$$العاشق$$
زيزوومي نشيط
- إنضم
- 22 يوليو 2007
- المشاركات
- 173
- مستوى التفاعل
- 3
- النقاط
- 200
- الإقامة
- ღ عـز الديـ. .k.s.a. ـار ღ
- الموقع الالكتروني
- www.zyzoom.org
غير متصل
بسم الله الرحمن الرحيم
:noskjiuyweat:
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:41 م, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\U.S.R.TurboGWLAN\USRWLANG.exe
C:\Program Files\ErrorSweeper\ErrorSweeper.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\AVANTB~1\avant.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\HijackThis.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ErrorSweeper] C:\Program Files\ErrorSweeper\ErrorSweeper.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [16 Once] C:\DOCUME~1\ADMINI~1\APPLIC~1\EXITTI~1\ante pure cast.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: U.S. Robotics 802.11g Wireless Network Utility.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\Justdo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6817 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 1072
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/01/1429 07:51:29 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 56 K
Mem Usage Peak : 480 K
Page Faults : 218
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/01/1429 07:51:31 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3260 K
Mem Usage Peak : 4512 K
Page Faults : 20529
Pagefile Usage : 2208 K
Pagefile Peak Usage : 2724 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1148
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:33 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1952 K
Mem Usage Peak : 12544 K
Page Faults : 10658
Pagefile Usage : 11832 K
Pagefile Peak Usage : 12468 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1192
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 17/06/1425 10:56:56 م
File Modified Date : 17/06/1425 10:56:56 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1448 K
Mem Usage Peak : 3476 K
Page Faults : 3429
Pagefile Usage : 2096 K
Pagefile Peak Usage : 2448 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1204
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 17/06/1425 10:56:52 م
File Modified Date : 17/06/1425 10:56:52 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2012 K
Mem Usage Peak : 6008 K
Page Faults : 11223
Pagefile Usage : 9040 K
Pagefile Peak Usage : 9144 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1364
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1552 K
Mem Usage Peak : 4644 K
Page Faults : 3409
Pagefile Usage : 6676 K
Pagefile Peak Usage : 26696 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1432
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1468 K
Mem Usage Peak : 4356 K
Page Faults : 3065
Pagefile Usage : 5560 K
Pagefile Peak Usage : 5584 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1472
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 9508 K
Mem Usage Peak : 18712 K
Page Faults : 28636
Pagefile Usage : 22212 K
Pagefile Peak Usage : 25584 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1508
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 92 K
Mem Usage Peak : 3524 K
Page Faults : 1052
Pagefile Usage : 2992 K
Pagefile Peak Usage : 3016 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1644
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:41 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1068 K
Mem Usage Peak : 2996 K
Page Faults : 2625
Pagefile Usage : 1552 K
Pagefile Peak Usage : 1720 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:42 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 608 K
Mem Usage Peak : 3788 K
Page Faults : 2172
Pagefile Usage : 4772 K
Pagefile Peak Usage : 4788 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1716
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:42 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 736 K
Mem Usage Peak : 5588 K
Page Faults : 3615
Pagefile Usage : 8392 K
Pagefile Peak Usage : 9192 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1812
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 18208 K
Mem Usage Peak : 36408 K
Page Faults : 293357
Pagefile Usage : 47520 K
Pagefile Peak Usage : 50996 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1836
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 176 K
Mem Usage Peak : 3388 K
Page Faults : 1248
Pagefile Usage : 2796 K
Pagefile Peak Usage : 2820 K
File Attributes : A
==================================================
==================================================
Process Name : crypserv.exe
ProcessID : 1860
Priority : High
Product Name : CrypKey Software Licensing System
Version : 5.4.0
Description : CrypKey NT Service
Company : Kenonic Controls Ltd.
Window Title :
File Size : 52,224
File Created Date : 10/10/1428 02:17:27 م
File Modified Date : 27/03/1421 08:45:10 ص
Filename : C:\WINDOWS\system32\crypserv.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 160 K
Mem Usage Peak : 2144 K
Page Faults : 625
Pagefile Usage : 1008 K
Pagefile Peak Usage : 1008 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1944
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1372 K
Mem Usage Peak : 4408 K
Page Faults : 2514
Pagefile Usage : 5932 K
Pagefile Peak Usage : 5992 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 440
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 17/06/1425 10:56:48 م
File Modified Date : 17/06/1425 10:56:48 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 104 K
Mem Usage Peak : 3720 K
Page Faults : 1291
Pagefile Usage : 4148 K
Pagefile Peak Usage : 4176 K
File Attributes : A
==================================================
==================================================
Process Name : SOUNDMAN.EXE
ProcessID : 1100
Priority : Normal
Product Name : Realtek Sound Manager
Version : 5.1.0.38
Description : Realtek Sound Manager
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 77,824
File Created Date : 19/09/1428 09:15:27 م
File Modified Date : 07/03/1426 03:01:46 ص
Filename : C:\WINDOWS\SOUNDMAN.EXE
Base Address : 0x00400000
Created On : 25/01/1429 07:52:17 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 232 K
Mem Usage Peak : 2812 K
Page Faults : 1124
Pagefile Usage : 2432 K
Pagefile Peak Usage : 2432 K
File Attributes : A
==================================================
==================================================
Process Name : qttask.exe
ProcessID : 1500
Priority : Normal
Product Name : QuickTime
Version : 7.0.2
Description : QuickTime Task
Company : Apple Computer, Inc.
Window Title :
File Size : 155,648
File Created Date : 06/11/1428 11:30:57 م
File Modified Date : 06/11/1428 11:30:57 م
Filename : C:\Program Files\QuickTime\qttask.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:19 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 804 K
Mem Usage Peak : 2268 K
Page Faults : 1158
Pagefile Usage : 776 K
Pagefile Peak Usage : 992 K
File Attributes : A
==================================================
==================================================
Process Name : PDVDServ.exe
ProcessID : 1580
Priority : Normal
Product Name : PowerDVD
Version : 6.00.1027
Description : PowerDVD RC Service
Company : Cyberlink Corp.
Window Title :
File Size : 32,768
File Created Date : 08/11/1428 09:18:09 م
File Modified Date : 20/09/1425 05:24:46 م
Filename : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:21 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 256 K
Mem Usage Peak : 3148 K
Page Faults : 1155
Pagefile Usage : 3980 K
Pagefile Peak Usage : 4008 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 356
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 17/06/1425 10:56:56 م
File Modified Date : 17/06/1425 10:56:56 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:52:24 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 252 K
Mem Usage Peak : 28548 K
Page Faults : 8116
Pagefile Usage : 3048 K
Pagefile Peak Usage : 3048 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 512
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:25 م
Visible Windows : 0
Hidden Windows : 3
User Name : RAJAG\Administrator
Mem Usage : 1868 K
Mem Usage Peak : 8364 K
Page Faults : 6340
Pagefile Usage : 8936 K
Pagefile Peak Usage : 9260 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 588
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 131,072
File Created Date : 19/09/1428 09:14:20 م
File Modified Date : 24/12/1427 06:47:04 ص
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:28 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 720 K
Mem Usage Peak : 6164 K
Page Faults : 3051
Pagefile Usage : 3932 K
Pagefile Peak Usage : 7128 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 384
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 163,840
File Created Date : 19/09/1428 09:14:20 م
File Modified Date : 24/12/1427 06:47:04 ص
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:28 م
Visible Windows : 0
Hidden Windows : 12
User Name : RAJAG\Administrator
Mem Usage : 276 K
Mem Usage Peak : 6184 K
Page Faults : 2742
Pagefile Usage : 3912 K
Pagefile Peak Usage : 4024 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 204
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 135,168
File Created Date : 19/09/1428 09:14:21 م
File Modified Date : 24/12/1427 06:46:36 ص
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:29 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 228 K
Mem Usage Peak : 6112 K
Page Faults : 2546
Pagefile Usage : 3652 K
Pagefile Peak Usage : 3680 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 736
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:31 م
Visible Windows : 0
Hidden Windows : 4
User Name : RAJAG\Administrator
Mem Usage : 576 K
Mem Usage Peak : 3916 K
Page Faults : 2105
Pagefile Usage : 1444 K
Pagefile Peak Usage : 1448 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 804
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 1, 2, 1128, 5462
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 171,448
File Created Date : 01/12/1428 02:25:45 م
File Modified Date : 01/12/1428 02:25:45 م
Filename : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:32 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 1464 K
Mem Usage Peak : 5056 K
Page Faults : 4779
Pagefile Usage : 5688 K
Pagefile Peak Usage : 5688 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 312
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.11.10
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,561,456
File Created Date : 01/12/1428 04:18:12 م
File Modified Date : 09/12/1428 03:59:33 ص
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:33 م
Visible Windows : 0
Hidden Windows : 5
User Name : RAJAG\Administrator
Mem Usage : 2268 K
Mem Usage Peak : 13536 K
Page Faults : 17854
Pagefile Usage : 13500 K
Pagefile Peak Usage : 14504 K
File Attributes : A
==================================================
==================================================
Process Name : msnmsgr.exe
ProcessID : 836
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,674,352
File Created Date : 01/01/1428 09:55:14 ص
File Modified Date : 01/01/1428 09:55:14 ص
Filename : C:\Program Files\MSN Messenger\msnmsgr.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:34 م
Visible Windows : 1
Hidden Windows : 31
User Name : RAJAG\Administrator
Mem Usage : 9600 K
Mem Usage Peak : 54932 K
Page Faults : 90986
Pagefile Usage : 39868 K
Pagefile Peak Usage : 54284 K
File Attributes : A
==================================================
==================================================
Process Name : USRWLANG.exe
ProcessID : 1872
Priority : Normal
Product Name : WLANMON Application
Version : 6, 0, 0, 15
Description : USR 802.11g WLAN Adapter Utility
Company : U.S. Robotics
Window Title :
File Size : 806,912
File Created Date : 27/12/1428 06:31:00 م
File Modified Date : 16/06/1425 08:50:36 ص
Filename : C:\U.S.R.TurboGWLAN\USRWLANG.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:46 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 752 K
Mem Usage Peak : 5472 K
Page Faults : 1430
Pagefile Usage : 4428 K
Pagefile Peak Usage : 4428 K
File Attributes : AC
==================================================
==================================================
Process Name : ErrorSweeper.exe
ProcessID : 2260
Priority : Normal
Product Name : ErrorSweeper
Version : 2.7.2819.598
Description : ErrorSweeper Application
Company : 2Squared LLC
Window Title :
File Size : 2,581,736
File Created Date : 02/09/1428 02:58:57 م
File Modified Date : 21/12/1429 02:16:22 م
Filename : C:\Program Files\ErrorSweeper\ErrorSweeper.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:53:15 م
Visible Windows : 0
Hidden Windows : 34
User Name : RAJAG\Administrator
Mem Usage : 1848 K
Mem Usage Peak : 11488 K
Page Faults : 4555
Pagefile Usage : 19176 K
Pagefile Peak Usage : 19312 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2512
Priority : Normal
Product Name : IEMonitor Application
Version : 3, 0, 0, 1
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,576
File Created Date : 01/12/1428 04:18:10 م
File Modified Date : 02/02/1428 02:53:52 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:54:28 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 1300 K
Mem Usage Peak : 5700 K
Page Faults : 3816
Pagefile Usage : 6660 K
Pagefile Peak Usage : 6764 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 1024
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : SATA Hard Disk .. لا مشكله بعد الان - زيزوووم للأمن والحمايه - Microsoft Internet Explorer
File Size : 832,512
File Created Date : 19/09/1428 08:06:30 م
File Modified Date : 17/06/1425 10:56:52 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:11:27 م
Visible Windows : 1
Hidden Windows : 21
User Name : RAJAG\Administrator
Mem Usage : 4592 K
Mem Usage Peak : 46736 K
Page Faults : 141827
Pagefile Usage : 42732 K
Pagefile Peak Usage : 50724 K
File Attributes : A
==================================================
==================================================
Process Name : usnsvc.exe
ProcessID : 3148
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger Sharing USN Journal Reader Service
Company : Microsoft Corporation
Window Title :
File Size : 97,136
File Created Date : 01/01/1428 09:54:14 ص
File Modified Date : 01/01/1428 09:54:14 ص
Filename : C:\Program Files\MSN Messenger\usnsvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:54:41 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1332 K
Mem Usage Peak : 2828 K
Page Faults : 1155
Pagefile Usage : 3776 K
Pagefile Peak Usage : 3796 K
File Attributes : A
==================================================
==================================================
Process Name : avant.exe
ProcessID : 3884
Priority : Normal
Product Name : Avant Browser
Version : 11.5.0.0
Description : Avant Browser
Company :
Window Title :
File Size : 1,413,632
File Created Date : 16/09/1428 06:19:02 ص
File Modified Date : 16/09/1428 06:19:02 ص
Filename : C:\PROGRA~1\AVANTB~1\avant.exe
Base Address : 0x00400000
Created On : 25/01/1429 09:37:13 م
Visible Windows : 0
Hidden Windows : 72
User Name : RAJAG\Administrator
Mem Usage : 3560 K
Mem Usage Peak : 24008 K
Page Faults : 32726
Pagefile Usage : 27568 K
Pagefile Peak Usage : 27708 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.exe
ProcessID : 2648
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 975,360
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.exe
Base Address : 0x01000000
Created On : 25/01/1429 09:48:26 م
Visible Windows : 2
Hidden Windows : 21
User Name : RAJAG\Administrator
Mem Usage : 22268 K
Mem Usage Peak : 28740 K
Page Faults : 35663
Pagefile Usage : 28940 K
Pagefile Peak Usage : 31860 K
File Attributes : A
==================================================
==================================================
Process Name : OSE.EXE
ProcessID : 456
Priority : Normal
Product Name : Office Source Engine
Version : 11.0.5525
Description : Office Source Engine
Company : Microsoft Corporation
Window Title :
File Size : 89,136
File Created Date : 29/05/1424 09:28:22 ص
File Modified Date : 29/05/1424 09:28:22 ص
Filename : C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
Base Address : 0x30000000
Created On : 25/01/1429 09:53:59 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1508 K
Mem Usage Peak : 2028 K
Page Faults : 527
Pagefile Usage : 716 K
Pagefile Peak Usage : 820 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 1920
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 07:10:22 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:23 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 642
Pagefile Usage : 924 K
Pagefile Peak Usage : 928 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3504
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 415,232
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 10:10:23 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 3000 K
Mem Usage Peak : 3064 K
Page Faults : 844
Pagefile Usage : 2192 K
Pagefile Peak Usage : 2260 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2472
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 19/09/1428 08:04:26 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 10:10:27 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5804 K
Mem Usage Peak : 5804 K
Page Faults : 1481
Pagefile Usage : 6452 K
Pagefile Peak Usage : 6452 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2396
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 07:10:22 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 642
Pagefile Usage : 924 K
Pagefile Peak Usage : 928 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 415,232
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 10:10:35 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 3032 K
Mem Usage Peak : 3096 K
Page Faults : 836
Pagefile Usage : 2188 K
Pagefile Peak Usage : 2264 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3444
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 07:10:20 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2244 K
Mem Usage Peak : 2296 K
Page Faults : 926
Pagefile Usage : 960 K
Pagefile Peak Usage : 1684 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 2744
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 07:10:20 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:41 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2260 K
Mem Usage Peak : 2324 K
Page Faults : 983
Pagefile Usage : 964 K
Pagefile Peak Usage : 1684 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
:noskjiuyweat:
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:41 م, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\U.S.R.TurboGWLAN\USRWLANG.exe
C:\Program Files\ErrorSweeper\ErrorSweeper.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\AVANTB~1\avant.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\HijackThis.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ErrorSweeper] C:\Program Files\ErrorSweeper\ErrorSweeper.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [16 Once] C:\DOCUME~1\ADMINI~1\APPLIC~1\EXITTI~1\ante pure cast.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: U.S. Robotics 802.11g Wireless Network Utility.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\Justdo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6817 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 1072
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 25/01/1429 07:51:29 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 56 K
Mem Usage Peak : 480 K
Page Faults : 218
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 1124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 25/01/1429 07:51:31 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3260 K
Mem Usage Peak : 4512 K
Page Faults : 20529
Pagefile Usage : 2208 K
Pagefile Peak Usage : 2724 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 1148
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:33 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1952 K
Mem Usage Peak : 12544 K
Page Faults : 10658
Pagefile Usage : 11832 K
Pagefile Peak Usage : 12468 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1192
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 17/06/1425 10:56:56 م
File Modified Date : 17/06/1425 10:56:56 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1448 K
Mem Usage Peak : 3476 K
Page Faults : 3429
Pagefile Usage : 2096 K
Pagefile Peak Usage : 2448 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1204
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 17/06/1425 10:56:52 م
File Modified Date : 17/06/1425 10:56:52 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2012 K
Mem Usage Peak : 6008 K
Page Faults : 11223
Pagefile Usage : 9040 K
Pagefile Peak Usage : 9144 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1364
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1552 K
Mem Usage Peak : 4644 K
Page Faults : 3409
Pagefile Usage : 6676 K
Pagefile Peak Usage : 26696 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1432
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1468 K
Mem Usage Peak : 4356 K
Page Faults : 3065
Pagefile Usage : 5560 K
Pagefile Peak Usage : 5584 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1472
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 9508 K
Mem Usage Peak : 18712 K
Page Faults : 28636
Pagefile Usage : 22212 K
Pagefile Peak Usage : 25584 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1508
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:40 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 92 K
Mem Usage Peak : 3524 K
Page Faults : 1052
Pagefile Usage : 2992 K
Pagefile Peak Usage : 3016 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1644
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:41 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1068 K
Mem Usage Peak : 2996 K
Page Faults : 2625
Pagefile Usage : 1552 K
Pagefile Peak Usage : 1720 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1668
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:42 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 608 K
Mem Usage Peak : 3788 K
Page Faults : 2172
Pagefile Usage : 4772 K
Pagefile Peak Usage : 4788 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1716
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:42 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 736 K
Mem Usage Peak : 5588 K
Page Faults : 3615
Pagefile Usage : 8392 K
Pagefile Peak Usage : 9192 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1812
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 18208 K
Mem Usage Peak : 36408 K
Page Faults : 293357
Pagefile Usage : 47520 K
Pagefile Peak Usage : 50996 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1836
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 176 K
Mem Usage Peak : 3388 K
Page Faults : 1248
Pagefile Usage : 2796 K
Pagefile Peak Usage : 2820 K
File Attributes : A
==================================================
==================================================
Process Name : crypserv.exe
ProcessID : 1860
Priority : High
Product Name : CrypKey Software Licensing System
Version : 5.4.0
Description : CrypKey NT Service
Company : Kenonic Controls Ltd.
Window Title :
File Size : 52,224
File Created Date : 10/10/1428 02:17:27 م
File Modified Date : 27/03/1421 08:45:10 ص
Filename : C:\WINDOWS\system32\crypserv.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 160 K
Mem Usage Peak : 2144 K
Page Faults : 625
Pagefile Usage : 1008 K
Pagefile Peak Usage : 1008 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1944
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 17/06/1425 10:56:58 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:43 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1372 K
Mem Usage Peak : 4408 K
Page Faults : 2514
Pagefile Usage : 5932 K
Pagefile Peak Usage : 5992 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 440
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 17/06/1425 10:56:48 م
File Modified Date : 17/06/1425 10:56:48 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:51:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 104 K
Mem Usage Peak : 3720 K
Page Faults : 1291
Pagefile Usage : 4148 K
Pagefile Peak Usage : 4176 K
File Attributes : A
==================================================
==================================================
Process Name : SOUNDMAN.EXE
ProcessID : 1100
Priority : Normal
Product Name : Realtek Sound Manager
Version : 5.1.0.38
Description : Realtek Sound Manager
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 77,824
File Created Date : 19/09/1428 09:15:27 م
File Modified Date : 07/03/1426 03:01:46 ص
Filename : C:\WINDOWS\SOUNDMAN.EXE
Base Address : 0x00400000
Created On : 25/01/1429 07:52:17 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 232 K
Mem Usage Peak : 2812 K
Page Faults : 1124
Pagefile Usage : 2432 K
Pagefile Peak Usage : 2432 K
File Attributes : A
==================================================
==================================================
Process Name : qttask.exe
ProcessID : 1500
Priority : Normal
Product Name : QuickTime
Version : 7.0.2
Description : QuickTime Task
Company : Apple Computer, Inc.
Window Title :
File Size : 155,648
File Created Date : 06/11/1428 11:30:57 م
File Modified Date : 06/11/1428 11:30:57 م
Filename : C:\Program Files\QuickTime\qttask.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:19 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 804 K
Mem Usage Peak : 2268 K
Page Faults : 1158
Pagefile Usage : 776 K
Pagefile Peak Usage : 992 K
File Attributes : A
==================================================
==================================================
Process Name : PDVDServ.exe
ProcessID : 1580
Priority : Normal
Product Name : PowerDVD
Version : 6.00.1027
Description : PowerDVD RC Service
Company : Cyberlink Corp.
Window Title :
File Size : 32,768
File Created Date : 08/11/1428 09:18:09 م
File Modified Date : 20/09/1425 05:24:46 م
Filename : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:21 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 256 K
Mem Usage Peak : 3148 K
Page Faults : 1155
Pagefile Usage : 3980 K
Pagefile Peak Usage : 4008 K
File Attributes : A
==================================================
==================================================
Process Name : rundll32.exe
ProcessID : 356
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Run a DLL as an App
Company : Microsoft Corporation
Window Title :
File Size : 33,280
File Created Date : 17/06/1425 10:56:56 م
File Modified Date : 17/06/1425 10:56:56 م
Filename : C:\WINDOWS\system32\rundll32.exe
Base Address : 0x01000000
Created On : 25/01/1429 07:52:24 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 252 K
Mem Usage Peak : 28548 K
Page Faults : 8116
Pagefile Usage : 3048 K
Pagefile Peak Usage : 3048 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 512
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 09:51:38 ص
File Modified Date : 13/06/1428 09:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:25 م
Visible Windows : 0
Hidden Windows : 3
User Name : RAJAG\Administrator
Mem Usage : 1868 K
Mem Usage Peak : 8364 K
Page Faults : 6340
Pagefile Usage : 8936 K
Pagefile Peak Usage : 9260 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 588
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 131,072
File Created Date : 19/09/1428 09:14:20 م
File Modified Date : 24/12/1427 06:47:04 ص
Filename : C:\WINDOWS\system32\igfxtray.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:28 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 720 K
Mem Usage Peak : 6164 K
Page Faults : 3051
Pagefile Usage : 3932 K
Pagefile Peak Usage : 7128 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 384
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 163,840
File Created Date : 19/09/1428 09:14:20 م
File Modified Date : 24/12/1427 06:47:04 ص
Filename : C:\WINDOWS\system32\hkcmd.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:28 م
Visible Windows : 0
Hidden Windows : 12
User Name : RAJAG\Administrator
Mem Usage : 276 K
Mem Usage Peak : 6184 K
Page Faults : 2742
Pagefile Usage : 3912 K
Pagefile Peak Usage : 4024 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 204
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 6.14.10.4764
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 135,168
File Created Date : 19/09/1428 09:14:21 م
File Modified Date : 24/12/1427 06:46:36 ص
Filename : C:\WINDOWS\system32\igfxpers.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:29 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 228 K
Mem Usage Peak : 6112 K
Page Faults : 2546
Pagefile Usage : 3652 K
Pagefile Peak Usage : 3680 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 736
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:31 م
Visible Windows : 0
Hidden Windows : 4
User Name : RAJAG\Administrator
Mem Usage : 576 K
Mem Usage Peak : 3916 K
Page Faults : 2105
Pagefile Usage : 1444 K
Pagefile Peak Usage : 1448 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 804
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 1, 2, 1128, 5462
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 171,448
File Created Date : 01/12/1428 02:25:45 م
File Modified Date : 01/12/1428 02:25:45 م
Filename : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:32 م
Visible Windows : 0
Hidden Windows : 2
User Name : RAJAG\Administrator
Mem Usage : 1464 K
Mem Usage Peak : 5056 K
Page Faults : 4779
Pagefile Usage : 5688 K
Pagefile Peak Usage : 5688 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 312
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.11.10
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title :
File Size : 2,561,456
File Created Date : 01/12/1428 04:18:12 م
File Modified Date : 09/12/1428 03:59:33 ص
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:33 م
Visible Windows : 0
Hidden Windows : 5
User Name : RAJAG\Administrator
Mem Usage : 2268 K
Mem Usage Peak : 13536 K
Page Faults : 17854
Pagefile Usage : 13500 K
Pagefile Peak Usage : 14504 K
File Attributes : A
==================================================
==================================================
Process Name : msnmsgr.exe
ProcessID : 836
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,674,352
File Created Date : 01/01/1428 09:55:14 ص
File Modified Date : 01/01/1428 09:55:14 ص
Filename : C:\Program Files\MSN Messenger\msnmsgr.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:34 م
Visible Windows : 1
Hidden Windows : 31
User Name : RAJAG\Administrator
Mem Usage : 9600 K
Mem Usage Peak : 54932 K
Page Faults : 90986
Pagefile Usage : 39868 K
Pagefile Peak Usage : 54284 K
File Attributes : A
==================================================
==================================================
Process Name : USRWLANG.exe
ProcessID : 1872
Priority : Normal
Product Name : WLANMON Application
Version : 6, 0, 0, 15
Description : USR 802.11g WLAN Adapter Utility
Company : U.S. Robotics
Window Title :
File Size : 806,912
File Created Date : 27/12/1428 06:31:00 م
File Modified Date : 16/06/1425 08:50:36 ص
Filename : C:\U.S.R.TurboGWLAN\USRWLANG.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:52:46 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 752 K
Mem Usage Peak : 5472 K
Page Faults : 1430
Pagefile Usage : 4428 K
Pagefile Peak Usage : 4428 K
File Attributes : AC
==================================================
==================================================
Process Name : ErrorSweeper.exe
ProcessID : 2260
Priority : Normal
Product Name : ErrorSweeper
Version : 2.7.2819.598
Description : ErrorSweeper Application
Company : 2Squared LLC
Window Title :
File Size : 2,581,736
File Created Date : 02/09/1428 02:58:57 م
File Modified Date : 21/12/1429 02:16:22 م
Filename : C:\Program Files\ErrorSweeper\ErrorSweeper.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:53:15 م
Visible Windows : 0
Hidden Windows : 34
User Name : RAJAG\Administrator
Mem Usage : 1848 K
Mem Usage Peak : 11488 K
Page Faults : 4555
Pagefile Usage : 19176 K
Pagefile Peak Usage : 19312 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2512
Priority : Normal
Product Name : IEMonitor Application
Version : 3, 0, 0, 1
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,576
File Created Date : 01/12/1428 04:18:10 م
File Modified Date : 02/02/1428 02:53:52 م
Filename : C:\Program Files\Internet Download Manager\IEMonitor.exe
Base Address : 0x00400000
Created On : 25/01/1429 07:54:28 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 1300 K
Mem Usage Peak : 5700 K
Page Faults : 3816
Pagefile Usage : 6660 K
Pagefile Peak Usage : 6764 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 1024
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : SATA Hard Disk .. لا مشكله بعد الان - زيزوووم للأمن والحمايه - Microsoft Internet Explorer
File Size : 832,512
File Created Date : 19/09/1428 08:06:30 م
File Modified Date : 17/06/1425 10:56:52 م
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:11:27 م
Visible Windows : 1
Hidden Windows : 21
User Name : RAJAG\Administrator
Mem Usage : 4592 K
Mem Usage Peak : 46736 K
Page Faults : 141827
Pagefile Usage : 42732 K
Pagefile Peak Usage : 50724 K
File Attributes : A
==================================================
==================================================
Process Name : usnsvc.exe
ProcessID : 3148
Priority : Normal
Product Name : Messenger
Version : 8.1.0178.00
Description : Messenger Sharing USN Journal Reader Service
Company : Microsoft Corporation
Window Title :
File Size : 97,136
File Created Date : 01/01/1428 09:54:14 ص
File Modified Date : 01/01/1428 09:54:14 ص
Filename : C:\Program Files\MSN Messenger\usnsvc.exe
Base Address : 0x00400000
Created On : 25/01/1429 08:54:41 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1332 K
Mem Usage Peak : 2828 K
Page Faults : 1155
Pagefile Usage : 3776 K
Pagefile Peak Usage : 3796 K
File Attributes : A
==================================================
==================================================
Process Name : avant.exe
ProcessID : 3884
Priority : Normal
Product Name : Avant Browser
Version : 11.5.0.0
Description : Avant Browser
Company :
Window Title :
File Size : 1,413,632
File Created Date : 16/09/1428 06:19:02 ص
File Modified Date : 16/09/1428 06:19:02 ص
Filename : C:\PROGRA~1\AVANTB~1\avant.exe
Base Address : 0x00400000
Created On : 25/01/1429 09:37:13 م
Visible Windows : 0
Hidden Windows : 72
User Name : RAJAG\Administrator
Mem Usage : 3560 K
Mem Usage Peak : 24008 K
Page Faults : 32726
Pagefile Usage : 27568 K
Pagefile Peak Usage : 27708 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.exe
ProcessID : 2648
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 975,360
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.exe
Base Address : 0x01000000
Created On : 25/01/1429 09:48:26 م
Visible Windows : 2
Hidden Windows : 21
User Name : RAJAG\Administrator
Mem Usage : 22268 K
Mem Usage Peak : 28740 K
Page Faults : 35663
Pagefile Usage : 28940 K
Pagefile Peak Usage : 31860 K
File Attributes : A
==================================================
==================================================
Process Name : OSE.EXE
ProcessID : 456
Priority : Normal
Product Name : Office Source Engine
Version : 11.0.5525
Description : Office Source Engine
Company : Microsoft Corporation
Window Title :
File Size : 89,136
File Created Date : 29/05/1424 09:28:22 ص
File Modified Date : 29/05/1424 09:28:22 ص
Filename : C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
Base Address : 0x30000000
Created On : 25/01/1429 09:53:59 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1508 K
Mem Usage Peak : 2028 K
Page Faults : 527
Pagefile Usage : 716 K
Pagefile Peak Usage : 820 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 1920
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 07:10:22 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:23 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 642
Pagefile Usage : 924 K
Pagefile Peak Usage : 928 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3504
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 415,232
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 10:10:23 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 3000 K
Mem Usage Peak : 3064 K
Page Faults : 844
Pagefile Usage : 2192 K
Pagefile Peak Usage : 2260 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2472
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 19/09/1428 08:04:26 م
File Modified Date : 17/06/1425 10:56:58 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 25/01/1429 10:10:27 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5804 K
Mem Usage Peak : 5804 K
Page Faults : 1481
Pagefile Usage : 6452 K
Pagefile Peak Usage : 6452 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2396
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 25/01/1429 07:10:22 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 642
Pagefile Usage : 924 K
Pagefile Peak Usage : 928 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 3124
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 415,232
File Created Date : 17/06/1425 10:56:50 م
File Modified Date : 17/06/1425 10:56:50 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 25/01/1429 10:10:35 م
Visible Windows : 0
Hidden Windows : 1
User Name : RAJAG\Administrator
Mem Usage : 3032 K
Mem Usage Peak : 3096 K
Page Faults : 836
Pagefile Usage : 2188 K
Pagefile Peak Usage : 2264 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3444
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 07:10:20 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2244 K
Mem Usage Peak : 2296 K
Page Faults : 926
Pagefile Usage : 960 K
Pagefile Peak Usage : 1684 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 2744
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 25/01/1429 07:10:20 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 25/01/1429 10:10:41 م
Visible Windows : 0
Hidden Windows : 0
User Name : RAJAG\Administrator
Mem Usage : 2260 K
Mem Usage Peak : 2324 K
Page Faults : 983
Pagefile Usage : 964 K
Pagefile Peak Usage : 1684 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
