وبعد ماسكرتها جاتني صفحه ما افتكر ايش فيها وضغطت الزر المظلل وجاتني مفكره فيها هادا الكلام...
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : Dwm.exe
ProcessID : 1880
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Desktop Window Manager
Company : Microsoft Corporation
Window Title :
File Size : 81,920
File Created Date : 12/01/29 02:24:44 ص
File Modified Date : 12/01/29 02:24:44 ص
Filename : C:\Windows\system32\Dwm.exe
Base Address : 0x00DF0000
Created On : 04/03/30 02:38:03 ص
Visible Windows : 0
Hidden Windows : 1
User Name : Vista-PC\Vista
Mem Usage : 37000 K
Mem Usage Peak : 53588 K
Page Faults : 90956
Pagefile Usage : 37800 K
Pagefile Peak Usage : 37816 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1888
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : مستكشف Windows
Company : Microsoft Corporation
Window Title : ابدأ
File Size : 2,927,104
File Created Date : 14/12/29 08:36:57 م
File Modified Date : 29/10/29 06:29:41 ص
Filename : C:\Windows\Explorer.EXE
Base Address : 0x00AC0000
Created On : 04/03/30 02:38:03 ص
Visible Windows : 3
Hidden Windows : 56
User Name : Vista-PC\Vista
Mem Usage : 44796 K
Mem Usage Peak : 67948 K
Page Faults : 54173
Pagefile Usage : 40412 K
Pagefile Peak Usage : 69840 K
File Attributes : A
==================================================
==================================================
Process Name : taskeng.exe
ProcessID : 1896
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : مشغل خدمة جدولة المهام
Company : Microsoft Corporation
Window Title :
File Size : 169,472
File Created Date : 12/01/29 02:24:44 ص
File Modified Date : 12/01/29 02:24:44 ص
Filename : C:\Windows\system32\taskeng.exe
Base Address : 0x00750000
Created On : 04/03/30 02:38:03 ص
Visible Windows : 0
Hidden Windows : 12
User Name : Vista-PC\Vista
Mem Usage : 9776 K
Mem Usage Peak : 11308 K
Page Faults : 4089
Pagefile Usage : 10360 K
Pagefile Peak Usage : 10396 K
File Attributes : A
==================================================
==================================================
Process Name : MSASCui.exe
ProcessID : 448
Priority : Normal
Product Name : Windows Defender
Version : 1.1.1600.0
Description : Windows Defender User Interface
Company : Microsoft Corporation
Window Title :
File Size : 1,008,184
File Created Date : 12/01/29 02:23:32 ص
File Modified Date : 12/01/29 02:23:32 ص
Filename : C:\Program Files\Windows Defender\MSASCui.exe
Base Address : 0x00BF0000
Created On : 04/03/30 02:38:07 ص
Visible Windows : 0
Hidden Windows : 7
User Name : Vista-PC\Vista
Mem Usage : 6424 K
Mem Usage Peak : 10208 K
Page Faults : 4700
Pagefile Usage : 6732 K
Pagefile Peak Usage : 6988 K
File Attributes : A
==================================================
==================================================
Process Name : jusched.exe
ProcessID : 440
Priority : Normal
Product Name : Java(TM) Platform SE 6 U3
Version : 6.0.30.5
Description : Java(TM) Platform SE binary
Company : Sun Microsystems, Inc.
Window Title :
File Size : 132,496
File Created Date : 11/02/29 02:53:40 م
File Modified Date : 13/09/28 01:11:35 ص
Filename : C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:07 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 3780 K
Mem Usage Peak : 3828 K
Page Faults : 1227
Pagefile Usage : 1244 K
Pagefile Peak Usage : 1264 K
File Attributes : A
==================================================
==================================================
Process Name : igfxtray.exe
ProcessID : 532
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 7.14.10.1329
Description : igfxTray Module
Company : Intel Corporation
Window Title :
File Size : 141,848
File Created Date : 11/02/29 02:39:36 م
File Modified Date : 27/01/29 10:24:36 ص
Filename : C:\Windows\System32\igfxtray.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:08 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 4048 K
Mem Usage Peak : 5060 K
Page Faults : 1399
Pagefile Usage : 1544 K
Pagefile Peak Usage : 4676 K
File Attributes : A
==================================================
==================================================
Process Name : hkcmd.exe
ProcessID : 544
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 7.14.10.1329
Description : hkcmd Module
Company : Intel Corporation
Window Title :
File Size : 154,136
File Created Date : 11/02/29 02:39:33 م
File Modified Date : 27/01/29 10:24:18 ص
Filename : C:\Windows\System32\hkcmd.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:08 ص
Visible Windows : 0
Hidden Windows : 14
User Name : Vista-PC\Vista
Mem Usage : 4084 K
Mem Usage Peak : 4912 K
Page Faults : 1367
Pagefile Usage : 1724 K
Pagefile Peak Usage : 1724 K
File Attributes : A
==================================================
==================================================
Process Name : igfxpers.exe
ProcessID : 556
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 7.14.10.1329
Description : persistence Module
Company : Intel Corporation
Window Title :
File Size : 129,560
File Created Date : 11/02/29 02:39:35 م
File Modified Date : 27/01/29 10:24:28 ص
Filename : C:\Windows\System32\igfxpers.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:08 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 3744 K
Mem Usage Peak : 4224 K
Page Faults : 1177
Pagefile Usage : 1224 K
Pagefile Peak Usage : 1244 K
File Attributes : A
==================================================
==================================================
Process Name : RtHDVCpl.exe
ProcessID : 568
Priority : Normal
Product Name : HD Audio Control Panel
Version : 1, 0, 0, 132
Description : HD Audio Control Panel
Company : Realtek Semiconductor
Window Title :
File Size : 4,911,104
File Created Date : 11/02/29 03:03:13 م
File Modified Date : 20/01/29 05:51:52 م
Filename : C:\Windows\RtHDVCpl.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:08 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 5328 K
Mem Usage Peak : 10020 K
Page Faults : 3340
Pagefile Usage : 8828 K
Pagefile Peak Usage : 12428 K
File Attributes : A
==================================================
==================================================
Process Name : SynTPEnh.exe
ProcessID : 632
Priority : Above Normal
Product Name : Synaptics Pointing Device Driver
Version : 10.1.8 06Dec07
Description : Synaptics TouchPad Enhancements
Company : Synaptics, Inc.
Window Title :
File Size : 1,029,416
File Created Date : 11/02/29 02:40:33 م
File Modified Date : 26/11/28 05:12:44 م
Filename : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:09 ص
Visible Windows : 0
Hidden Windows : 8
User Name : Vista-PC\Vista
Mem Usage : 5776 K
Mem Usage Peak : 7828 K
Page Faults : 2127
Pagefile Usage : 2736 K
Pagefile Peak Usage : 2776 K
File Attributes : A
==================================================
==================================================
Process Name : NDSTray.exe
ProcessID : 904
Priority : Normal
Product Name : ConfigFree(TM) Tray
Version : 7, 0, 1, 11
Description : ConfigFree(TM) Task tray menu
Company : TOSHIBA CORPORATION
Window Title :
File Size : 1,056,768
File Created Date : 30/12/28 02:02:08 م
File Modified Date : 30/12/28 02:02:08 م
Filename : C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:09 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 7084 K
Mem Usage Peak : 12748 K
Page Faults : 5400
Pagefile Usage : 11612 K
Pagefile Peak Usage : 11760 K
File Attributes : A
==================================================
==================================================
Process Name : mcagent.exe
ProcessID : 1664
Priority : Normal
Product Name : McAfee SecurityCenter
Version : 8,0,237,0
Description : McAfee Integrated Security Platform
Company : McAfee, Inc.
Window Title :
File Size : 582,992
File Created Date : 11/02/29 03:31:52 م
File Modified Date : 20/07/28 10:33:14 م
Filename : C:\Program Files\McAfee.com\Agent\mcagent.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:11 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 1932 K
Mem Usage Peak : 8268 K
Page Faults : 7241
Pagefile Usage : 5112 K
Pagefile Peak Usage : 5232 K
File Attributes : A
==================================================
==================================================
Process Name : TOPI.exe
ProcessID : 1984
Priority : Normal
Product Name : TOSHIBA Online Product Information
Version : 1.0.0.0
Description : TOSHIBA Online Product Information
Company : TOSHIBA
Window Title :
File Size : 581,632
File Created Date : 11/02/29 03:36:51 م
File Modified Date : 25/06/28 09:24:10 ص
Filename : C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
Base Address : 0x00C10000
Created On : 04/03/30 02:38:11 ص
Visible Windows : 0
Hidden Windows : 10
User Name : Vista-PC\Vista
Mem Usage : 14688 K
Mem Usage Peak : 23756 K
Page Faults : 7236
Pagefile Usage : 19108 K
Pagefile Peak Usage : 19220 K
File Attributes : A
==================================================
==================================================
Process Name : igfxsrvc.exe
ProcessID : 848
Priority : Normal
Product Name : Intel(R) Common User Interface
Version : 7.14.10.1329
Description : igfxsrvc Module
Company : Intel Corporation
Window Title :
File Size : 252,440
File Created Date : 11/02/29 02:39:36 م
File Modified Date : 27/01/29 10:24:32 ص
Filename : C:\Windows\system32\igfxsrvc.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:11 ص
Visible Windows : 0
Hidden Windows : 0
User Name : Vista-PC\Vista
Mem Usage : 4240 K
Mem Usage Peak : 4644 K
Page Faults : 1321
Pagefile Usage : 1608 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
==================================================
Process Name : PicasaMediaDetector.exe
ProcessID : 1216
Priority : Normal
Product Name : Picasa
Version : 2.6.35.940
Description : Picasa
Company : Google Inc.
Window Title :
File Size : 366,400
File Created Date : 15/11/27 01:44:45 ص
File Modified Date : 15/11/27 01:44:45 ص
Filename : C:\Program Files\Picasa2\PicasaMediaDetector.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:11 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 4636 K
Mem Usage Peak : 5588 K
Page Faults : 1548
Pagefile Usage : 1964 K
Pagefile Peak Usage : 2000 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleDesktop.exe
ProcessID : 1492
Priority : Normal
Product Name : Google Desktop
Version : 5.1.706.29690
Description : Google Desktop
Company : Google
Window Title :
File Size : 1,836,544
File Created Date : 11/02/29 03:38:38 م
File Modified Date : 11/02/29 03:38:41 م
Filename : C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:12 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 1952 K
Mem Usage Peak : 5544 K
Page Faults : 2045
Pagefile Usage : 2020 K
Pagefile Peak Usage : 2036 K
File Attributes : A
==================================================
==================================================
Process Name : DesktopSMS.exe
ProcessID : 560
Priority : Normal
Product Name : Desktop SMS
Version : 1.2.0.75
Description : Desktop SMS - German
Company : Interactive Digital Media
Window Title :
File Size : 1,507,328
File Created Date : 03/06/28 10:51:10 ص
File Modified Date : 03/06/28 10:51:10 ص
Filename : C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:12 ص
Visible Windows : 0
Hidden Windows : 7
User Name : Vista-PC\Vista
Mem Usage : 11708 K
Mem Usage Peak : 15884 K
Page Faults : 4432
Pagefile Usage : 11256 K
Pagefile Peak Usage : 12132 K
File Attributes : A
==================================================
==================================================
Process Name : traybar.exe
ProcessID : 1944
Priority : Normal
Product Name : Chicony traybar
Version : 1, 5, 4002, 79
Description : traybar
Company : Chicony
Window Title :
File Size : 413,696
File Created Date : 24/09/29 10:58:45 م
File Modified Date : 13/10/28 04:41:18 م
Filename : C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:12 ص
Visible Windows : 1
Hidden Windows : 4
User Name : Vista-PC\Vista
Mem Usage : 4716 K
Mem Usage Peak : 5612 K
Page Faults : 1649
Pagefile Usage : 2232 K
Pagefile Peak Usage : 2252 K
File Attributes : A
==================================================
==================================================
Process Name : TPwrMain.exe
ProcessID : 2148
Priority : Normal
Product Name : TOSHIBA Power Saver
Version : 1.0.0.2
Description : TOSHIBA Power Saver
Company : TOSHIBA Corporation
Window Title :
File Size : 431,456
File Created Date : 08/01/29 03:27:52 م
File Modified Date : 08/01/29 03:27:52 م
Filename : C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:13 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 4676 K
Mem Usage Peak : 5992 K
Page Faults : 1807
Pagefile Usage : 3540 K
Pagefile Peak Usage : 3568 K
File Attributes : A
==================================================
==================================================
Process Name : SmoothView.exe
ProcessID : 2184
Priority : Normal
Product Name : TOSHIBA Zooming Utility
Version : 3, 0, 8, 32
Description : SmoothView
Company : TOSHIBA Corporation
Window Title :
File Size : 509,816
File Created Date : 16/01/29 12:33:50 م
File Modified Date : 16/01/29 12:33:50 م
Filename : C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:13 ص
Visible Windows : 0
Hidden Windows : 1
User Name : Vista-PC\Vista
Mem Usage : 3192 K
Mem Usage Peak : 3624 K
Page Faults : 960
Pagefile Usage : 1124 K
Pagefile Peak Usage : 1140 K
File Attributes : A
==================================================
==================================================
Process Name : TCrdMain.exe
ProcessID : 2192
Priority : Normal
Product Name : TOSHIBA Flash Cards
Version : 2.0.0.6
Description : TOSHIBA Flash Cards
Company : TOSHIBA Corporation
Window Title :
File Size : 712,704
File Created Date : 13/01/29 01:25:26 م
File Modified Date : 13/01/29 01:25:26 م
Filename : C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:14 ص
Visible Windows : 0
Hidden Windows : 69
User Name : Vista-PC\Vista
Mem Usage : 7368 K
Mem Usage Peak : 10172 K
Page Faults : 2776
Pagefile Usage : 5364 K
Pagefile Peak Usage : 6496 K
File Attributes : A
==================================================
==================================================
Process Name : ToshibaRegistration.exe
ProcessID : 2232
Priority : Normal
Product Name : Toshiba Vista Registration Component
Version : 4.0.0.0
Description : Vista Registration
Company : Toshiba
Window Title :
File Size : 571,024
File Created Date : 11/02/29 03:29:31 م
File Modified Date : 17/04/28 10:05:08 ص
Filename : C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
Base Address : 0x00980000
Created On : 04/03/30 02:38:14 ص
Visible Windows : 0
Hidden Windows : 7
User Name : Vista-PC\Vista
Mem Usage : 13468 K
Mem Usage Peak : 19232 K
Page Faults : 6118
Pagefile Usage : 19568 K
Pagefile Peak Usage : 20460 K
File Attributes : A
==================================================
==================================================
Process Name : PDVDServ.exe
ProcessID : 2276
Priority : Normal
Product Name : PowerDVD
Version : 6.00.1027
Description : PowerDVD RC Service
Company : Cyberlink Corp.
Window Title :
File Size : 32,768
File Created Date : 24/09/29 10:26:54 م
File Modified Date : 19/09/25 05:24:46 م
Filename : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:15 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 3816 K
Mem Usage Peak : 4436 K
Page Faults : 1246
Pagefile Usage : 1368 K
Pagefile Peak Usage : 1408 K
File Attributes : A
==================================================
==================================================
Process Name : realsched.exe
ProcessID : 2300
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.45
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,896
File Created Date : 24/09/29 10:29:37 م
File Modified Date : 24/09/29 10:29:37 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:15 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 644 K
Mem Usage Peak : 4792 K
Page Faults : 4060
Pagefile Usage : 1740 K
Pagefile Peak Usage : 1776 K
File Attributes : A
==================================================
==================================================
Process Name : GrooveMonitor.exe
ProcessID : 2320
Priority : Normal
Product Name : GrooveMonitor Utility
Version : 12.0.4518.1014
Description : GrooveMonitor Utility
Company : Microsoft Corporation
Window Title :
File Size : 31,016
File Created Date : 04/10/27 09:47:42 م
File Modified Date : 04/10/27 09:47:42 م
Filename : C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:15 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 6420 K
Mem Usage Peak : 7108 K
Page Faults : 1960
Pagefile Usage : 3048 K
Pagefile Peak Usage : 3064 K
File Attributes : A
==================================================
==================================================
Process Name : sidebar.exe
ProcessID : 2336
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : الشريط الجانبي لـ Windows
Company : Microsoft Corporation
Window Title : AppBar Bullet
File Size : 1,233,920
File Created Date : 12/01/29 02:23:29 ص
File Modified Date : 12/01/29 02:23:29 ص
Filename : C:\Program Files\Windows Sidebar\sidebar.exe
Base Address : 0x00370000
Created On : 04/03/30 02:38:15 ص
Visible Windows : 2
Hidden Windows : 6
User Name : Vista-PC\Vista
Mem Usage : 7884 K
Mem Usage Peak : 11428 K
Page Faults : 27404
Pagefile Usage : 6336 K
Pagefile Peak Usage : 6576 K
File Attributes : A
==================================================
==================================================
Process Name : TOSCDSPD.exe
ProcessID : 2344
Priority : Normal
Product Name : En-us
Version : 1, 0, 0, 1
Description : En-us
Company :
Window Title :
File Size : 430,080
File Created Date : 11/02/29 03:21:49 م
File Modified Date : 20/01/29 04:00:40 م
Filename : C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:15 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 3300 K
Mem Usage Peak : 3764 K
Page Faults : 1026
Pagefile Usage : 1108 K
Pagefile Peak Usage : 1228 K
File Attributes : A
==================================================
==================================================
Process Name : NMBgMonitor.exe
ProcessID : 2392
Priority : Normal
Product Name : Nero Home
Version : 1, 5, 13, 0
Description : Nero Home
Company : Nero AG
Window Title :
File Size : 143,360
File Created Date : 02/12/27 03:05:20 م
File Modified Date : 02/12/27 03:05:20 م
Filename : C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:16 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 5380 K
Mem Usage Peak : 7872 K
Page Faults : 2105
Pagefile Usage : 3428 K
Pagefile Peak Usage : 3480 K
File Attributes : A
==================================================
==================================================
Process Name : wmpnscfg.exe
ProcessID : 2404
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 11.0.6000.6324 (vista_rtm.061101-2205)
Description : تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Company : Microsoft Corporation
Window Title :
File Size : 202,240
File Created Date : 12/01/29 02:25:33 ص
File Modified Date : 12/01/29 02:25:33 ص
Filename : C:\Program Files\Windows Media Player\wmpnscfg.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:16 ص
Visible Windows : 0
Hidden Windows : 4
User Name : Vista-PC\Vista
Mem Usage : 4188 K
Mem Usage Peak : 5120 K
Page Faults : 1424
Pagefile Usage : 1696 K
Pagefile Peak Usage : 1740 K
File Attributes : A
==================================================
==================================================
Process Name : CEC_MAIN.exe
ProcessID : 2504
Priority : Normal
Product Name :
Version : 1.7.8000.444
Description :
Company :
Window Title :
File Size : 4,624,384
File Created Date : 24/09/29 10:58:45 م
File Modified Date : 13/01/29 10:00:30 ص
Filename : C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:17 ص
Visible Windows : 0
Hidden Windows : 58
User Name : Vista-PC\Vista
Mem Usage : 28032 K
Mem Usage Peak : 40068 K
Page Faults : 57216
Pagefile Usage : 32096 K
Pagefile Peak Usage : 53212 K
File Attributes : A
==================================================
==================================================
Process Name : WZQKPICK.EXE
ProcessID : 2536
Priority : Normal
Product Name : WinZip
Version : 1.0 (32-bit)
Description : WinZip Executable
Company : WinZip Computing, Inc.
Window Title :
File Size : 118,784
File Created Date : 24/09/29 10:28:56 م
File Modified Date : 20/12/24 06:00:00 ص
Filename : C:\Program Files\WinZip\WZQKPICK.EXE
Base Address : 0x00400000
Created On : 04/03/30 02:38:17 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 3892 K
Mem Usage Peak : 4572 K
Page Faults : 1229
Pagefile Usage : 1312 K
Pagefile Peak Usage : 1328 K
File Attributes : A
==================================================
==================================================
Process Name : NMIndexStoreSvr.exe
ProcessID : 3556
Priority : Normal
Product Name : Nero Home
Version : 1, 5, 13, 0
Description : Nero Home
Company : Nero AG
Window Title :
File Size : 905,216
File Created Date : 02/12/27 03:04:42 م
File Modified Date : 02/12/27 03:04:42 م
Filename : C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
Base Address : 0x00400000
Created On : 04/03/30 02:38:25 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 9560 K
Mem Usage Peak : 15536 K
Page Faults : 4405
Pagefile Usage : 11624 K
Pagefile Peak Usage : 11624 K
File Attributes : A
==================================================
==================================================
Process Name : WinMail.exe
ProcessID : 4004
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : بريد Windows
Company : Microsoft Corporation
Window Title :
File Size : 397,312
File Created Date : 12/01/29 02:23:32 ص
File Modified Date : 12/01/29 02:23:32 ص
Filename : C:\Program Files\Windows Mail\WinMail.exe
Base Address : 0x003B0000
Created On : 04/03/30 02:38:51 ص
Visible Windows : 0
Hidden Windows : 10
User Name : Vista-PC\Vista
Mem Usage : 15044 K
Mem Usage Peak : 15520 K
Page Faults : 8164
Pagefile Usage : 12076 K
Pagefile Peak Usage : 13184 K
File Attributes : A
==================================================
==================================================
Process Name : sidebar.exe
ProcessID : 2608
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : الشريط الجانبي لـ Windows
Company : Microsoft Corporation
Window Title : ملاحظات
File Size : 1,233,920
File Created Date : 12/01/29 02:23:29 ص
File Modified Date : 12/01/29 02:23:29 ص
Filename : C:\Program Files\Windows Sidebar\sidebar.exe
Base Address : 0x00370000
Created On : 04/03/30 02:38:55 ص
Visible Windows : 6
Hidden Windows : 13
User Name : Vista-PC\Vista
Mem Usage : 24488 K
Mem Usage Peak : 25108 K
Page Faults : 16330
Pagefile Usage : 34532 K
Pagefile Peak Usage : 34856 K
File Attributes : A
==================================================
==================================================
Process Name : mcregist.exe
ProcessID : 4120
Priority : Normal
Product Name : McAfee Registration Wizard
Version : 6,0,108,0
Description : Registration Wizard
Company : McAfee, Inc.
Window Title :
File Size : 452,896
File Created Date : 11/02/29 03:33:48 م
File Modified Date : 12/07/28 08:13:24 ص
Filename : C:\PROGRA~1\McAfee\MSC\mcregist.exe
Base Address : 0x00400000
Created On : 04/03/30 02:39:04 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 6632 K
Mem Usage Peak : 7300 K
Page Faults : 2620
Pagefile Usage : 3132 K
Pagefile Peak Usage : 3188 K
File Attributes : A
==================================================
==================================================
Process Name : CFSwMgr.exe
ProcessID : 4652
Priority : Normal
Product Name : ConfigFree(TM)
Version : 7, 0, 1, 8
Description : ConfigFree Switch Manager
Company : TOSHIBA CORPORATION
Window Title :
File Size : 405,504
File Created Date : 15/12/28 01:06:52 م
File Modified Date : 15/12/28 01:06:52 م
Filename : C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
Base Address : 0x00400000
Created On : 04/03/30 02:39:22 ص
Visible Windows : 0
Hidden Windows : 3
User Name : Vista-PC\Vista
Mem Usage : 8216 K
Mem Usage Peak : 8228 K
Page Faults : 2108
Pagefile Usage : 3284 K
Pagefile Peak Usage : 3464 K
File Attributes : A
==================================================
==================================================
Process Name : ieuser.exe
ProcessID : 6120
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title :
File Size : 299,520
File Created Date : 12/01/29 02:24:49 ص
File Modified Date : 12/01/29 02:24:49 ص
Filename : C:\Program Files\Internet Explorer\ieuser.exe
Base Address : 0x00610000
Created On : 04/03/30 02:40:23 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 12424 K
Mem Usage Peak : 12624 K
Page Faults : 4713
Pagefile Usage : 5592 K
Pagefile Peak Usage : 6148 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 2668
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16386 (vista_rtm.061101-2205)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title :
- Windows Internet Explorer
File Size : 625,664
File Created Date : 12/01/29 02:23:50 ص
File Modified Date : 12/01/29 02:23:50 ص
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00870000
Created On : 04/03/30 02:40:24 ص
Visible Windows : 2
Hidden Windows : 54
User Name : Vista-PC\Vista
Mem Usage : 76624 K
Mem Usage Peak : 79616 K
Page Faults : 47510
Pagefile Usage : 85636 K
Pagefile Peak Usage : 85700 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarUser.exe
ProcessID : 4352
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 239,216
File Created Date : 19/12/29 12:20:42 م
File Modified Date : 19/12/29 12:20:23 م
Filename : C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
Base Address : 0x00A70000
Created On : 04/03/30 02:40:30 ص
Visible Windows : 0
Hidden Windows : 0
User Name : Vista-PC\Vista
Mem Usage : 6748 K
Mem Usage Peak : 6748 K
Page Faults : 1761
Pagefile Usage : 4744 K
Pagefile Peak Usage : 4744 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 3160
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 4, 1, 509, 1944
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 39,408
File Created Date : 19/12/29 12:21:04 م
File Modified Date : 19/12/29 12:21:04 م
Filename : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 04/03/30 02:40:38 ص
Visible Windows : 0
Hidden Windows : 4
User Name : Vista-PC\Vista
Mem Usage : 1568 K
Mem Usage Peak : 7808 K
Page Faults : 2548
Pagefile Usage : 3940 K
Pagefile Peak Usage : 4024 K
File Attributes : A
==================================================
==================================================
Process Name : mcuimgr.exe
ProcessID : 3524
Priority : Normal
Product Name : McAfee SecurityCenter
Version : 8,0,226,0
Description : McAfee User Interface Manager
Company : McAfee, Inc.
Window Title :
File Size : 265,040
File Created Date : 26/09/29 11:04:51 م
File Modified Date : 20/10/28 03:12:38 م
Filename : c:\PROGRA~1\mcafee\msc\mcuimgr.exe
Base Address : 0x00400000
Created On : 04/03/30 02:41:07 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 5604 K
Mem Usage Peak : 5608 K
Page Faults : 1517
Pagefile Usage : 2692 K
Pagefile Peak Usage : 3364 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 5732
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 03/03/30 11:43:08 م
File Modified Date : 22/01/29 10:24:25 م
Filename : C:\Users\Vista\AppData\Local\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 04/03/30 02:43:09 ص
Visible Windows : 0
Hidden Windows : 0
User Name : Vista-PC\Vista
Mem Usage : 3360 K
Mem Usage Peak : 3420 K
Page Faults : 896
Pagefile Usage : 1064 K
Pagefile Peak Usage : 1076 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 5768
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 318,976
File Created Date : 12/01/29 02:23:50 ص
File Modified Date : 12/01/29 02:23:50 ص
Filename : C:\Windows\system32\cmd.exe
Base Address : 0x4A520000
Created On : 04/03/30 02:43:09 ص
Visible Windows : 0
Hidden Windows : 1
User Name : Vista-PC\Vista
Mem Usage : 2504 K
Mem Usage Peak : 2744 K
Page Faults : 964
Pagefile Usage : 2628 K
Pagefile Peak Usage : 3216 K
File Attributes : A
==================================================
==================================================
Process Name : conime.exe
ProcessID : 5564
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Description : Console IME
Company : Microsoft Corporation
Window Title :
File Size : 69,120
File Created Date : 12/01/29 02:24:13 ص
File Modified Date : 12/01/29 02:24:13 ص
Filename : C:\Windows\system32\conime.exe
Base Address : 0x00250000
Created On : 04/03/30 02:43:10 ص
Visible Windows : 0
Hidden Windows : 2
User Name : Vista-PC\Vista
Mem Usage : 3584 K
Mem Usage Peak : 3584 K
Page Faults : 936
Pagefile Usage : 984 K
Pagefile Peak Usage : 984 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3272
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 03/03/30 11:43:07 م
File Modified Date : 08/06/26 04:46:34 ص
Filename : C:\Users\Vista\AppData\Local\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 04/03/30 02:44:11 ص
Visible Windows : 0
Hidden Windows : 0
User Name : Vista-PC\Vista
Mem Usage : 3644 K
Mem Usage Peak : 3700 K
Page Faults : 1564
Pagefile Usage : 1440 K
Pagefile Peak Usage : 2664 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\autochk.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
تطبيق تسجيل دخول Userinit
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
explorer.exe
explorer.exe
مستكشف Windows
Microsoft Corporation
6.00.6001.18164
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Windows Defender
%ProgramFiles%\Windows Defender\MSASCui.exe -hide
Windows Defender User Interface
Microsoft Corporation
1.01.1600.0000
c:\program files\windows defender\msascui.exe
SunJavaUpdateSched
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
Java(TM) Platform SE binary
Sun Microsystems, Inc.
6.00.0030.0005
c:\program files\java\jre1.6.0_03\bin\jusched.exe
IgfxTray
C:\Windows\system32\igfxtray.exe
igfxTray Module
Intel Corporation
7.14.0010.1329
c:\windows\system32\igfxtray.exe
HotKeysCmds
C:\Windows\system32\hkcmd.exe
hkcmd Module
Intel Corporation
7.14.0010.1329
c:\windows\system32\hkcmd.exe
Persistence
C:\Windows\system32\igfxpers.exe
persistence Module
Intel Corporation
7.14.0010.1329
c:\windows\system32\igfxpers.exe
RtHDVCpl
RtHDVCpl.exe
HD Audio Control Panel
Realtek Semiconductor
1.00.0000.0132
c:\windows\rthdvcpl.exe
SynTPEnh
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics TouchPad Enhancements
Synaptics, Inc.
10.01.0008.0000
c:\program files\synaptics\syntp\syntpenh.exe
NDSTray.exe
NDSTray.exe
ConfigFree(TM) Task tray menu
TOSHIBA CORPORATION
7.00.0001.0011
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
McAfee Integrated Security Platform
McAfee, Inc.
8.00.0237.0000
c:\program files\mcafee.com\agent\mcagent.exe
Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
8.00.0000.0000
c:\program files\adobe\reader 8.0\reader\reader_sl.exe
topi
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
TOSHIBA Online Product Information
TOSHIBA
1.00.0000.0000
c:\program files\toshiba\toshiba online product information\topi.exe
Picasa Media Detector
C:\Program Files\Picasa2\PicasaMediaDetector.exe
Picasa
Google Inc.
2.06.0035.0094
c:\program files\picasa2\picasamediadetector.exe
Google Desktop Search
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Google Desktop
Google
5.01.0706.29690
c:\program files\google\google desktop search\googledesktop.exe
Desktop SMS
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
Desktop SMS - German
Interactive Digital Media
1.02.0000.0075
c:\program files\idm\desktop sms\desktopsms.exe
Camera Assistant Software
"C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
traybar
Chicony
1.05.4002.0079
c:\program files\camera assistant software for toshiba\traybar.exe
TPwrMain
%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
TOSHIBA Power Saver
TOSHIBA Corporation
1.00.0000.0001
c:\program files\toshiba\power saver\tpwrmain.exe
SmoothView
%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
SmoothView
TOSHIBA Corporation
3.00.0008.0032
c:\program files\toshiba\smoothview\smoothview.exe
00TCrdMain
%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
TOSHIBA Flash Cards
TOSHIBA Corporation
2.00.0000.0006
c:\program files\toshiba\flashcards\tcrdmain.exe
Toshiba Registration
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
Vista Registration
Toshiba
4.00.0000.0000
c:\program files\toshiba\registration\toshibaregistration.exe
Device Detector
"C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
Device Detector
ACD Systems, Ltd.
2.00.0000.0012
c:\program files\common files\acd systems\en\devdetect.exe
RemoteControl
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
PowerDVD RC Service
Cyberlink Corp.
6.00.0000.1027
c:\program files\cyberlink\powerdvd\pdvdserv.exe
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0045
c:\program files\common files\real\update_ob\realsched.exe
NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
NeroCheck
Nero AG
1.00.0000.0005
c:\program files\common files\ahead\lib\nerocheck.exe
GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
GrooveMonitor Utility
Microsoft Corporation
12.00.4518.1014
c:\program files\microsoft office\office12\groovemonitor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
WinZip Executable
WinZip Computing, Inc.
1.00.6028.0000
c:\program files\winzip\wzqkpick.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
الشريط الجانبي لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\program files\windows sidebar\sidebar.exe
TOSCDSPD
TOSCDSPD.EXE
En-us
2.02.0000.0001
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
Nero Home
Nero AG
1.05.0013.0000
c:\program files\common files\ahead\lib\nmbgmonitor.exe
WMPNSCFG
C:\Program Files\Windows Media Player\WMPNSCFG.exe
تطبيق تكوين خدمة مشاركة الشبكة لـ Windows Media Player
Microsoft Corporation
11.00.6001.7000
c:\program files\windows media player\wmpnscfg.exe
swg
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
GoogleToolbarNotifier
Google Inc.
4.01.0509.1944
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
Task Scheduler
\User_Feed_Synchronization-{42E120DD-1F2F-411F-88A5-3A3F88383E41}
C:\Windows\system32\msfeedssync.exe sync
Microsoft Feeds Synchronization
Microsoft Corporation
7.00.6001.18000
c:\windows\system32\msfeedssync.exe
\{9018736A-FDEB-4F26-A1B0-2E21CC08FF43}
C:\Windows\system32\pcalua.exe -a C:\tb_eula\UninstallTB.exe -d C:\Windows\system32 -c file
Program Compatibility Assistant
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\pcalua.exe
[DISABLED] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
HKCR\CLSID\{CF2CF428-325B-48D3-8CA8-7633E36E5A32}
عميل إدارة حقوق Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msdrm.dll
\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
HKCR\CLSID\{BF5CB148-7C77-4D8A-A53E-D81C70CF743C}
عميل إدارة حقوق Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msdrm.dll
\Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
Bluetooth Uninstall Device Task
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\bthudtask.exe
\Microsoft\Windows\CertificateServicesClient\UserTask
HKCR\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
مكتبة الارتباط الديناميكي لمهمة DIMS
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dimsjob.dll
\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
HKCR\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
مكتبة الارتباط الديناميكي لمهمة DIMS
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dimsjob.dll
\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
أداة دمج SQM لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wsqmcons.exe
\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
أداة دمج SQM لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wsqmcons.exe
\Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c -i
Disk Defragmenter Module
Microsoft Corp.
6.00.6001.18000
c:\windows\system32\defrag.exe
\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
%windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Windows Disk Failure Diagnostic Module
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dfdts.dll
[DISABLED] \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
%windir%\system32\DFDWiz.exe
محلل المستخدم لتشخيص الأقراص لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\dfdwiz.exe
\Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0) -gc
Windows Media Center Store Update Manager
Microsoft Corporation
6.00.6001.18115
c:\windows\ehome\mcupdate.exe
\Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
تطبيق تسجيل جهاز الكبل الرقمي.
Microsoft Corporation
6.00.6001.18000
c:\windows\ehome\ehprivjob.exe
\Microsoft\Windows\MobilePC\HotStart
HKCR\CLSID\{06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Microsoft Windows HotStart User Agent
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\hotstartuseragent.dll
\Microsoft\Windows\MobilePC\TMM
HKCR\CLSID\{35EF4182-F900-4632-B072-8639E4478A61}
إدارة شاشات العرض المتعددة المؤقتة لـ Microsoft
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\tmm.dll
\Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
MUI Language pack cleanup
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\lpremove.exe
\Microsoft\Windows\Multimedia\SystemSoundsService
HKCR\CLSID\{2DEA658F-54C1-4227-AF9B-260AB5FC3543}
خدمة تشغيل الصوت
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\playsndsrv.dll
\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
HKCR\CLSID\{F09878A1-4652-4292-AA63-8C7D4FD7648F}
Quarantine Agent Proxy
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\qagent.dll
\Microsoft\Windows\RAC\RACAgent
%windir%\system32\RacAgent.exe
Reliability analysis metrics calculation executable
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\racagent.exe
\Microsoft\Windows\Shell\CrawlStartPages
HKCR\CLSID\{51653423-E62D-4FF7-894A-DABB2B8E21E2}
Indexing Options
Microsoft Corporation
7.00.6001.16503
c:\windows\system32\srchadmin.dll
[DISABLED] \Microsoft\Windows\SideShow\AutoWake
HKCR\CLSID\{E51DFD48-AA36-4B45-BB52-E831F02E8316}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
\Microsoft\Windows\SideShow\GadgetManager
HKCR\CLSID\{FF87090D-4A9A-4F47-879B-29A80C355D61}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
[DISABLED] \Microsoft\Windows\SideShow\SessionAgent
HKCR\CLSID\{45F26E9E-6199-477F-85DA-AF1EDFE067B1}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
[DISABLED] \Microsoft\Windows\SideShow\SystemDataProviders
HKCR\CLSID\{7CCA6768-8373-4D28-8876-83E8B4E3A969}
خدمات Microsoft Windows SideShow
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\auxiliarydisplayservices.dll
\Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Microsoft® Windows System Protection Configuration Library
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\srrstr.dll
\Microsoft\Windows\Tcpip\IpAddressConflict1
rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
واجهة تطبيقات البرامج لعميل إطار تشخيص الشبكة
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\ndfapi.dll
\Microsoft\Windows\Tcpip\IpAddressConflict2
rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
واجهة تطبيقات البرامج لعميل إطار تشخيص الشبكة
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\ndfapi.dll
\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
HKCR\CLSID\{01575CFE-9A55-4003-A5E1-F38D1EBDCBE1}
MsCtfMonitor DLL
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\msctfmonitor.dll
\Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
A tool to aid in developing services for WindowsNT
Microsoft Corporation
6.00.6000.16386
c:\windows\system32\sc.exe
\Microsoft\Windows\WDI\ResolutionHost
HKCR\CLSID\{900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1}
بنية التشخيص الأساسية لـ Windows
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wdi.dll
\Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
Windows Problem Reporting
Microsoft Corporation
6.00.6001.18000
c:\windows\system32\wermgr.exe
\Microsoft\Windows\WindowsCalendar\Reminders - Vista
C:\Program Files\Windows Calendar\WinCal.exe /reminder
تقويم Windows
Microsoft Corporation
6.00.6001.18000
c:\program files\windows calendar\wincal.exe
\Microsoft\Windows\Wired\GatherWiredInfo
%windir%\system32\gatherWiredInfo.vbs
c:\windows\system32\gatherwiredinfo.vbs
\Microsoft\Windows\Wireless\GatherWirelessInfo
%windir%\system32\gatherWirelessInfo.vbs
c:\windows\system32\gatherwirelessinfo.vbs
\Microsoft\Windows Defender\MP Scheduled Scan
c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges
Windows Defender Command Line Utility
Microsoft Corporation
1.01.1600.0000
c:\program files\windows defender\mpcmdrun.exe
\Microsoft\Windows Defender\MP Scheduled Signature Update
c:\program files\windows defender\MpCmdRun.exe SignatureUpdate
Windows Defender Command Line Utility
Microsoft Corporation
1.01.1600.0000
c:\program files\windows defender\mpcmdrun.exe
.
.
----------- End Report ---------------