assem_ade
زيزوومي جديد
غير متصل
عند اغلاق الجهاز بامرturn off الجهاز لا يغلق بل يعمل restarويرجع يشتغل تانى ماذا افعل مع انى غيرت نسخة الويندوز كذا مرة .والان اعمل على ويندوز(sp3) (xp ) والمشكلة ما زالت قائمة.وهذا هو التقرير
.تقرير تانى
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:39 م, on 30/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe
C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe
C:\WINDOWS\system32\SatSrv.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen. exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEMonitor.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\WINDOWS\Integrator.exe
C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\HijackThi s.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMIECC.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerBHO.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSS2008 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2008 HotKeys] "C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2008 File Redirection Starter] "C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe"
O4 - HKCU\..\Run: [IDMan] F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEGetVL.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
--
End of file - 5259 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 660
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 30/03/2009 09:53:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 380 K
Mem Usage Peak : 696 K
Page Faults : 298
Pagefile Usage : 176 K
Pagefile Peak Usage : 1708 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 716
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:16 ص
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 30/03/2009 09:53:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4824 K
Mem Usage Peak : 4936 K
Page Faults : 8520
Pagefile Usage : 1816 K
Pagefile Peak Usage : 1864 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 740
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 507,904
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:40 ص
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:32 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4752 K
Mem Usage Peak : 13472 K
Page Faults : 6994
Pagefile Usage : 6788 K
Pagefile Peak Usage : 9364 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 784
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,544
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:34 ص
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5360 K
Mem Usage Peak : 21556 K
Page Faults : 21998
Pagefile Usage : 3764 K
Pagefile Peak Usage : 12684 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 796
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:24 ص
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1376 K
Mem Usage Peak : 6080 K
Page Faults : 4740
Pagefile Usage : 3816 K
Pagefile Peak Usage : 3984 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 960
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:35 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4804 K
Mem Usage Peak : 4884 K
Page Faults : 1363
Pagefile Usage : 3024 K
Pagefile Peak Usage : 23388 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4408 K
Mem Usage Peak : 4408 K
Page Faults : 1242
Pagefile Usage : 1884 K
Pagefile Peak Usage : 1920 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1152
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 27136 K
Mem Usage Peak : 34820 K
Page Faults : 16896
Pagefile Usage : 16164 K
Pagefile Peak Usage : 24144 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1220
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3640 K
Mem Usage Peak : 3860 K
Page Faults : 1478
Pagefile Usage : 1376 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1368
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:37 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4600 K
Mem Usage Peak : 4612 K
Page Faults : 1212
Pagefile Usage : 1888 K
Pagefile Peak Usage : 1936 K
File Attributes : A
==================================================
==================================================
Process Name : aswUpdSv.exe
ProcessID : 1448
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! Antivirus updating service
Company : ALWIL Software
Window Title :
File Size : 18,752
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:01:26 م
Filename : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 312 K
Mem Usage Peak : 1896 K
Page Faults : 532
Pagefile Usage : 556 K
Pagefile Peak Usage : 556 K
File Attributes : A
==================================================
==================================================
Process Name : ashServ.exe
ProcessID : 1532
Priority : High
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! antivirus service
Company : ALWIL Software
Window Title :
File Size : 138,680
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:40 م
Filename : C:\Program Files\Alwil Software\Avast4\ashServ.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:38 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 19416 K
Mem Usage Peak : 119164 K
Page Faults : 114570
Pagefile Usage : 29432 K
Pagefile Peak Usage : 74668 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1820
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.5512 (xpsp.080413-2105)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Programs
File Size : 1,033,728
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:20 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 30/03/2009 09:53:43 م
Visible Windows : 3
Hidden Windows : 40
User Name : ASSEM\assemabdallh
Mem Usage : 13508 K
Mem Usage Peak : 32748 K
Page Faults : 51397
Pagefile Usage : 24016 K
Pagefile Peak Usage : 37448 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 2004
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:45 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4824 K
Mem Usage Peak : 4856 K
Page Faults : 1352
Pagefile Usage : 3116 K
Pagefile Peak Usage : 3436 K
File Attributes : A
==================================================
==================================================
Process Name : ashDisp.exe
ProcessID : 212
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! service GUI component
Company : ALWIL Software
Window Title :
File Size : 81,000
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:46 م
Filename : C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:46 م
Visible Windows : 0
Hidden Windows : 7
User Name : ASSEM\assemabdallh
Mem Usage : 1896 K
Mem Usage Peak : 5464 K
Page Faults : 4815
Pagefile Usage : 2620 K
Pagefile Peak Usage : 2644 K
File Attributes : A
==================================================
==================================================
Process Name : PasswordManagerFFAutoFill.exe
ProcessID : 296
Priority : Normal
Product Name : Steganos Privacy Suite
Version : 10.0.7
Description :
Company :
Window Title :
File Size : 21,504
File Created Date : 11/09/2008 01:10:34 م
File Modified Date : 11/09/2008 01:10:34 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:47 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 22436 K
Mem Usage Peak : 22436 K
Page Faults : 7953
Pagefile Usage : 18596 K
Pagefile Peak Usage : 19296 K
File Attributes : A
==================================================
==================================================
Process Name : SteganosHotKeyService.exe
ProcessID : 452
Priority : Normal
Product Name : Steganos Privacy Suite
Version : 10.0.7
Description :
Company :
Window Title :
File Size : 25,088
File Created Date : 11/09/2008 01:10:34 م
File Modified Date : 11/09/2008 01:10:34 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:48 م
Visible Windows : 0
Hidden Windows : 2
User Name : ASSEM\assemabdallh
Mem Usage : 21564 K
Mem Usage Peak : 21568 K
Page Faults : 9780
Pagefile Usage : 17824 K
Pagefile Peak Usage : 18232 K
File Attributes : A
==================================================
==================================================
Process Name : fredirstarter.exe
ProcessID : 476
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 57,344
File Created Date : 11/09/2008 01:15:16 م
File Modified Date : 11/09/2008 01:15:16 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:48 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 716 K
Mem Usage Peak : 716 K
Page Faults : 175
Pagefile Usage : 480 K
Pagefile Peak Usage : 480 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 608
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.14.1.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title : 67% Zyzoom_eScan_9.0.742.1.exe
File Size : 931,248
File Created Date : 28/10/2008 10:46:40 ص
File Modified Date : 15/07/2008 06:39:04 ص
Filename : F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:49 م
Visible Windows : 1
Hidden Windows : 9
User Name : ASSEM\assemabdallh
Mem Usage : 5528 K
Mem Usage Peak : 13496 K
Page Faults : 14007
Pagefile Usage : 7292 K
Pagefile Peak Usage : 7824 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 1292
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.4076
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 282,624
File Created Date : 03/06/2003 02:30:20 ص
File Modified Date : 03/06/2003 02:30:20 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:54 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 578
Pagefile Usage : 572 K
Pagefile Peak Usage : 572 K
File Attributes : A
==================================================
==================================================
Process Name : BTNtService.exe
ProcessID : 1356
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 110,592
File Created Date : 02/03/2009 04:26:57 م
File Modified Date : 06/04/2005 02:03:28 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2524 K
Mem Usage Peak : 2552 K
Page Faults : 666
Pagefile Usage : 1832 K
Pagefile Peak Usage : 1868 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:56 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3252 K
Mem Usage Peak : 3256 K
Page Faults : 858
Pagefile Usage : 2192 K
Pagefile Peak Usage : 2216 K
File Attributes : A
==================================================
==================================================
Process Name : FrameworkService.exe
ProcessID : 1488
Priority : Normal
Product Name : McAfee Common Framework
Version : 3.6.0.453
Description : Framework Service
Company : McAfee, Inc.
Window Title :
File Size : 104,000
File Created Date : 16/02/2009 07:14:29 م
File Modified Date : 17/11/2006 11:37:44 ص
Filename : C:\Program Files\McAfee\Common Framework\FrameworkService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6328 K
Mem Usage Peak : 6396 K
Page Faults : 4984
Pagefile Usage : 4660 K
Pagefile Peak Usage : 4776 K
File Attributes : A
==================================================
==================================================
Process Name : netfxupdate.exe
ProcessID : 1768
Priority : Normal
Product Name : NetFxUpdate Application
Version : 1,0,3705,3
Description : NetFxUpdate Application
Company : Microsoft
Window Title :
File Size : 73,728
File Created Date : 15/01/2007 02:11:26 م
File Modified Date : 15/01/2007 02:11:26 م
Filename : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1432 K
Mem Usage Peak : 1436 K
Page Faults : 367
Pagefile Usage : 428 K
Pagefile Peak Usage : 432 K
File Attributes : A
==================================================
==================================================
Process Name : SatSrv.exe
ProcessID : 240
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 184,320
File Created Date : 05/12/2006 08:27:04 ص
File Modified Date : 05/12/2006 08:27:04 ص
Filename : C:\WINDOWS\system32\SatSrv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:02 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1908 K
Mem Usage Peak : 1908 K
Page Faults : 483
Pagefile Usage : 608 K
Pagefile Peak Usage : 628 K
File Attributes : A
==================================================
==================================================
Process Name : ngen.exe
ProcessID : 364
Priority : Normal
Product Name : Microsoft .NET Framework
Version : 1.1.4322.573
Description : Microsoft Common Language Runtime native compiler
Company : Microsoft Corporation
Window Title :
File Size : 73,728
File Created Date : 20/02/2003 05:09:46 م
File Modified Date : 20/02/2003 05:09:46 م
Filename : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen. exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:03 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 9512 K
Mem Usage Peak : 9524 K
Page Faults : 3681
Pagefile Usage : 5496 K
Pagefile Peak Usage : 5532 K
File Attributes : A
==================================================
==================================================
Process Name : naPrdMgr.exe
ProcessID : 432
Priority : Normal
Product Name : McAfee Common Framework
Version : 3.6.0.453
Description : NAI Product Manager
Company : McAfee, Inc.
Window Title :
File Size : 136,768
File Created Date : 16/02/2009 07:14:29 م
File Modified Date : 17/11/2006 11:40:56 ص
Filename : C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 860 K
Mem Usage Peak : 5084 K
Page Faults : 1893
Pagefile Usage : 2620 K
Pagefile Peak Usage : 2652 K
File Attributes : A
==================================================
==================================================
Process Name : ashMaiSv.exe
ProcessID : 572
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! e-Mail Scanner Service
Company : ALWIL Software
Window Title :
File Size : 254,040
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:26 م
Filename : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:08 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 640 K
Mem Usage Peak : 48600 K
Page Faults : 67352
Pagefile Usage : 2668 K
Pagefile Peak Usage : 24264 K
File Attributes : A
==================================================
==================================================
Process Name : ashWebSv.exe
ProcessID : 864
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! Web Scanner
Company : ALWIL Software
Window Title :
File Size : 352,920
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:06:04 م
Filename : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 420 K
Mem Usage Peak : 48096 K
Page Faults : 48066
Pagefile Usage : 25924 K
Pagefile Peak Usage : 28844 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 2348
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:12 ص
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:11 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3600 K
Mem Usage Peak : 3612 K
Page Faults : 940
Pagefile Usage : 1204 K
Pagefile Peak Usage : 1232 K
File Attributes : A
==================================================
==================================================
Process Name : msiexec.exe
ProcessID : 2664
Priority : Normal
Product Name : Windows Installer - Unicode
Version : 3.1.4001.5512
Description : Windows® installer
Company : Microsoft Corporation
Window Title :
File Size : 78,848
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:28 ص
Filename : C:\WINDOWS\system32\msiexec.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 14072 K
Mem Usage Peak : 14856 K
Page Faults : 21880
Pagefile Usage : 7188 K
Pagefile Peak Usage : 7484 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2804
Priority : Normal
Product Name : IEMonitor Application
Version : 5, 12, 8, 0
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,312
File Created Date : 28/10/2008 10:46:37 ص
File Modified Date : 18/02/2008 01:01:02 م
Filename : F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEMonitor.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : ASSEM\assemabdallh
Mem Usage : 4672 K
Mem Usage Peak : 4684 K
Page Faults : 1237
Pagefile Usage : 1500 K
Pagefile Peak Usage : 1516 K
File Attributes : A
==================================================
==================================================
Process Name : MsiExec.exe
ProcessID : 2900
Priority : Normal
Product Name : Windows Installer - Unicode
Version : 3.1.4001.5512
Description : Windows® installer
Company : Microsoft Corporation
Window Title :
File Size : 78,848
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:28 ص
Filename : C:\WINDOWS\system32\MsiExec.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:18 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3732 K
Mem Usage Peak : 3740 K
Page Faults : 1129
Pagefile Usage : 1268 K
Pagefile Peak Usage : 1292 K
File Attributes : A
==================================================
==================================================
Process Name : firefox.exe
ProcessID : 1720
Priority : Normal
Product Name : Firefox
Version : 1.9.0.8
Description : Firefox
Company : Mozilla Corporation
Window Title : تعلم كيف تقوم بحل مشكله الشاشه الزرقاء والريسيت خلال دقائق ..شرح نادر وتفصيلي بالصور - زيزوووم للأمن والحمايه - Mozilla Firefox
File Size : 307,704
File Created Date : 16/02/2009 09:15:51 م
File Modified Date : 29/03/2009 07:18:20 ص
Filename : C:\Program Files\Mozilla Firefox\firefox.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:55:12 م
Visible Windows : 1
Hidden Windows : 20
User Name : ASSEM\assemabdallh
Mem Usage : 82732 K
Mem Usage Peak : 99100 K
Page Faults : 555396
Pagefile Usage : 70872 K
Pagefile Peak Usage : 89696 K
File Attributes : A
==================================================
==================================================
Process Name : CTFMON.EXE
ProcessID : 2320
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2105)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:16 ص
Filename : C:\WINDOWS\system32\CTFMON.EXE
Base Address : 0x00400000
Created On : 30/03/2009 09:57:17 م
Visible Windows : 0
Hidden Windows : 5
User Name : ASSEM\assemabdallh
Mem Usage : 6492 K
Mem Usage Peak : 6492 K
Page Faults : 1734
Pagefile Usage : 1136 K
Pagefile Peak Usage : 1136 K
File Attributes : A
==================================================
==================================================
Process Name : Integrator.exe
ProcessID : 3636
Priority : Normal
Product Name : Dachshund Integrator
Version : 1.05.0001
Description :
Company : Dachshund Software
Window Title :
File Size : 151,552
File Created Date : 15/01/2003 09:46:24 ص
File Modified Date : 15/01/2003 09:46:24 ص
Filename : C:\WINDOWS\Integrator.exe
Base Address : 0x00400000
Created On : 30/03/2009 10:06:56 م
Visible Windows : 0
Hidden Windows : 7
User Name : ASSEM\assemabdallh
Mem Usage : 4940 K
Mem Usage Peak : 5036 K
Page Faults : 1336
Pagefile Usage : 1248 K
Pagefile Peak Usage : 1276 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2124
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 30/03/2009 08:30:37 م
File Modified Date : 31/01/2008 11:24:26 م
Filename : C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 30/03/2009 10:30:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 2128 K
Mem Usage Peak : 2136 K
Page Faults : 613
Pagefile Usage : 624 K
Pagefile Peak Usage : 700 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2212
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 389,120
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:14 ص
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 30/03/2009 10:30:38 م
Visible Windows : 0
Hidden Windows : 1
User Name : ASSEM\assemabdallh
Mem Usage : 2924 K
Mem Usage Peak : 2992 K
Page Faults : 829
Pagefile Usage : 2060 K
Pagefile Peak Usage : 2136 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2232
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2108)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 16/02/2009 12:46:43 م
File Modified Date : 14/04/2008 12:12:40 ص
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 30/03/2009 10:30:38 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5704 K
Mem Usage Peak : 5704 K
Page Faults : 1463
Pagefile Usage : 2912 K
Pagefile Peak Usage : 2912 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 172
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 30/03/2009 08:30:37 م
File Modified Date : 14/07/2005 05:46:34 ص
Filename : C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\CProcess. exe
Base Address : 0x00400000
Created On : 30/03/2009 10:30:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 2220 K
Mem Usage Peak : 2256 K
Page Faults : 867
Pagefile Usage : 888 K
Pagefile Peak Usage : 944 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
explorer.exe
explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.5512
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast!
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
avast! service GUI component
ALWIL Software
4.08.1335.0000
c:\program files\alwil software\avast4\ashdisp.exe
SSS2008 PasswordManagerFFAutoFill
"C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe"
10.00.0007.0000
c:\program files\steganos privacy suite 2008\passwordmanagerffautofill.exe
SSS2008 HotKeys
"C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe"
10.00.0007.0000
c:\program files\steganos privacy suite 2008\steganoshotkeyservice.exe
SSS2008 File Redirection Starter
"C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe"
c:\program files\steganos privacy suite 2008\fredirstarter.exe
C:\Documents and Settings\assemabdallh\Start Menu\Programs\Startup
AntiCrash.lnk
C:\Documents and Settings\assemabdallh\Start Menu\Programs\Startup\AntiCrash.lnk
1.00.0000.0000
c:\program files\dachshund software\anticrash\anticrash.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
IDMan
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.14.0001.0000
f:\برامج كمبيوتر\idm_5.14\idm_5.14\cracked exe\idman.exe
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\ctfmon.exe
.
.
----------- End Report ---------------
.تقرير تانى
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:39 م, on 30/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe
C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe
C:\WINDOWS\system32\SatSrv.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen. exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEMonitor.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\WINDOWS\Integrator.exe
C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\HijackThi s.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMIECC.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerBHO.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSS2008 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2008 HotKeys] "C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2008 File Redirection Starter] "C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe"
O4 - HKCU\..\Run: [IDMan] F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEGetVL.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
--
End of file - 5259 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 660
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 30/03/2009 09:53:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 380 K
Mem Usage Peak : 696 K
Page Faults : 298
Pagefile Usage : 176 K
Pagefile Peak Usage : 1708 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 716
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:16 ص
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 30/03/2009 09:53:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4824 K
Mem Usage Peak : 4936 K
Page Faults : 8520
Pagefile Usage : 1816 K
Pagefile Peak Usage : 1864 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 740
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 507,904
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:40 ص
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:32 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4752 K
Mem Usage Peak : 13472 K
Page Faults : 6994
Pagefile Usage : 6788 K
Pagefile Peak Usage : 9364 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 784
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,544
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:34 ص
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5360 K
Mem Usage Peak : 21556 K
Page Faults : 21998
Pagefile Usage : 3764 K
Pagefile Peak Usage : 12684 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 796
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:24 ص
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:34 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1376 K
Mem Usage Peak : 6080 K
Page Faults : 4740
Pagefile Usage : 3816 K
Pagefile Peak Usage : 3984 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 960
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:35 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4804 K
Mem Usage Peak : 4884 K
Page Faults : 1363
Pagefile Usage : 3024 K
Pagefile Peak Usage : 23388 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4408 K
Mem Usage Peak : 4408 K
Page Faults : 1242
Pagefile Usage : 1884 K
Pagefile Peak Usage : 1920 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1152
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 27136 K
Mem Usage Peak : 34820 K
Page Faults : 16896
Pagefile Usage : 16164 K
Pagefile Peak Usage : 24144 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1220
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:36 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3640 K
Mem Usage Peak : 3860 K
Page Faults : 1478
Pagefile Usage : 1376 K
Pagefile Peak Usage : 1624 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1368
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:37 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4600 K
Mem Usage Peak : 4612 K
Page Faults : 1212
Pagefile Usage : 1888 K
Pagefile Peak Usage : 1936 K
File Attributes : A
==================================================
==================================================
Process Name : aswUpdSv.exe
ProcessID : 1448
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! Antivirus updating service
Company : ALWIL Software
Window Title :
File Size : 18,752
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:01:26 م
Filename : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 312 K
Mem Usage Peak : 1896 K
Page Faults : 532
Pagefile Usage : 556 K
Pagefile Peak Usage : 556 K
File Attributes : A
==================================================
==================================================
Process Name : ashServ.exe
ProcessID : 1532
Priority : High
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! antivirus service
Company : ALWIL Software
Window Title :
File Size : 138,680
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:40 م
Filename : C:\Program Files\Alwil Software\Avast4\ashServ.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:38 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 19416 K
Mem Usage Peak : 119164 K
Page Faults : 114570
Pagefile Usage : 29432 K
Pagefile Peak Usage : 74668 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1820
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.5512 (xpsp.080413-2105)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Programs
File Size : 1,033,728
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:20 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 30/03/2009 09:53:43 م
Visible Windows : 3
Hidden Windows : 40
User Name : ASSEM\assemabdallh
Mem Usage : 13508 K
Mem Usage Peak : 32748 K
Page Faults : 51397
Pagefile Usage : 24016 K
Pagefile Peak Usage : 37448 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 2004
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:45 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4824 K
Mem Usage Peak : 4856 K
Page Faults : 1352
Pagefile Usage : 3116 K
Pagefile Peak Usage : 3436 K
File Attributes : A
==================================================
==================================================
Process Name : ashDisp.exe
ProcessID : 212
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! service GUI component
Company : ALWIL Software
Window Title :
File Size : 81,000
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:46 م
Filename : C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:46 م
Visible Windows : 0
Hidden Windows : 7
User Name : ASSEM\assemabdallh
Mem Usage : 1896 K
Mem Usage Peak : 5464 K
Page Faults : 4815
Pagefile Usage : 2620 K
Pagefile Peak Usage : 2644 K
File Attributes : A
==================================================
==================================================
Process Name : PasswordManagerFFAutoFill.exe
ProcessID : 296
Priority : Normal
Product Name : Steganos Privacy Suite
Version : 10.0.7
Description :
Company :
Window Title :
File Size : 21,504
File Created Date : 11/09/2008 01:10:34 م
File Modified Date : 11/09/2008 01:10:34 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:47 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 22436 K
Mem Usage Peak : 22436 K
Page Faults : 7953
Pagefile Usage : 18596 K
Pagefile Peak Usage : 19296 K
File Attributes : A
==================================================
==================================================
Process Name : SteganosHotKeyService.exe
ProcessID : 452
Priority : Normal
Product Name : Steganos Privacy Suite
Version : 10.0.7
Description :
Company :
Window Title :
File Size : 25,088
File Created Date : 11/09/2008 01:10:34 م
File Modified Date : 11/09/2008 01:10:34 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:48 م
Visible Windows : 0
Hidden Windows : 2
User Name : ASSEM\assemabdallh
Mem Usage : 21564 K
Mem Usage Peak : 21568 K
Page Faults : 9780
Pagefile Usage : 17824 K
Pagefile Peak Usage : 18232 K
File Attributes : A
==================================================
==================================================
Process Name : fredirstarter.exe
ProcessID : 476
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 57,344
File Created Date : 11/09/2008 01:15:16 م
File Modified Date : 11/09/2008 01:15:16 م
Filename : C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:48 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 716 K
Mem Usage Peak : 716 K
Page Faults : 175
Pagefile Usage : 480 K
Pagefile Peak Usage : 480 K
File Attributes : A
==================================================
==================================================
Process Name : IDMan.exe
ProcessID : 608
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5.14.1.0
Description : Internet Download Manager (IDM)
Company : Tonec Inc.
Window Title : 67% Zyzoom_eScan_9.0.742.1.exe
File Size : 931,248
File Created Date : 28/10/2008 10:46:40 ص
File Modified Date : 15/07/2008 06:39:04 ص
Filename : F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:49 م
Visible Windows : 1
Hidden Windows : 9
User Name : ASSEM\assemabdallh
Mem Usage : 5528 K
Mem Usage Peak : 13496 K
Page Faults : 14007
Pagefile Usage : 7292 K
Pagefile Peak Usage : 7824 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 1292
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.4076
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 282,624
File Created Date : 03/06/2003 02:30:20 ص
File Modified Date : 03/06/2003 02:30:20 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:54 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2256 K
Mem Usage Peak : 2256 K
Page Faults : 578
Pagefile Usage : 572 K
Pagefile Peak Usage : 572 K
File Attributes : A
==================================================
==================================================
Process Name : BTNtService.exe
ProcessID : 1356
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 110,592
File Created Date : 02/03/2009 04:26:57 م
File Modified Date : 06/04/2005 02:03:28 م
Filename : C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:56 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2524 K
Mem Usage Peak : 2552 K
Page Faults : 666
Pagefile Usage : 1832 K
Pagefile Peak Usage : 1868 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:36 ص
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:53:56 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3252 K
Mem Usage Peak : 3256 K
Page Faults : 858
Pagefile Usage : 2192 K
Pagefile Peak Usage : 2216 K
File Attributes : A
==================================================
==================================================
Process Name : FrameworkService.exe
ProcessID : 1488
Priority : Normal
Product Name : McAfee Common Framework
Version : 3.6.0.453
Description : Framework Service
Company : McAfee, Inc.
Window Title :
File Size : 104,000
File Created Date : 16/02/2009 07:14:29 م
File Modified Date : 17/11/2006 11:37:44 ص
Filename : C:\Program Files\McAfee\Common Framework\FrameworkService.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:53:57 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6328 K
Mem Usage Peak : 6396 K
Page Faults : 4984
Pagefile Usage : 4660 K
Pagefile Peak Usage : 4776 K
File Attributes : A
==================================================
==================================================
Process Name : netfxupdate.exe
ProcessID : 1768
Priority : Normal
Product Name : NetFxUpdate Application
Version : 1,0,3705,3
Description : NetFxUpdate Application
Company : Microsoft
Window Title :
File Size : 73,728
File Created Date : 15/01/2007 02:11:26 م
File Modified Date : 15/01/2007 02:11:26 م
Filename : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1432 K
Mem Usage Peak : 1436 K
Page Faults : 367
Pagefile Usage : 428 K
Pagefile Peak Usage : 432 K
File Attributes : A
==================================================
==================================================
Process Name : SatSrv.exe
ProcessID : 240
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 184,320
File Created Date : 05/12/2006 08:27:04 ص
File Modified Date : 05/12/2006 08:27:04 ص
Filename : C:\WINDOWS\system32\SatSrv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:02 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1908 K
Mem Usage Peak : 1908 K
Page Faults : 483
Pagefile Usage : 608 K
Pagefile Peak Usage : 628 K
File Attributes : A
==================================================
==================================================
Process Name : ngen.exe
ProcessID : 364
Priority : Normal
Product Name : Microsoft .NET Framework
Version : 1.1.4322.573
Description : Microsoft Common Language Runtime native compiler
Company : Microsoft Corporation
Window Title :
File Size : 73,728
File Created Date : 20/02/2003 05:09:46 م
File Modified Date : 20/02/2003 05:09:46 م
Filename : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen. exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:03 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 9512 K
Mem Usage Peak : 9524 K
Page Faults : 3681
Pagefile Usage : 5496 K
Pagefile Peak Usage : 5532 K
File Attributes : A
==================================================
==================================================
Process Name : naPrdMgr.exe
ProcessID : 432
Priority : Normal
Product Name : McAfee Common Framework
Version : 3.6.0.453
Description : NAI Product Manager
Company : McAfee, Inc.
Window Title :
File Size : 136,768
File Created Date : 16/02/2009 07:14:29 م
File Modified Date : 17/11/2006 11:40:56 ص
Filename : C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:04 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 860 K
Mem Usage Peak : 5084 K
Page Faults : 1893
Pagefile Usage : 2620 K
Pagefile Peak Usage : 2652 K
File Attributes : A
==================================================
==================================================
Process Name : ashMaiSv.exe
ProcessID : 572
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! e-Mail Scanner Service
Company : ALWIL Software
Window Title :
File Size : 254,040
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:08:26 م
Filename : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:08 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 640 K
Mem Usage Peak : 48600 K
Page Faults : 67352
Pagefile Usage : 2668 K
Pagefile Peak Usage : 24264 K
File Attributes : A
==================================================
==================================================
Process Name : ashWebSv.exe
ProcessID : 864
Priority : Normal
Product Name : avast! Antivirus
Version : 4, 8, 1335, 0
Description : avast! Web Scanner
Company : ALWIL Software
Window Title :
File Size : 352,920
File Created Date : 16/02/2009 07:39:38 م
File Modified Date : 05/02/2009 09:06:04 م
Filename : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:08 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 420 K
Mem Usage Peak : 48096 K
Page Faults : 48066
Pagefile Usage : 25924 K
Pagefile Peak Usage : 28844 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 2348
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:12 ص
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:11 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3600 K
Mem Usage Peak : 3612 K
Page Faults : 940
Pagefile Usage : 1204 K
Pagefile Peak Usage : 1232 K
File Attributes : A
==================================================
==================================================
Process Name : msiexec.exe
ProcessID : 2664
Priority : Normal
Product Name : Windows Installer - Unicode
Version : 3.1.4001.5512
Description : Windows® installer
Company : Microsoft Corporation
Window Title :
File Size : 78,848
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:28 ص
Filename : C:\WINDOWS\system32\msiexec.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 14072 K
Mem Usage Peak : 14856 K
Page Faults : 21880
Pagefile Usage : 7188 K
Pagefile Peak Usage : 7484 K
File Attributes : A
==================================================
==================================================
Process Name : IEMonitor.exe
ProcessID : 2804
Priority : Normal
Product Name : IEMonitor Application
Version : 5, 12, 8, 0
Description : Internet Download Manager agent for click monitoring in IE-based browsers
Company : Tonec Inc.
Window Title :
File Size : 251,312
File Created Date : 28/10/2008 10:46:37 ص
File Modified Date : 18/02/2008 01:01:02 م
Filename : F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IEMonitor.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:54:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : ASSEM\assemabdallh
Mem Usage : 4672 K
Mem Usage Peak : 4684 K
Page Faults : 1237
Pagefile Usage : 1500 K
Pagefile Peak Usage : 1516 K
File Attributes : A
==================================================
==================================================
Process Name : MsiExec.exe
ProcessID : 2900
Priority : Normal
Product Name : Windows Installer - Unicode
Version : 3.1.4001.5512
Description : Windows® installer
Company : Microsoft Corporation
Window Title :
File Size : 78,848
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:28 ص
Filename : C:\WINDOWS\system32\MsiExec.exe
Base Address : 0x01000000
Created On : 30/03/2009 09:54:18 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3732 K
Mem Usage Peak : 3740 K
Page Faults : 1129
Pagefile Usage : 1268 K
Pagefile Peak Usage : 1292 K
File Attributes : A
==================================================
==================================================
Process Name : firefox.exe
ProcessID : 1720
Priority : Normal
Product Name : Firefox
Version : 1.9.0.8
Description : Firefox
Company : Mozilla Corporation
Window Title : تعلم كيف تقوم بحل مشكله الشاشه الزرقاء والريسيت خلال دقائق ..شرح نادر وتفصيلي بالصور - زيزوووم للأمن والحمايه - Mozilla Firefox
File Size : 307,704
File Created Date : 16/02/2009 09:15:51 م
File Modified Date : 29/03/2009 07:18:20 ص
Filename : C:\Program Files\Mozilla Firefox\firefox.exe
Base Address : 0x00400000
Created On : 30/03/2009 09:55:12 م
Visible Windows : 1
Hidden Windows : 20
User Name : ASSEM\assemabdallh
Mem Usage : 82732 K
Mem Usage Peak : 99100 K
Page Faults : 555396
Pagefile Usage : 70872 K
Pagefile Peak Usage : 89696 K
File Attributes : A
==================================================
==================================================
Process Name : CTFMON.EXE
ProcessID : 2320
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2105)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:16 ص
Filename : C:\WINDOWS\system32\CTFMON.EXE
Base Address : 0x00400000
Created On : 30/03/2009 09:57:17 م
Visible Windows : 0
Hidden Windows : 5
User Name : ASSEM\assemabdallh
Mem Usage : 6492 K
Mem Usage Peak : 6492 K
Page Faults : 1734
Pagefile Usage : 1136 K
Pagefile Peak Usage : 1136 K
File Attributes : A
==================================================
==================================================
Process Name : Integrator.exe
ProcessID : 3636
Priority : Normal
Product Name : Dachshund Integrator
Version : 1.05.0001
Description :
Company : Dachshund Software
Window Title :
File Size : 151,552
File Created Date : 15/01/2003 09:46:24 ص
File Modified Date : 15/01/2003 09:46:24 ص
Filename : C:\WINDOWS\Integrator.exe
Base Address : 0x00400000
Created On : 30/03/2009 10:06:56 م
Visible Windows : 0
Hidden Windows : 7
User Name : ASSEM\assemabdallh
Mem Usage : 4940 K
Mem Usage Peak : 5036 K
Page Faults : 1336
Pagefile Usage : 1248 K
Pagefile Peak Usage : 1276 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 2124
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 30/03/2009 08:30:37 م
File Modified Date : 31/01/2008 11:24:26 م
Filename : C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 30/03/2009 10:30:37 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 2128 K
Mem Usage Peak : 2136 K
Page Faults : 613
Pagefile Usage : 624 K
Pagefile Peak Usage : 700 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2212
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 389,120
File Created Date : 04/08/2004 08:00:00 ص
File Modified Date : 14/04/2008 12:12:14 ص
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 30/03/2009 10:30:38 م
Visible Windows : 0
Hidden Windows : 1
User Name : ASSEM\assemabdallh
Mem Usage : 2924 K
Mem Usage Peak : 2992 K
Page Faults : 829
Pagefile Usage : 2060 K
Pagefile Peak Usage : 2136 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 2232
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2108)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 16/02/2009 12:46:43 م
File Modified Date : 14/04/2008 12:12:40 ص
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 30/03/2009 10:30:38 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5704 K
Mem Usage Peak : 5704 K
Page Faults : 1463
Pagefile Usage : 2912 K
Pagefile Peak Usage : 2912 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 172
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 30/03/2009 08:30:37 م
File Modified Date : 14/07/2005 05:46:34 ص
Filename : C:\DOCUME~1\ASSEMA~1\LOCALS~1\Temp\bntoz\CProcess. exe
Base Address : 0x00400000
Created On : 30/03/2009 10:30:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : ASSEM\assemabdallh
Mem Usage : 2220 K
Mem Usage Peak : 2256 K
Page Faults : 867
Pagefile Usage : 888 K
Pagefile Peak Usage : 944 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
explorer.exe
explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.5512
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast!
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
avast! service GUI component
ALWIL Software
4.08.1335.0000
c:\program files\alwil software\avast4\ashdisp.exe
SSS2008 PasswordManagerFFAutoFill
"C:\Program Files\Steganos Privacy Suite 2008\PasswordManagerFFAutoFill.exe"
10.00.0007.0000
c:\program files\steganos privacy suite 2008\passwordmanagerffautofill.exe
SSS2008 HotKeys
"C:\Program Files\Steganos Privacy Suite 2008\SteganosHotKeyService.exe"
10.00.0007.0000
c:\program files\steganos privacy suite 2008\steganoshotkeyservice.exe
SSS2008 File Redirection Starter
"C:\Program Files\Steganos Privacy Suite 2008\fredirstarter.exe"
c:\program files\steganos privacy suite 2008\fredirstarter.exe
C:\Documents and Settings\assemabdallh\Start Menu\Programs\Startup
AntiCrash.lnk
C:\Documents and Settings\assemabdallh\Start Menu\Programs\Startup\AntiCrash.lnk
1.00.0000.0000
c:\program files\dachshund software\anticrash\anticrash.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
IDMan
F:\برامج كمبيوتر\IDM_5.14\IDM_5.14\Cracked EXE\IDMan.exe /onboot
Internet Download Manager (IDM)
Tonec Inc.
5.14.0001.0000
f:\برامج كمبيوتر\idm_5.14\idm_5.14\cracked exe\idman.exe
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\ctfmon.exe
.
.
----------- End Report ---------------
