لآآآآآآآآآآآآ آلحين صرآحه طلعت الفضآيح
بالنسبة للاداة فالعذر والسموحه لاني تكيسلت احملها لانها موجوده عندي سآبقا
بس يوم جربت اداتك طلع الفرق !
...
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:08:00 م, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUMENTS AND SETTINGS\FREE USER\DESKTOP\PROCEXP.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
--
End of file - 1511 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 832
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 10/02/1429 04:50:10 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 384 K
Mem Usage Peak : 472 K
Page Faults : 217
Pagefile Usage : 188 K
Pagefile Peak Usage : 204 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 940
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 10/02/1429 04:50:15 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6400 K
Mem Usage Peak : 6800 K
Page Faults : 16050
Pagefile Usage : 2440 K
Pagefile Peak Usage : 2444 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 964
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:15 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5724 K
Mem Usage Peak : 20900 K
Page Faults : 29301
Pagefile Usage : 14584 K
Pagefile Peak Usage : 24432 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:16 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 6628 K
Mem Usage Peak : 7088 K
Page Faults : 2510
Pagefile Usage : 4420 K
Pagefile Peak Usage : 20228 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 1020
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA l (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:16 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1728 K
Mem Usage Peak : 9124 K
Page Faults : 24014
Pagefile Usage : 9748 K
Pagefile Peak Usage : 9940 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1200
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:17 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5768 K
Mem Usage Peak : 5828 K
Page Faults : 1876
Pagefile Usage : 7292 K
Pagefile Peak Usage : 27296 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1296
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:18 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 4668 K
Mem Usage Peak : 4668 K
Page Faults : 1380
Pagefile Usage : 5148 K
Pagefile Peak Usage : 5164 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1424
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:18 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 49968 K
Mem Usage Peak : 73616 K
Page Faults : 371508
Pagefile Usage : 44732 K
Pagefile Peak Usage : 65696 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1480
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:18 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3852 K
Mem Usage Peak : 3892 K
Page Faults : 1824
Pagefile Usage : 1720 K
Pagefile Peak Usage : 1768 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:19 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 7948 K
Mem Usage Peak : 7992 K
Page Faults : 6464
Pagefile Usage : 9360 K
Pagefile Peak Usage : 9412 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1920
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:22 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 7076 K
Mem Usage Peak : 8296 K
Page Faults : 2842
Pagefile Usage : 7884 K
Pagefile Peak Usage : 11452 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.exe
ProcessID : 388
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,403,904
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 28/05/1428 10:23:08 ص
Filename : C:\WINDOWS\Explorer.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:31 ص
Visible Windows : 2
Hidden Windows : 60
User Name : DEXTER-LABS\Free User
Mem Usage : 73472 K
Mem Usage Peak : 81388 K
Page Faults : 170785
Pagefile Usage : 68204 K
Pagefile Peak Usage : 81108 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 508
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 11:51:38 ص
File Modified Date : 13/06/1428 11:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 10/02/1429 04:50:34 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 93864 K
Mem Usage Peak : 171180 K
Page Faults : 1954012
Pagefile Usage : 93528 K
Pagefile Peak Usage : 171328 K
File Attributes : A
==================================================
==================================================
Process Name : mdm.exe
ProcessID : 612
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.10.3077
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 335,872
File Created Date : 04/10/1427 12:40:34 م
File Modified Date : 04/10/1427 12:40:34 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
Base Address : 0x00400000
Created On : 10/02/1429 04:50:34 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2688 K
Mem Usage Peak : 2704 K
Page Faults : 1121
Pagefile Usage : 3732 K
Pagefile Peak Usage : 3752 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 848
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.0.125
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 218,376
File Created Date : 13/06/1428 11:51:38 ص
File Modified Date : 13/06/1428 11:51:38 ص
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
Base Address : 0x00400000
Created On : 10/02/1429 04:50:37 ص
Visible Windows : 0
Hidden Windows : 8
User Name : DEXTER-LABS\Free User
Mem Usage : 3404 K
Mem Usage Peak : 10524 K
Page Faults : 48553
Pagefile Usage : 13660 K
Pagefile Peak Usage : 22148 K
File Attributes : A
==================================================
==================================================
Process Name : SbieSvc.exe
ProcessID : 864
Priority : Normal
Product Name : Sandboxie
Version : 3.21
Description : Sandboxie Service
Company : tzuk
Window Title :
File Size : 51,200
File Created Date : 26/11/1428 01:48:02 م
File Modified Date : 26/11/1428 01:48:02 م
Filename : C:\Program Files\Sandboxie\SbieSvc.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:38 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5964 K
Mem Usage Peak : 5996 K
Page Faults : 1582
Pagefile Usage : 5076 K
Pagefile Peak Usage : 22420 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1972
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 10/02/1429 04:50:56 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 3760 K
Mem Usage Peak : 3760 K
Page Faults : 1009
Pagefile Usage : 4148 K
Pagefile Peak Usage : 4156 K
File Attributes : A
==================================================
==================================================
Process Name : TSCHelp.exe
ProcessID : 752
Priority : Normal
Product Name :
Version : 8.2.3.14
Description : TechSmith HTML Help Helper
Company : TechSmith Corporation
Window Title :
File Size : 58,952
File Created Date : 14/04/1428 10:12:10 ص
File Modified Date : 14/04/1428 10:12:10 ص
Filename : C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
Base Address : 0x00400000
Created On : 10/02/1429 04:50:57 ص
Visible Windows : 0
Hidden Windows : 2
User Name : DEXTER-LABS\Free User
Mem Usage : 3368 K
Mem Usage Peak : 3468 K
Page Faults : 933
Pagefile Usage : 1280 K
Pagefile Peak Usage : 1332 K
File Attributes : A
==================================================
==================================================
Process Name : SnagPriv.exe
ProcessID : 1700
Priority : Normal
Product Name : SnagPriv
Version : 8.2.3.14
Description : SnagIt RPC Helper
Company : TechSmith Corporation
Window Title :
File Size : 75,336
File Created Date : 14/04/1428 10:12:10 ص
File Modified Date : 14/04/1428 10:12:10 ص
Filename : C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
Base Address : 0x00400000
Created On : 10/02/1429 04:50:58 ص
Visible Windows : 0
Hidden Windows : 0
User Name : DEXTER-LABS\Free User
Mem Usage : 2544 K
Mem Usage Peak : 2544 K
Page Faults : 667
Pagefile Usage : 728 K
Pagefile Peak Usage : 728 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 3792
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 10/02/1429 05:04:05 ص
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3612 K
Mem Usage Peak : 3620 K
Page Faults : 965
Pagefile Usage : 4536 K
Pagefile Peak Usage : 4560 K
File Attributes : A
==================================================
==================================================
Process Name : PROCEXP.EXE
ProcessID : 1888
Priority : High
Product Name : Process Explorer
Version : 11.04
Description : Sysinternals Process Explorer
Company : Sysinternals
Window Title :
File Size : 3,564,584
File Created Date : 16/12/1428 09:14:53 ص
File Modified Date : 25/10/1428 06:54:22 ص
Filename : C:\DOCUMENTS AND SETTINGS\FREE USER\DESKTOP\PROCEXP.EXE
Base Address : 0x00400000
Created On : 10/02/1429 12:08:38 م
Visible Windows : 0
Hidden Windows : 12
User Name : DEXTER-LABS\Free User
Mem Usage : 23608 K
Mem Usage Peak : 23612 K
Page Faults : 37895
Pagefile Usage : 21284 K
Pagefile Peak Usage : 21288 K
File Attributes : A
==================================================
==================================================
Process Name : firefox.exe
ProcessID : 2352
Priority : Normal
Product Name : Firefox
Version : 1.8.1.12: 2008020121
Description : Firefox
Company : Mozilla Corporation
Window Title : Downloads
File Size : 7,655,024
File Created Date : 23/11/1428 03:55:53 م
File Modified Date : 01/02/1429 12:54:45 م
Filename : C:\Program Files\Mozilla Firefox\firefox.exe
Base Address : 0x00400000
Created On : 10/02/1429 02:52:05 م
Visible Windows : 2
Hidden Windows : 37
User Name : DEXTER-LABS\Free User
Mem Usage : 48460 K
Mem Usage Peak : 51120 K
Page Faults : 235982
Pagefile Usage : 41788 K
Pagefile Peak Usage : 44656 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 3984
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 10/02/1429 12:07:54 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 10/02/1429 03:07:54 م
Visible Windows : 0
Hidden Windows : 0
User Name : DEXTER-LABS\Free User
Mem Usage : 2524 K
Mem Usage Peak : 2524 K
Page Faults : 717
Pagefile Usage : 976 K
Pagefile Peak Usage : 980 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2488
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 391,680
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 10/02/1429 03:07:55 م
Visible Windows : 0
Hidden Windows : 1
User Name : DEXTER-LABS\Free User
Mem Usage : 3028 K
Mem Usage Peak : 3092 K
Page Faults : 855
Pagefile Usage : 2172 K
Pagefile Peak Usage : 2248 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 3528
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 17/11/1428 07:53:37 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 10/02/1429 03:07:57 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 6280 K
Mem Usage Peak : 6280 K
Page Faults : 1605
Pagefile Usage : 6884 K
Pagefile Peak Usage : 9312 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3172
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 10/02/1429 11:38:02 ص
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 10/02/1429 03:08:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : DEXTER-LABS\Free User
Mem Usage : 2512 K
Mem Usage Peak : 2572 K
Page Faults : 861
Pagefile Usage : 1072 K
Pagefile Peak Usage : 1760 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\l
explorer.exe
explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
Task Scheduler
1-Click Maintenance.job
C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe /schedulestart
TuneUp System Optimizer
TuneUp Software GmbH
6.00.2200.0230
c:\program files\tuneup utilities 2007\systemoptimizer.exe
AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Apple Software Update
Apple Inc.
2.00.0002.0092
c:\program files\apple software update\softwareupdate.exe
.
.
----------- End Report ---------------
