Page Faults : 1044
    Pagefile Usage : 1120 K
    Pagefile Peak Usage : 1124 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : WZQKPICK.EXE
    ProcessID : 2508
    Priority : Normal
    Product Name : WinZip
    Version : 1.0 (32-bit)
    Description : WinZip Executable
    Company : WinZip Computing, S.L.
    Window Title :
    File Size : 394,856
    File Created Date : 21/11/1428 08:10:00 ص
    File Modified Date : 21/11/1428 08:10:00 ص
    Filename : C:\Program Files\WinZip\WZQKPICK.EXE
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:27 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3292 K
    Mem Usage Peak : 3292 K
    Page Faults : 878
    Pagefile Usage : 844 K
    Pagefile Peak Usage : 844 K
    File Attributes : AR
    ==================================================
    ==================================================
    Process Name : gce.exe
    ProcessID : 3592
    Priority : Normal
    Product Name : gce
    Version : 5.00
    Description :
    Company : Leithauser Research
    Window Title : wsgc
    File Size : 30,720
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 07:02:08 م
    Filename : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:33 م
    Visible Windows : 1
    Hidden Windows : 2
    User Name : NAWAF\N a W a F
    Mem Usage : 3892 K
    Mem Usage Peak : 3892 K
    Page Faults : 1011
    Pagefile Usage : 1116 K
    Pagefile Peak Usage : 1120 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : zpitsp.exe
    ProcessID : 3924
    Priority : Normal
    Product Name : WatcherCG
    Version : 1.01
    Description :
    Company : Leithauser Research
    Window Title : ctgpp
    File Size : 13,312
    File Created Date : 21/09/1428 02:34:22 م
    File Modified Date : 23/06/1428 06:43:56 م
    Filename : C:\WINDOWS\zpitsp.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:34 م
    Visible Windows : 1
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 3856 K
    Mem Usage Peak : 3856 K
    Page Faults : 1026
    Pagefile Usage : 1116 K
    Pagefile Peak Usage : 1116 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : wmiprvse.exe
    ProcessID : 1864
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : WMI
    Company : Microsoft Corporation
    Window Title :
    File Size : 218,112
    File Created Date : 11/03/1428 07:02:08 ص
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:10:35 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 5896 K
    Mem Usage Peak : 5904 K
    Page Faults : 1552
    Pagefile Usage : 2168 K
    Pagefile Peak Usage : 3092 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : IEMonitor.exe
    ProcessID : 3568
    Priority : Normal
    Product Name : IEMonitor Application
    Version : 3, 0, 0, 1
    Description : Internet Download Manager agent for click monitoring in IE-based browsers
    Company : Tonec Inc.
    Window Title :
    File Size : 251,576
    File Created Date : 15/01/1429 01:06:20 م
    File Modified Date : 02/02/1428 02:53:52 م
    Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:10:50 م
    Visible Windows : 0
    Hidden Windows : 3
    User Name : NAWAF\N a W a F
    Mem Usage : 5552 K
    Mem Usage Peak : 5564 K
    Page Faults : 1495
    Pagefile Usage : 2872 K
    Pagefile Peak Usage : 2888 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : wuauclt.exe
    ProcessID : 2872
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 7.0.6000.381 (winmain(wmbla).070730-1740)
    Description : Windows Update Automatic Updates
    Company : Microsoft Corporation
    Window Title :
    File Size : 53,080
    File Created Date : 11/03/1428 07:04:37 ص
    File Modified Date : 17/07/1428 02:19:16 ص
    Filename : C:\WINDOWS\system32\wuauclt.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:11:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 9740 K
    Mem Usage Peak : 9744 K
    Page Faults : 2753
    Pagefile Usage : 6712 K
    Pagefile Peak Usage : 6728 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : usnsvc.exe
    ProcessID : 784
    Priority : Normal
    Product Name : Messenger
    Version : 8.1.0178.00
    Description : Messenger Sharing USN Journal Reader Service
    Company : Microsoft Corporation
    Window Title :
    File Size : 97,136
    File Created Date : 01/01/1428 08:54:14 م
    File Modified Date : 01/01/1428 08:54:14 م
    Filename : C:\Program Files\MSN Messenger\usnsvc.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:12:19 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NT AUTHORITY\SYSTEM
    Mem Usage : 2908 K
    Mem Usage Peak : 2908 K
    Page Faults : 786
    Pagefile Usage : 984 K
    Pagefile Peak Usage : 984 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : tmcheck.exe
    ProcessID : 1292
    Priority : Normal
    Product Name : LG Intelligent Update
    Version : 1.00
    Description :
    Company : CST
    Window Title :
    File Size : 20,480
    File Created Date : 11/03/1428 09:51:18 ص
    File Modified Date : 12/11/1425 11:46:54 م
    Filename : C:\Program Files\lg_swupdate\tmcheck.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:12:43 م
    Visible Windows : 0
    Hidden Windows : 4
    User Name : NAWAF\N a W a F
    Mem Usage : 3528 K
    Mem Usage Peak : 3528 K
    Page Faults : 925
    Pagefile Usage : 1060 K
    Pagefile Peak Usage : 1064 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : runn.exe
    ProcessID : 1828
    Priority : Normal
    Product Name :
    Version :
    Description :
    Company :
    Window Title :
    File Size : 71,680
    File Created Date : 25/01/1429 06:39:58 م
    File Modified Date : 23/01/1429 10:24:25 م
    Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\runn.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:14:08 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2496 K
    Mem Usage Peak : 2508 K
    Page Faults : 730
    Pagefile Usage : 812 K
    Pagefile Peak Usage : 916 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : cmd.exe
    ProcessID : 2704
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : Windows Command Processor
    Company : Microsoft Corporation
    Window Title :
    File Size : 388,608
    File Created Date : 18/06/1425 12:00:00 م
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\cmd.exe
    Base Address : 0x4AD00000
    Created On : 25/01/1429 11:14:08 م
    Visible Windows : 0
    Hidden Windows : 1
    User Name : NAWAF\N a W a F
    Mem Usage : 3024 K
    Mem Usage Peak : 3092 K
    Page Faults : 875
    Pagefile Usage : 2136 K
    Pagefile Peak Usage : 2212 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : wmiprvse.exe
    ProcessID : 1100
    Priority : Normal
    Product Name : Microsoft® Windows® Operating System
    Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Description : WMI
    Company : Microsoft Corporation
    Window Title :
    File Size : 218,112
    File Created Date : 11/03/1428 07:02:08 ص
    File Modified Date : 18/06/1425 12:00:00 م
    Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
    Base Address : 0x01000000
    Created On : 25/01/1429 11:14:10 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name :
    Mem Usage : 5788 K
    Mem Usage Peak : 5788 K
    Page Faults : 1505
    Pagefile Usage : 3016 K
    Pagefile Peak Usage : 3016 K
    File Attributes : A
    ==================================================
    ==================================================
    Process Name : CProcess.exe
    ProcessID : 2920
    Priority : Normal
    Product Name : CurrProcess
    Version : 1.11
    Description : CurrProcess
    Company : NirSoft
    Window Title :
    File Size : 35,840
    File Created Date : 25/01/1429 06:39:58 م
    File Modified Date : 08/06/1426 04:46:34 ص
    Filename : C:\DOCUME~1\NAWAF~1\LOCALS~1\Temp\bntoz\CProcess.exe
    Base Address : 0x00400000
    Created On : 25/01/1429 11:14:13 م
    Visible Windows : 0
    Hidden Windows : 0
    User Name : NAWAF\N a W a F
    Mem Usage : 2552 K
    Mem Usage Peak : 2652 K
    Page Faults : 1417
    Pagefile Usage : 1100 K
    Pagefile Peak Usage : 1200 K
    File Attributes : A
    ==================================================
    .
    .
    --------------------------\\\ End Report Of Running Processes ---------------
    .
    .
    .
    .
    --------------------------\\\ Windows XP Startup List ---------------
    .
    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    autocheck autochk *
    autocheck autochk *
    Auto Check Utility
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\autochk.exe
    HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
    rdpclip
    rdpclip
    RDP Clip Monitor
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\rdpclip.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\system32\userinit.exe
    Userinit Logon Application
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\userinit.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
    Explorer.exe
    Explorer.exe
    Windows Explorer
    Microsoft Corporation
    6.00.2900.3156
    c:\windows\explorer.exe
    c:\windows\Autorun.exe
    c:\windows\Autorun.exe
    File not found: c:\windows\Autorun.exe
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    NeroFilterCheck
    C:\WINDOWS\system32\NeroCheck.exe
    NeroCheck
    Ahead Software Gmbh
    1.00.0000.0002
    c:\windows\system32\nerocheck.exe
    LG Intelligent Update
    "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
    CST
    1.00.0000.0000
    c:\program files\lg_swupdate\autoupdate.exe
    SynTPLpr
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    TouchPad Driver Helper Application
    Synaptics, Inc.
    7.12.0009.0004
    c:\program files\synaptics\syntp\syntplpr.exe
    SynTPEnh
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Synaptics TouchPad Enhancements
    Synaptics, Inc.
    7.12.0009.0004
    c:\program files\synaptics\syntp\syntpenh.exe
    batterymiser
    "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
    Battery Miser
    LG Electronics Inc.
    3.37.0000.0000
    c:\program files\lg software\battery miser 2005\batterymiser.exe
    KeybdUtility
    "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
    HotKey
    LG Electronics
    1.00.0000.0000
    c:\program files\lg software\on screen display\hotkey.exe
    High Definition Audio Property Page Shortcut
    HDAShCut.exe
    High Definition Audio Property Page Shortcut v1.0a
    Windows (R) Server 2003 DDK provider
    5.10.0001.5013
    c:\windows\system32\hdashcut.exe
    AGRSMMSG
    AGRSMMSG.exe
    SoftModem Messaging Applet
    Agere Systems
    2.01.0047.0008
    c:\windows\agrsmmsg.exe
    Cmaudio
    RunDll32 cmicnfg.cpl,CMICtrlWnd
    CmiCnfg DLL
    C-Media Corporation
    1.00.0046.0004
    c:\windows\system\cmicnfg.cpl
    igfxtray
    C:\WINDOWS\system32\igfxtray.exe
    igfxTray Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\igfxtray.exe
    igfxhkcmd
    C:\WINDOWS\system32\hkcmd.exe
    hkcmd Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\hkcmd.exe
    igfxpers
    C:\WINDOWS\system32\igfxpers.exe
    persistence Module
    Intel Corporation
    3.00.0000.4497
    c:\windows\system32\igfxpers.exe
    lrrpfgcp
    C:\WINDOWS\lrrpfgcp.exe
    Leithauser Research
    1.00.0000.0000
    c:\windows\lrrpfgcp.exe
    TkBellExe
    "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    RealNetworks Scheduler
    RealNetworks, Inc.
    0.01.0000.3760
    c:\program files\common files\real\update_ob\realsched.exe
    IPO3
    "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
    IPO3 MFC ?? ????
    1.00.0000.0001
    c:\program files\lg software\ip operator 2005\ip operator 2005.exe
    Explorer
    C:\WINDOWS\iexplorer.exe
    File not found: C:\WINDOWS\iexplorer.exe
    SunJavaUpdateSched
    "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    Java(TM) Platform SE binary
    Sun Microsystems, Inc.
    6.00.0030.0005
    c:\program files\java\jre1.6.0_03\bin\jusched.exe
    HPDJ Taskbar Utility
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    HP
    2.236.0004.0000
    c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
    HP Software Update
    "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    hpwuSchd
    Hewlett-Packard
    1.00.0000.0002
    c:\program files\hewlett-packard\hp software update\hpwuschd.exe
    HP Component Manager
    "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    HP Framework Component Manager Service
    Hewlett-Packard Company
    2.01.0001.0000
    c:\program files\hp\hpcoretech\hpcmpmgr.exe
    DeviceDiscovery
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    hpotdd01
    Hewlett-Packard
    1.00.0000.0001
    c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
    InkMonitor
    C:\Program Files\Pokluda\InkMonitor\InkMonitor.exe
    InkMonitor
    2.01.0002.0001
    c:\program files\pokluda\inkmonitor\inkmonitor.exe
    AVP
    "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    Kaspersky Anti-Virus
    Kaspersky Lab
    7.00.0000.0125
    c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    BlueSoleil.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
    Bluetooth Application
    IVT Corporation
    1.06.0001.0004
    c:\program files\ivt corporation\bluesoleil\bluesoleil.exe
    gce.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\gce.exe
    Leithauser Research
    5.00.0000.0000
    c:\documents and settings\all users\start menu\programs\startup\gce.exe
    WinZip Quick Pick.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    WinZip Executable
    WinZip Computing, S.L.
    1.00.7403.0000
    c:\program files\winzip\wzqkpick.exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    ctfmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    CTF Loader
    Microsoft Corporation
    5.01.2600.2180
    c:\windows\system32\ctfmon.exe
    MsnMsgr
    "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    Messenger
    Microsoft Corporation
    8.01.0178.0000
    c:\program files\msn messenger\msnmsgr.exe
    MSMSGS
    "C:\Program Files\Messenger\msmsgs.exe" /background
    Windows Messenger
    Microsoft Corporation
    4.07.0000.3001
    c:\program files\messenger\msmsgs.exe
    TorCP
    C:\Program Files\TorCP\torcp.exe
    Tor Control Panel
    Matt Edman
    0.00.0004.0000
    c:\program files\torcp\torcp.exe
    STYLEXP
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    StyleXP Application
    0.30.0000.0000
    c:\program files\tgtsoft\stylexp\stylexp.exe
    BitComet
    "D:\Program Files\BitComet\BitComet.exe" /tray
    File not found: D:\Program Files\BitComet\BitComet.exe
    WMPNSCFG
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    ‎‎تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
    Microsoft Corporation
    11.00.5721.5145
    c:\program files\windows media player\wmpnscfg.exe
    DU Meter
    C:\Program Files\DU Meter\DUMeter.exe
    DU Meter Monitor
    Hagel Technologies Ltd
    4.00.3009.0000
    c:\program files\du meter\dumeter.exe
    IDMan
    C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    Internet Download Manager (IDM)
    Tonec Inc.
    5.12.0006.0000
    c:\program files\internet download manager\idman.exe
    .
    .
    ----------- End Report ---------------
     
  20. زيزوووم

    زيزوووم عضو شرف

    إنضم إلينا في:
    ‏يوليو 15, 2007
    المشاركات:
    7,862
    الإعجابات :
    1,274
    نقاط الجائزة:
    1,020
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows XP
    منتاز منتاز :noskjiuyweat:
     
حالة الموضوع:
مغلق

مشاركة هذه الصفحة

جاري تحميل الصفحة...