السلام عليكم ورحمة الله وبركاته
احبتي الزيزوميين مسائكم فل وورد وكادي
اوجه مشكله في منفذ usb في جهازي المحمول حيث تخرج هذه الرسالة
علماً بان مواصفات المذربورد كما يلي
وهذا تقرير للهايجاك
احبتي الزيزوميين مسائكم فل وورد وكادي
اوجه مشكله في منفذ usb في جهازي المحمول حيث تخرج هذه الرسالة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
علماً بان مواصفات المذربورد كما يلي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وهذا تقرير للهايجاك
كود:
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:10:29 م, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\mhm\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\mhm\LOCALS~1\Temp\bntoz\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\mhm\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\mhm\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: كاشف برو.LNK = C:\KashifPro\KashifPro.exe
O4 - Global Startup: GlaryRegDefrag.lnk = C:\Program Files\Glary Utilities\regdefrag.exe
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = ?
O4 - Global Startup: سرعة تشغيل Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - [URL]http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_12.cab[/URL]
O18 - Filter: text/plain - (no CLSID) - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
--
End of file - 5271 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 1424
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 11/10/1429 03:21:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 376 K
Mem Usage Peak : 688 K
Page Faults : 293
Pagefile Usage : 172 K
Pagefile Peak Usage : 1672 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1584
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 11/10/1429 03:21:09 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4480 K
Mem Usage Peak : 5208 K
Page Faults : 12247
Pagefile Usage : 2084 K
Pagefile Peak Usage : 2088 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1608
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:10 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5668 K
Mem Usage Peak : 17676 K
Page Faults : 9719
Pagefile Usage : 11428 K
Pagefile Peak Usage : 12400 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1652
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:10 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3540 K
Mem Usage Peak : 3588 K
Page Faults : 3219
Pagefile Usage : 2076 K
Pagefile Peak Usage : 2532 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1664
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:10 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1764 K
Mem Usage Peak : 6240 K
Page Faults : 6913
Pagefile Usage : 4520 K
Pagefile Peak Usage : 4644 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1812
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5260 K
Mem Usage Peak : 5324 K
Page Faults : 1589
Pagefile Usage : 6744 K
Pagefile Peak Usage : 26644 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1908
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:11 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4600 K
Mem Usage Peak : 4616 K
Page Faults : 1321
Pagefile Usage : 5452 K
Pagefile Peak Usage : 5520 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1948
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:11 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 27052 K
Mem Usage Peak : 27124 K
Page Faults : 26120
Pagefile Usage : 21176 K
Pagefile Peak Usage : 26280 K
File Attributes : A
==================================================
==================================================
Process Name : S24EvMon.exe
ProcessID : 2032
Priority : Normal
Product Name : Intel(R) PROSet/Wireless Service
Version : 11. 5. 0. 0
Description : Wireless Management Service
Company : Intel Corporation
Window Title :
File Size : 1,183,744
File Created Date : 27/09/1428 11:06:44 ص
File Modified Date : 27/09/1428 11:06:44 ص
Filename : C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:11 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 11684 K
Mem Usage Peak : 11684 K
Page Faults : 3093
Pagefile Usage : 10744 K
Pagefile Peak Usage : 10952 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 460
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:12 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4620 K
Mem Usage Peak : 4628 K
Page Faults : 1225
Pagefile Usage : 4744 K
Pagefile Peak Usage : 4768 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 784
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : القرص المحلي (D:)
File Size : 1,033,216
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 11/10/1429 03:21:13 م
Visible Windows : 3
Hidden Windows : 37
User Name : ATC\mhm
Mem Usage : 38644 K
Mem Usage Peak : 44796 K
Page Faults : 52753
Pagefile Usage : 42000 K
Pagefile Peak Usage : 49752 K
File Attributes : A
==================================================
==================================================
Process Name : aawservice.exe
ProcessID : 1036
Priority : Normal
Product Name : Ad-Aware Service
Version : 7,1,0,12
Description : Ad-Aware Service
Company : Lavasoft
Window Title :
File Size : 611,664
File Created Date : 07/05/1429 09:38:28 ص
File Modified Date : 21/08/1429 03:00:05 م
Filename : C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1112 K
Mem Usage Peak : 194844 K
Page Faults : 89252
Pagefile Usage : 19996 K
Pagefile Peak Usage : 197384 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1352
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5692 K
Mem Usage Peak : 5720 K
Page Faults : 2060
Pagefile Usage : 6912 K
Pagefile Peak Usage : 7224 K
File Attributes : A
==================================================
==================================================
Process Name : guard.exe
ProcessID : 1456
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 22
Description : AVG Anti-Spyware guard
Company : GRISOFT s.r.o.
Window Title :
File Size : 312,880
File Created Date : 06/09/1427 02:13:20 م
File Modified Date : 02/02/1429 11:21:09 ص
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1732 K
Mem Usage Peak : 49552 K
Page Faults : 28175
Pagefile Usage : 45700 K
Pagefile Peak Usage : 49612 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1472
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.357
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 201,992
File Created Date : 19/04/1429 03:21:30 م
File Modified Date : 19/04/1429 03:21:30 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 38244 K
Mem Usage Peak : 187532 K
Page Faults : 1293573
Pagefile Usage : 55732 K
Pagefile Peak Usage : 220640 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1832
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3428 K
Mem Usage Peak : 3436 K
Page Faults : 902
Pagefile Usage : 2768 K
Pagefile Peak Usage : 2792 K
File Attributes : A
==================================================
==================================================
Process Name : EvtEng.exe
ProcessID : 2004
Priority : Normal
Product Name : Intel(R) PROSet/Wireless Event Log
Version : 11. 5. 0. 0
Description : Intel(R) PROSet/Wireless Event Log
Company : Intel Corporation
Window Title :
File Size : 794,624
File Created Date : 27/09/1428 11:27:02 ص
File Modified Date : 27/09/1428 11:27:02 ص
Filename : C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 13040 K
Mem Usage Peak : 13048 K
Page Faults : 3485
Pagefile Usage : 12252 K
Pagefile Peak Usage : 12696 K
File Attributes : A
==================================================
==================================================
Process Name : RegSrvc.exe
ProcessID : 300
Priority : Normal
Product Name : Intel(R) PROSet/Wireless Registry Service
Version : 11. 5. 0. 0
Description : Intel(R) PROSet/Wireless Registry Service
Company : Intel Corporation
Window Title :
File Size : 483,328
File Created Date : 27/09/1428 11:01:54 ص
File Modified Date : 27/09/1428 11:01:54 ص
Filename : C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:19 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3212 K
Mem Usage Peak : 3212 K
Page Faults : 820
Pagefile Usage : 4196 K
Pagefile Peak Usage : 4204 K
File Attributes : A
==================================================
==================================================
Process Name : ScsiAccess.exe
ProcessID : 348
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 181,312
File Created Date : 17/09/1429 06:20:56 م
File Modified Date : 17/09/1429 06:20:56 م
Filename : C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:20 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 964 K
Mem Usage Peak : 964 K
Page Faults : 237
Pagefile Usage : 312 K
Pagefile Peak Usage : 312 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1176
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:41 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3760 K
Mem Usage Peak : 3760 K
Page Faults : 972
Pagefile Usage : 4152 K
Pagefile Peak Usage : 4156 K
File Attributes : A
==================================================
==================================================
Process Name : avgas.exe
ProcessID : 1544
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 43
Description : AVG Anti-Spyware
Company : GRISOFT s.r.o.
Window Title :
File Size : 6,731,312
File Created Date : 06/09/1427 02:13:50 م
File Modified Date : 02/02/1429 11:20:14 ص
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:42 م
Visible Windows : 0
Hidden Windows : 20
User Name : ATC\mhm
Mem Usage : 3452 K
Mem Usage Peak : 50092 K
Page Faults : 28758
Pagefile Usage : 64136 K
Pagefile Peak Usage : 64148 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 1588
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 11/10/1429 03:21:42 م
Visible Windows : 0
Hidden Windows : 2
User Name : ATC\mhm
Mem Usage : 3500 K
Mem Usage Peak : 3500 K
Page Faults : 908
Pagefile Usage : 3000 K
Pagefile Peak Usage : 3000 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 780
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 8.0.0.357
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 201,992
File Created Date : 19/04/1429 03:21:30 م
File Modified Date : 19/04/1429 03:21:30 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:42 م
Visible Windows : 0
Hidden Windows : 3
User Name : ATC\mhm
Mem Usage : 2912 K
Mem Usage Peak : 7852 K
Page Faults : 16301
Pagefile Usage : 17092 K
Pagefile Peak Usage : 17344 K
File Attributes : A
==================================================
==================================================
Process Name : RtWLan.exe
ProcessID : 1984
Priority : Normal
Product Name : RtWLan Application
Version : 402, 1190, 801, 2006
Description : RtWLan ( For Win2K/XP ) Application
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 737,280
File Created Date : 06/09/1429 09:46:57 م
File Modified Date : 07/07/1427 06:19:10 ص
Filename : C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
Base Address : 0x00400000
Created On : 11/10/1429 03:21:43 م
Visible Windows : 0
Hidden Windows : 18
User Name : ATC\mhm
Mem Usage : 7460 K
Mem Usage Peak : 7492 K
Page Faults : 2881
Pagefile Usage : 5360 K
Pagefile Peak Usage : 5408 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 3044
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/10/1429 05:00:33 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4572 K
Mem Usage Peak : 4592 K
Page Faults : 1231
Pagefile Usage : 5952 K
Pagefile Peak Usage : 6024 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2944
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : زيزوووم للأمن والحمايه - Powered by vBulletin - Microsoft Internet Explorer
File Size : 93,184
File Created Date : 28/11/1428 06:09:52 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\Program Files\internet explorer\iexplore.exe
Base Address : 0x00400000
Created On : 11/10/1429 05:08:28 م
Visible Windows : 1
Hidden Windows : 16
User Name : ATC\mhm
Mem Usage : 12544 K
Mem Usage Peak : 15856 K
Page Faults : 12658
Pagefile Usage : 21932 K
Pagefile Peak Usage : 21944 K
File Attributes : A
==================================================
==================================================
Process Name : wuauclt.exe
ProcessID : 416
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 7.0.6000.381 (winmain(wmbla).070730-1740)
Description : Windows Update Automatic Updates
Company : Microsoft Corporation
Window Title :
File Size : 53,080
File Created Date : 28/11/1428 06:10:15 م
File Modified Date : 16/07/1428 04:19:16 م
Filename : C:\WINDOWS\system32\wuauclt.exe
Base Address : 0x00400000
Created On : 11/10/1429 05:08:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7148 K
Mem Usage Peak : 7160 K
Page Faults : 2070
Pagefile Usage : 9384 K
Pagefile Peak Usage : 9420 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3028
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 11/10/1429 02:10:23 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\mhm\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 11/10/1429 05:10:23 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATC\mhm
Mem Usage : 2216 K
Mem Usage Peak : 2216 K
Page Faults : 633
Pagefile Usage : 884 K
Pagefile Peak Usage : 888 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2612
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 18/06/1425 12:00:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 11/10/1429 05:10:23 م
Visible Windows : 0
Hidden Windows : 1
User Name : ATC\mhm
Mem Usage : 3028 K
Mem Usage Peak : 3096 K
Page Faults : 851
Pagefile Usage : 2156 K
Pagefile Peak Usage : 2232 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2204
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 28/11/1428 06:08:00 م
File Modified Date : 18/06/1425 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 11/10/1429 05:10:25 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5796 K
Mem Usage Peak : 5796 K
Page Faults : 1481
Pagefile Usage : 6408 K
Pagefile Peak Usage : 6408 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3840
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 11/10/1429 02:10:23 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\mhm\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 11/10/1429 05:10:29 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATC\mhm
Mem Usage : 2196 K
Mem Usage Peak : 2248 K
Page Faults : 839
Pagefile Usage : 944 K
Pagefile Peak Usage : 1632 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
lsdelete
lsdelete
c:\windows\system32\lsdelete.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
AVG Anti-Spyware
GRISOFT s.r.o.
7.05.0001.0043
c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
BluetoothAuthenticationAgent
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Bluetooth Control Panel Applet
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\bthprops.cpl
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
Apple Computer, Inc.
6.05.0001.0017
c:\program files\quicktime\qttask.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
8.00.0000.0357
c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
GlaryRegDefrag.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GlaryRegDefrag.lnk
File not found: C:\Program Files\Glary Utilities\regdefrag.exe
REALTEK RTL8187 Wireless LAN Utility.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REALTEK RTL8187 Wireless LAN Utility.lnk
RtWLan ( For Win2K/XP ) Application
Realtek Semiconductor Corp.
402.1190.0801.2006
c:\program files\realtek rtl8187 wireless lan driver and utility\rtwlan.exe
سرعة تشغيل Adobe Reader.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\سرعة تشغيل Adobe Reader.lnk
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
8.00.0000.0000
c:\program files\adobe\reader 8.0\reader\reader_sl.exe
C:\Documents and Settings\mhm\Start Menu\Programs\Startup
كاشف برو.LNK
C:\Documents and Settings\mhm\Start Menu\Programs\Startup\كاشف برو.LNK
kashifpro.com
kashifpro.com
3.00.0000.0000
c:\kashifpro\kashifpro.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Privacy Suite
"C:\Documents and Settings\mhm\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\mhm\Application Data\CyberScrub\Privacy Suite"
Privacy Suite (TM)
CyberScrub LLC
4.07.0000.0139
c:\documents and settings\mhm\application data\cleaner\cspseraser.exe
.
.
----------- End Report ---------------