جهازي وتقرير كمبوفيكس

الحالة
مغلق و غير مفتوح للمزيد من الردود.
M

Mr.SaUdI

زيزوومي جديد
إنضم
22 أكتوبر 2008
المشاركات
939
مستوى التفاعل
7
النقاط
0
غير متصل
السلام عليكم ورحمة الله وبركاته

تقرير كمبوفيكس , وقبل التقرير سويت بحث بـ الكاسبر سكورتي والافاست

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


وجزاكم الله الف خير
 

توقيع : Mr.SaUdI
ترتيب حسب التاريخ ترتيب حسب الأصوات
هلاا فيك ياغالي


عندك باتش على الجهاز وتم حذفه بالاداة

ومهم جداا تعمل تقرير ببرنامج حماية

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي




بانتظار التقرير
 
تأييد 0
اخوي ماكس

حاولت اسوي فحص على البت ديفندر لكنه يطول جلس معي فووووووق 3 ساعات ولاطلعت بنتيجة فحص
وبالنسبه لاداة الكمبوفكس لما استخدمتها اول مرهـ عطلت عندي الكاسبر وصارت تجيني تقارير على سطح المكتب وهذا عنوانها
hs_err_pid3916.log

اي موقع تنصحني استخدم للسكان فايروس

بإنتظارك
 
توقيع : Mr.SaUdI
تأييد 0
توقيع : Mr.SaUdI
تأييد 0
اخي ركب الاعدادات التالية على الكاسبر

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



واعمل فحص شامل للجهاز
والتقارير اللي بسطح المكتب ارفعها للاطلاع عليها
 
تأييد 0
اخوي ماكس التقرير الاول

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


التقرير الثاني

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


التقرير الثالث

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


اخوي ماكس ياليت يالغالي توضح لي خلاصة التقرير الاول غير الباتش يعني فيه قيمه خطأ او شيئ زي كذا ؟
وتقرير الهايجاك ياليت تخبرني عنه والتقارير الثلاثه ذي .. وبالنسبه للكاسبر انا حاط اعدادات زيزوميه
ومسوي عليها زيادهـ بعض الخيارات وقبل شوي مسوي سكاان للجهاز

بإنتظارك
 
توقيع : Mr.SaUdI
تأييد 0
اخوي من وين جايب هذي التقارير ؟؟؟
 
تأييد 0
هذي بعد اداة الكمبوفكس صارت تطلع لي على سطح المكتب

ليش تسأل ؟
 
توقيع : Mr.SaUdI
تأييد 0
اهااا
لاني ما عرفت ايش هي

لا هنت ارفع التقارير كاملة
 
تأييد 0
اخوي ماكس ..
الثلاث التقارير اللي على سطح المكتب نسختها ولصقتها مافيه غيرهم ..
وبسوي لك تقرير على جديد على الكمبو فكس والهايجاك

اخوي ماكس ياليت يالغالي توضح لي
خلاصة التقرير الاول للكمبوفكس غير الباتش يعني فيه قيمه خطأ او شيئ زي كذا ؟
وتقرير الهايجاك ياليت تخبرني عنه
 
توقيع : Mr.SaUdI
تأييد 0
توقيع : Mr.SaUdI
تأييد 0
ومن الهايجاك

اختار Do a system scan and save log

انتظر وانتظر

لكن

مايطلع لي تقرير ؟؟
 
التعديل الأخير بواسطة المشرف:
توقيع : Mr.SaUdI
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


استخدم هذه الاداة بدل الهايجاك
حمل الاداة التالية

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



شغلها بدبل كلك ،، ثواني يظهر المفكرة وفيها تقرير ،، اعمل تحديد الكل وانسخه والصقه بمشاركتك القادمة
 
التعديل الأخير بواسطة المشرف:
تأييد 0
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:56:26 م, on 03/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.87:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.0.0.138
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 8247 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 1544
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 18/06/1425 12:56:30 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 05/12/1429 04:29:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 124 K
Mem Usage Peak : 476 K
Page Faults : 218
Pagefile Usage : 168 K
Pagefile Peak Usage : 1668 K
File Attributes : A
==================================================

==================================================
Process Name : csrss.exe
ProcessID : 812
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 18/06/1425 12:56:08 ص
File Modified Date : 08/04/1429 03:59:49 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 05/12/1429 04:30:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5096 K
Mem Usage Peak : 5688 K
Page Faults : 9777
Pagefile Usage : 7788 K
Pagefile Peak Usage : 7800 K
File Attributes : A
==================================================

==================================================
Process Name : winlogon.exe
ProcessID : 892
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 506,880
File Created Date : 18/06/1425 12:56:36 ص
File Modified Date : 08/04/1429 04:00:06 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2452 K
Mem Usage Peak : 16488 K
Page Faults : 7654
Pagefile Usage : 6880 K
Pagefile Peak Usage : 10212 K
File Attributes : A
==================================================

==================================================
Process Name : services.exe
ProcessID : 996
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : ‎‎Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,544
File Created Date : 18/06/1425 12:56:30 ص
File Modified Date : 08/04/1429 04:00:02 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1672 K
Mem Usage Peak : 3788 K
Page Faults : 3469
Pagefile Usage : 1820 K
Pagefile Peak Usage : 2372 K
File Attributes : A
==================================================

==================================================
Process Name : lsass.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 18/06/1425 12:56:18 ص
File Modified Date : 08/04/1429 03:59:55 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1592 K
Mem Usage Peak : 6200 K
Page Faults : 4260
Pagefile Usage : 3948 K
Pagefile Peak Usage : 4256 K
File Attributes : A
==================================================

==================================================
Process Name : Ati2evxx.exe
ProcessID : 1208
Priority : Normal
Product Name : ATI External Event Utility for Windows
Version : 6.14.10.4207
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 573,440
File Created Date : 24/06/1428 10:32:57 م
File Modified Date : 19/08/1429 02:05:57 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1504 K
Mem Usage Peak : 3360 K
Page Faults : 888
Pagefile Usage : 1980 K
Pagefile Peak Usage : 1980 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1228
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2316 K
Mem Usage Peak : 5252 K
Page Faults : 1540
Pagefile Usage : 3268 K
Pagefile Peak Usage : 23584 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1408
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1784 K
Mem Usage Peak : 4460 K
Page Faults : 1296
Pagefile Usage : 1932 K
Pagefile Peak Usage : 2072 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1532
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 10648 K
Mem Usage Peak : 30256 K
Page Faults : 14995
Pagefile Usage : 18172 K
Pagefile Peak Usage : 26732 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1796
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 2740 K
Mem Usage Peak : 6664 K
Page Faults : 1839
Pagefile Usage : 4920 K
Pagefile Peak Usage : 5224 K
File Attributes : A
==================================================

==================================================
Process Name : Ati2evxx.exe
ProcessID : 1928
Priority : Normal
Product Name : ATI External Event Utility for Windows
Version : 6.14.10.4207
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 573,440
File Created Date : 24/06/1428 10:32:57 م
File Modified Date : 19/08/1429 02:05:57 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1612 K
Mem Usage Peak : 3820 K
Page Faults : 1008
Pagefile Usage : 2172 K
Pagefile Peak Usage : 2208 K
File Attributes : A
==================================================

==================================================
Process Name : spoolsv.exe
ProcessID : 2032
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2080 K
Mem Usage Peak : 5740 K
Page Faults : 2927
Pagefile Usage : 3884 K
Pagefile Peak Usage : 4040 K
File Attributes : A
==================================================

==================================================
Process Name : Explorer.EXE
ProcessID : 1636
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.5512 (xpsp.080413-2105)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,031,168
File Created Date : 18/06/1425 12:56:12 ص
File Modified Date : 08/04/1429 03:59:52 م
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 05/12/1429 04:30:21 م
Visible Windows : 2
Hidden Windows : 26
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 17380 K
Mem Usage Peak : 38896 K
Page Faults : 41508
Pagefile Usage : 24520 K
Pagefile Peak Usage : 28228 K
File Attributes : A
==================================================

==================================================
Process Name : realsched.exe
ProcessID : 204
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.68
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,872
File Created Date : 12/10/1429 05:19:54 م
File Modified Date : 02/11/1429 06:13:01 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 2
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 216 K
Mem Usage Peak : 3048 K
Page Faults : 7801
Pagefile Usage : 1072 K
Pagefile Peak Usage : 1260 K
File Attributes : A
==================================================

==================================================
Process Name : ctfmon.exe
ProcessID : 272
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2105)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 18/06/1425 12:56:08 ص
File Modified Date : 08/04/1429 03:59:49 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 5
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 1680 K
Mem Usage Peak : 3340 K
Page Faults : 973
Pagefile Usage : 968 K
Pagefile Peak Usage : 976 K
File Attributes : A
==================================================

==================================================
Process Name : IDMan.exe
ProcessID : 312
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5, 0, 2, 14
Description : Internet Download Manager Application (IDM)
Company : Internet Download Manager Corp., Tonec Inc.
Window Title : Internet Download Manager 5.02
File Size : 817,896
File Created Date : 28/10/1429 11:35:04 ص
File Modified Date : 01/04/1427 08:53:54 ص
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 1
Hidden Windows : 6
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6272 K
Mem Usage Peak : 14132 K
Page Faults : 8662
Pagefile Usage : 8656 K
Pagefile Peak Usage : 10228 K
File Attributes : A
==================================================

==================================================
Process Name : PCSuite.exe
ProcessID : 336
Priority : Normal
Product Name : PC Suite
Version : 7, 0, 41, 14
Description : Nokia Launch Application
Company : Nokia
Window Title :
File Size : 1,124,352
File Created Date : 02/10/1429 04:00:38 ص
File Modified Date : 02/10/1429 04:00:38 ص
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 6
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 5400 K
Mem Usage Peak : 23964 K
Page Faults : 8806
Pagefile Usage : 11404 K
Pagefile Peak Usage : 11556 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 804
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3156 K
Mem Usage Peak : 6036 K
Page Faults : 2293
Pagefile Usage : 2980 K
Pagefile Peak Usage : 3460 K
File Attributes : A
==================================================

==================================================
Process Name : InCDsrv.exe
ProcessID : 852
Priority : Normal
Product Name : Nero AG incdsrv
Version : 5, 5, 3, 0
Description : incdsrv
Company : Nero AG
Window Title :
File Size : 1,552,680
File Created Date : 10/06/1428 05:47:12 ص
File Modified Date : 10/06/1428 05:47:12 ص
Filename : C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4132 K
Mem Usage Peak : 5224 K
Page Faults : 1377
Pagefile Usage : 2396 K
Pagefile Peak Usage : 2452 K
File Attributes : A
==================================================

==================================================
Process Name : jqs.exe
ProcessID : 692
Priority : Low
Product Name : Java(TM) Platform SE 6 U10
Version : 6.0.100.33
Description : Java(TM) Quick Starter Service
Company : Sun Microsystems, Inc.
Window Title :
File Size : 152,984
File Created Date : 23/10/1429 01:24:24 م
File Modified Date : 24/10/1429 12:35:16 ص
Filename : C:\Program Files\Java\jre6\bin\jqs.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1380 K
Mem Usage Peak : 16892 K
Page Faults : 536614
Pagefile Usage : 2504 K
Pagefile Peak Usage : 2704 K
File Attributes : A
==================================================

==================================================
Process Name : LSSrvc.exe
ProcessID : 1280
Priority : Normal
Product Name : LightScribe
Version : 1.10.13.1
Description : LightScribe Service
Company : Hewlett-Packard Company
Window Title :
File Size : 79,136
File Created Date : 10/08/1428 02:40:48 م
File Modified Date : 10/08/1428 02:40:48 م
Filename : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 740 K
Mem Usage Peak : 2740 K
Page Faults : 700
Pagefile Usage : 772 K
Pagefile Peak Usage : 772 K
File Attributes :
==================================================

==================================================
Process Name : MDM.EXE
ProcessID : 1332
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 08:25:00 م
File Modified Date : 19/04/1424 08:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 05/12/1429 04:30:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1284 K
Mem Usage Peak : 2960 K
Page Faults : 841
Pagefile Usage : 1024 K
Pagefile Peak Usage : 1040 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 172
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1168 K
Mem Usage Peak : 2996 K
Page Faults : 784
Pagefile Usage : 1096 K
Pagefile Peak Usage : 1096 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 292
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1136 K
Mem Usage Peak : 2972 K
Page Faults : 778
Pagefile Usage : 1092 K
Pagefile Peak Usage : 1092 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1372 K
Mem Usage Peak : 4548 K
Page Faults : 1239
Pagefile Usage : 2492 K
Pagefile Peak Usage : 2628 K
File Attributes : A
==================================================

==================================================
Process Name : TUProgSt.exe
ProcessID : 192
Priority : Normal
Product Name : TuneUp Utilities
Version : 8.0.1100.0
Description : TuneUp Program Statistics Service
Company : TuneUp Software
Window Title :
File Size : 603,904
File Created Date : 24/11/1429 10:00:20 م
File Modified Date : 24/11/1429 10:00:20 م
Filename : C:\WINDOWS\System32\TUProgSt.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1660 K
Mem Usage Peak : 2828 K
Page Faults : 4844
Pagefile Usage : 1040 K
Pagefile Peak Usage : 1040 K
File Attributes : A
==================================================

==================================================
Process Name : wdfmgr.exe
ProcessID : 1628
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.2.3790.1230 built by: DNSRV(bld4act)
Description : Windows User Mode Driver Manager
Company : Microsoft Corporation
Window Title :
File Size : 38,912
File Created Date : 24/06/1425 07:05:14 م
File Modified Date : 24/06/1425 07:05:14 م
Filename : C:\WINDOWS\system32\wdfmgr.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 696 K
Mem Usage Peak : 1880 K
Page Faults : 473
Pagefile Usage : 1616 K
Pagefile Peak Usage : 1648 K
File Attributes : A
==================================================

==================================================
Process Name : ServiceLayer.exe
ProcessID : 2748
Priority : Normal
Product Name : PC Connectivity Solution
Version : 7, 0, 13, 0
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 575,488
File Created Date : 05/08/1429 08:17:30 ص
File Modified Date : 05/08/1429 08:17:30 ص
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:37 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1584 K
Mem Usage Peak : 4476 K
Page Faults : 1165
Pagefile Usage : 1304 K
Pagefile Peak Usage : 1320 K
File Attributes : A
==================================================

==================================================
Process Name : NclUSBSrv.exe
ProcessID : 3212
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 5, 0
Description : NclUSBSrv Application
Company :
Window Title :
File Size : 130,560
File Created Date : 03/08/1429 11:11:04 ص
File Modified Date : 03/08/1429 11:11:04 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:40 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1216 K
Mem Usage Peak : 2576 K
Page Faults : 1265
Pagefile Usage : 1740 K
Pagefile Peak Usage : 1784 K
File Attributes : A
==================================================

==================================================
Process Name : alg.exe
ProcessID : 3560
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 18/06/1425 12:56:04 ص
File Modified Date : 08/04/1429 03:59:46 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:41 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 856 K
Mem Usage Peak : 3292 K
Page Faults : 861
Pagefile Usage : 1156 K
Pagefile Peak Usage : 1168 K
File Attributes : A
==================================================

==================================================
Process Name : NclRSSrv.exe
ProcessID : 3892
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 1, 0
Description : NclRSSrv Application
Company :
Window Title :
File Size : 120,320
File Created Date : 03/08/1429 11:10:58 ص
File Modified Date : 03/08/1429 11:10:58 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:31:04 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 880 K
Mem Usage Peak : 2152 K
Page Faults : 553
Pagefile Usage : 684 K
Pagefile Peak Usage : 684 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 2052
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:31:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1312 K
Mem Usage Peak : 3544 K
Page Faults : 928
Pagefile Usage : 1668 K
Pagefile Peak Usage : 1692 K
File Attributes : A
==================================================

==================================================
Process Name : firefox.exe
ProcessID : 400
Priority : Normal
Product Name : Firefox
Version : 1.9.0.4
Description : Firefox
Company : Mozilla Corporation
Window Title : جهازي وتقرير كمبوفيكس - الصفحة 2 - زيزوووم للأمن والحمايه - موزيلا فايرفوكس
File Size : 307,712
File Created Date : 26/11/1429 09:43:18 م
File Modified Date : 02/11/1429 09:05:47 م
Filename : C:\Program Files\Mozilla Firefox\firefox.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:35:14 م
Visible Windows : 1
Hidden Windows : 22
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 59468 K
Mem Usage Peak : 91592 K
Page Faults : 202873
Pagefile Usage : 81264 K
Pagefile Peak Usage : 83196 K
File Attributes : A
==================================================

==================================================
Process Name : IEXPLORE.EXE
ProcessID : 1680
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16735 (vista_gdr.080820-1506)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : جهازي وتقرير كمبوفيكس - الصفحة 2 - زيزوووم للأمن والحمايه#post651472 - Windows Internet Explorer
File Size : 635,848
File Created Date : 24/09/1420 09:00:00 م
File Modified Date : 21/08/1429 05:56:15 ص
Filename : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Base Address : 0x00400000
Created On : 05/12/1429 04:50:49 م
Visible Windows : 2
Hidden Windows : 37
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6332 K
Mem Usage Peak : 47072 K
Page Faults : 20358
Pagefile Usage : 33488 K
Pagefile Peak Usage : 34768 K
File Attributes :
==================================================

==================================================
Process Name : WLLoginProxy.exe
ProcessID : 2160
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 5.000.744.4
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 120,384
File Created Date : 15/02/1429 12:30:38 م
File Modified Date : 15/02/1429 12:30:38 م
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6212 K
Mem Usage Peak : 8064 K
Page Faults : 2157
Pagefile Usage : 4444 K
Pagefile Peak Usage : 4496 K
File Attributes : A
==================================================

==================================================
Process Name : wltuser.exe
ProcessID : 3160
Priority : Normal
Product Name : Windows Live Toolbar Beta
Version : 14.0.5023.0902
Description : Windows Live Toolbar Beta User Elevation Helper
Company : Microsoft Corporation
Window Title :
File Size : 134,160
File Created Date : 02/09/1429 06:13:38 م
File Modified Date : 02/09/1429 06:13:38 م
Filename : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6000 K
Mem Usage Peak : 7412 K
Page Faults : 2093
Pagefile Usage : 2260 K
Pagefile Peak Usage : 2356 K
File Attributes : A
==================================================

==================================================
Process Name : wmiprvse.exe
ProcessID : 3924
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2108)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 24/06/1428 11:13:57 م
File Modified Date : 08/04/1429 04:00:06 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:55:35 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5760 K
Mem Usage Peak : 5760 K
Page Faults : 1474
Pagefile Usage : 2976 K
Pagefile Peak Usage : 2976 K
File Attributes : A
==================================================

==================================================
Process Name : runn.exe
ProcessID : 3288
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 05/12/1429 01:55:29 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:56:24 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2100 K
Mem Usage Peak : 2116 K
Page Faults : 638
Pagefile Usage : 612 K
Pagefile Peak Usage : 700 K
File Attributes : A
==================================================

==================================================
Process Name : cmd.exe
ProcessID : 3528
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 389,120
File Created Date : 18/06/1425 12:56:06 ص
File Modified Date : 08/04/1429 03:59:48 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 05/12/1429 04:56:25 م
Visible Windows : 0
Hidden Windows : 1
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2920 K
Mem Usage Peak : 2984 K
Page Faults : 840
Pagefile Usage : 2076 K
Pagefile Peak Usage : 2152 K
File Attributes : A
==================================================

==================================================
Process Name : CProcess.exe
ProcessID : 560
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 05/12/1429 01:55:29 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:56:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2200 K
Mem Usage Peak : 2244 K
Page Faults : 949
Pagefile Usage : 888 K
Pagefile Peak Usage : 944 K
File Attributes : A
==================================================

.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\autochk.exe

HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\rdpclip.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.5512
c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0068
c:\program files\common files\real\update_ob\realsched.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Inc.
7.55.0090.0070
c:\program files\quicktime\qttask.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
8.00.0000.0506
c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\ctfmon.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager Application (IDM)
Internet Download Manager Corp., Tonec Inc.
5.00.0002.0014
c:\program files\internet download manager\idman.exe
PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Nokia Launch Application
Nokia
7.00.0041.0014
c:\program files\nokia\nokia pc suite 7\pcsuite.exe

Task Scheduler
AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Apple Software Update
Apple Inc.
2.01.0001.0116
c:\program files\apple software update\softwareupdate.exe
.
.
----------- End Report ---------------
 
توقيع : Mr.SaUdI
تأييد 0
حدد القيم التالية واحذفها

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

طريقة الحذف

mg%20(3).png


mg%20(4).png


بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود


ثم نزل هذه الاداة واتبع الشرح التالي



يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



التوافق : ويندوز اكسبيفقط


شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة


002.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

 
تأييد 0
اخوي ماكس بعد اعادة التشغيل اعطاني خطأ وش اختار وش اسوي

بإنتظاارك

zyzoom-f8d98cb10a.jpg
 
توقيع : Mr.SaUdI
تأييد 0
اضغط على ignore and contenue
 
تأييد 0
اخوي ماكس جزاك الله خيررر الان انتهيت


بعد ما انتهيت من الاداهـ الاخيرهـ رحت على برنامج التون آب لقيت عندي 30 خطأ بالريجستر حذفتهم
والحمدلله الجهاااز بالنسبه عن اول يفرق كثير ..

تبي ارفع لك تقارير اخوي ماااكس

بإنتظارك
 
توقيع : Mr.SaUdI
تأييد 0
الان كله تماام
ثبت ملف الاعدادات التالي للكاسبر وافحص جهازك وبذلك نكون انتهينا

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



موفق
 
تأييد 0
جزاك الله خير وماقصرت ..

بارك الله فيك اخوي مآكس

تقبل اعتزازي

وودي واحترامي
 
توقيع : Mr.SaUdI
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى