السلام عليكم ورحمة الله وبركاته
أنا عندي مشكلتين حديثتين في الجهاز وأستعصى علي حلهما
الأولى وهي أنني قمت بتحديث بعض مكونات الجهاز مثل كرت الصوت وكرت الشاشة
وأردت تحديث كرت التليفزيون لكنني لم أستطع تثبيته على الجهاز فقمت بحذفه وبعدها
أصبح الجهاز في كل مره أقوم بها بتشغيل الجهاز أو إعادة تشغيله يطلب مني تثبيت البرنامج
أو التعريف هذه هي المشكلة الأولى.
الثانية وهي أنه خلال هذا الأسبوع أصبحت عندما أريد تشغيل الجهاز أو إعادة تشغيله تظهر لي
في بداية التشغيل شاشة التشغيل السوداء ويطلب مني الأختيار بين F1 أو F2
وعندما أختار الخيار الأول يبدأ تشغيل الجهاز
وهذا تقرير سريع وشامل عن الجهاز
أنا عندي مشكلتين حديثتين في الجهاز وأستعصى علي حلهما
الأولى وهي أنني قمت بتحديث بعض مكونات الجهاز مثل كرت الصوت وكرت الشاشة
وأردت تحديث كرت التليفزيون لكنني لم أستطع تثبيته على الجهاز فقمت بحذفه وبعدها
أصبح الجهاز في كل مره أقوم بها بتشغيل الجهاز أو إعادة تشغيله يطلب مني تثبيت البرنامج
أو التعريف هذه هي المشكلة الأولى.
الثانية وهي أنه خلال هذا الأسبوع أصبحت عندما أريد تشغيل الجهاز أو إعادة تشغيله تظهر لي
في بداية التشغيل شاشة التشغيل السوداء ويطلب مني الأختيار بين F1 أو F2
وعندما أختار الخيار الأول يبدأ تشغيل الجهاز
وهذا تقرير سريع وشامل عن الجهاز
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:14 ص, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\iTunes\iTune****per.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Ozone\Audio Converter\mediaco.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.80:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor ****** - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [BearFlix] "C:\Program Files\BearFlix\BearFlix.exe" /pause
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTune****per] "C:\Program Files\iTunes\iTune****per.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [FreeNote] C:\Program Files\FreeNote\freenote.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7374 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 444
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 11/03/1429 07:58:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 60 K
Mem Usage Peak : 704 K
Page Faults : 419
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 492
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 11/03/1429 07:58:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2904 K
Mem Usage Peak : 26132 K
Page Faults : 64356
Pagefile Usage : 2304 K
Pagefile Peak Usage : 3552 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 520
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:42 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5104 K
Mem Usage Peak : 17508 K
Page Faults : 37315
Pagefile Usage : 13200 K
Pagefile Peak Usage : 14188 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 564
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:44 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1676 K
Mem Usage Peak : 18164 K
Page Faults : 22928
Pagefile Usage : 7060 K
Pagefile Peak Usage : 14424 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA ****l (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:44 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1652 K
Mem Usage Peak : 6816 K
Page Faults : 121310
Pagefile Usage : 5696 K
Pagefile Peak Usage : 5832 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 744
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.10.4119
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 376,832
File Created Date : 19/09/1428 11:51:48 م
File Modified Date : 27/07/1426 05:36:10 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:58:47 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 452 K
Mem Usage Peak : 2772 K
Page Faults : 1395
Pagefile Usage : 776 K
Pagefile Peak Usage : 776 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 764
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:47 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1648 K
Mem Usage Peak : 5176 K
Page Faults : 4825
Pagefile Usage : 6840 K
Pagefile Peak Usage : 26796 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 836
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:49 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1600 K
Mem Usage Peak : 6200 K
Page Faults : 4431
Pagefile Usage : 6792 K
Pagefile Peak Usage : 7788 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 908
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 27116 K
Mem Usage Peak : 63232 K
Page Faults : 422582
Pagefile Usage : 36840 K
Pagefile Peak Usage : 53808 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 976
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1376 K
Mem Usage Peak : 3556 K
Page Faults : 5277
Pagefile Usage : 1668 K
Pagefile Peak Usage : 1784 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1088
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1216 K
Mem Usage Peak : 4696 K
Page Faults : 3853
Pagefile Usage : 4856 K
Pagefile Peak Usage : 4880 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1240
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:54 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 824 K
Mem Usage Peak : 4888 K
Page Faults : 2822
Pagefile Usage : 6092 K
Pagefile Peak Usage : 6748 K
File Attributes : A
==================================================
==================================================
Process Name : AppleMobileDeviceService.exe
ProcessID : 1376
Priority : Normal
Product Name : Apple Mobile Device Service
Version : 1, 14, 0, 0
Description : Apple Mobile Device Service
Company : Apple, Inc.
Window Title :
File Size : 110,592
File Created Date : 20/10/1428 11:09:16 ص
File Modified Date : 20/10/1428 11:09:16 ص
Filename : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:00 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 200 K
Mem Usage Peak : 2428 K
Page Faults : 751
Pagefile Usage : 2200 K
Pagefile Peak Usage : 2200 K
File Attributes : A
==================================================
==================================================
Process Name : guard.exe
ProcessID : 1408
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 22
Description : AVG Anti-Spyware guard
Company : GRISOFT s.r.o.
Window Title :
File Size : 312,880
File Created Date : 14/05/1428 12:31:10 م
File Modified Date : 14/05/1428 12:31:10 م
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 13340 K
Mem Usage Peak : 49640 K
Page Faults : 422072
Pagefile Usage : 39612 K
Pagefile Peak Usage : 59024 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 1456
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 09:25:00 م
File Modified Date : 19/04/1424 09:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 11/03/1429 07:59:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 400 K
Mem Usage Peak : 3284 K
Page Faults : 1856
Pagefile Usage : 3932 K
Pagefile Peak Usage : 3948 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 1828
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.10.4119
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 376,832
File Created Date : 19/09/1428 11:51:48 م
File Modified Date : 27/07/1426 05:36:10 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:11 م
Visible Windows : 0
Hidden Windows : 2
User Name : ARABSWELL\Free User
Mem Usage : 560 K
Mem Usage Peak : 4044 K
Page Faults : 1808
Pagefile Usage : 3692 K
Pagefile Peak Usage : 4956 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1980
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,033,216
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 11/03/1429 07:59:12 م
Visible Windows : 2
Hidden Windows : 29
User Name : ARABSWELL\Free User
Mem Usage : 15248 K
Mem Usage Peak : 52524 K
Page Faults : 1950509
Pagefile Usage : 42584 K
Pagefile Peak Usage : 70900 K
File Attributes : A
==================================================
==================================================
Process Name : RTHDCPL.EXE
ProcessID : 184
Priority : Normal
Product Name : Realtek HD Audio Sound Effect Manager
Version : 2.0.2.1
Description : Realtek HD Audio Control Panel
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 14,864,384
File Created Date : 19/09/1428 11:36:07 م
File Modified Date : 13/09/1426 01:51:40 ص
Filename : C:\WINDOWS\RTHDCPL.EXE
Base Address : 0x00400000
Created On : 11/03/1429 07:59:15 م
Visible Windows : 0
Hidden Windows : 43
User Name : ARABSWELL\Free User
Mem Usage : 1504 K
Mem Usage Peak : 27240 K
Page Faults : 13135
Pagefile Usage : 17008 K
Pagefile Peak Usage : 17020 K
File Attributes : AR
==================================================
==================================================
Process Name : DevDetect.exe
ProcessID : 204
Priority : Normal
Product Name : Device Detector
Version : 4,0,77,0
Description : Device Detector
Company : ACD Systems, Ltd.
Window Title :
File Size : 439,632
File Created Date : 09/08/1428 02:35:40 م
File Modified Date : 09/08/1428 02:35:40 م
Filename : C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : ARABSWELL\Free User
Mem Usage : 552 K
Mem Usage Peak : 4784 K
Page Faults : 2727
Pagefile Usage : 5452 K
Pagefile Peak Usage : 5480 K
File Attributes : A
==================================================
==================================================
Process Name : iTune****per.exe
ProcessID : 232
Priority : Normal
Product Name : iTunes
Version : 7.5.0.20
Description : iTune****per Module
Company : Apple Inc.
Window Title :
File Size : 267,048
File Created Date : 02/12/1428 09:10:26 ص
File Modified Date : 02/12/1428 09:10:26 ص
Filename : C:\Program Files\iTunes\iTune****per.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 7
User Name : ARABSWELL\Free User
Mem Usage : 524 K
Mem Usage Peak : 30180 K
Page Faults : 11961
Pagefile Usage : 10796 K
Pagefile Peak Usage : 10960 K
File Attributes : A
==================================================
==================================================
Process Name : zyzoom.exe
ProcessID : 240
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 43
Description : AVG Anti-Spyware
Company : GRISOFT s.r.o.
Window Title :
File Size : 6,731,312
File Created Date : 24/12/1428 03:00:05 ص
File Modified Date : 23/10/1428 01:50:41 ص
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 25
User Name : ARABSWELL\Free User
Mem Usage : 2620 K
Mem Usage Peak : 50272 K
Page Faults : 406192
Pagefile Usage : 45880 K
Pagefile Peak Usage : 68172 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 252
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 5
User Name : ARABSWELL\Free User
Mem Usage : 896 K
Mem Usage Peak : 3404 K
Page Faults : 4351
Pagefile Usage : 1476 K
Pagefile Peak Usage : 1480 K
File Attributes : A
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 264
Priority : Normal
Product Name : Messenger
Version : 8.5.1288.0816
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,728,112
File Created Date : 03/08/1428 01:19:34 م
File Modified Date : 29/09/1428 03:28:52 ص
Filename : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:17 م
Visible Windows : 1
Hidden Windows : 18
User Name : ARABSWELL\Free User
Mem Usage : 3788 K
Mem Usage Peak : 29168 K
Page Faults : 28361
Pagefile Usage : 21308 K
Pagefile Peak Usage : 21772 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 396
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 2, 0, 301, 1654
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 68,856
File Created Date : 23/09/1428 03:30:33 ص
File Modified Date : 23/09/1428 03:30:34 ص
Filename : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:18 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 424 K
Mem Usage Peak : 5608 K
Page Faults : 7944
Pagefile Usage : 6608 K
Pagefile Peak Usage : 6648 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:59:21 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 604 K
Mem Usage Peak : 3768 K
Page Faults : 2663
Pagefile Usage : 4168 K
Pagefile Peak Usage : 4212 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1056
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:59:22 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 84 K
Mem Usage Peak : 4556 K
Page Faults : 1675
Pagefile Usage : 5852 K
Pagefile Peak Usage : 6004 K
File Attributes : A
==================================================
==================================================
Process Name : Pando.exe
ProcessID : 2520
Priority : Normal
Product Name : pando
Version : 1,9,5,3
Description : pando
Company : Pando Networks
Window Title :
File Size : 6,051,144
File Created Date : 07/02/1429 03:35:32 م
File Modified Date : 07/02/1429 03:35:32 م
Filename : C:\Program Files\Pando Networks\Pando\Pando.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:42 م
Visible Windows : 0
Hidden Windows : 14
User Name : ARABSWELL\Free User
Mem Usage : 10636 K
Mem Usage Peak : 24720 K
Page Faults : 505547
Pagefile Usage : 38456 K
Pagefile Peak Usage : 44952 K
File Attributes :
==================================================
==================================================
Process Name : WinCinemaMgr.exe
ProcessID : 2696
Priority : Normal
Product Name : WinCinema Manager for InterVideo WinCinema products
Version : 2.0.5
Description : WinCinema Manager
Company : InterVideo Inc.
Window Title :
File Size : 278,528
File Created Date : 20/09/1428 12:14:13 ص
File Modified Date : 08/05/1426 03:35:46 ص
Filename : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:48 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 804 K
Mem Usage Peak : 3632 K
Page Faults : 2288
Pagefile Usage : 992 K
Pagefile Peak Usage : 1124 K
File Attributes : A
==================================================
==================================================
Process Name : iPodService.exe
ProcessID : 3040
Priority : Normal
Product Name : iTunes
Version : 7.5.0.20
Description : iPodService Module
Company : Apple Inc.
Window Title :
File Size : 504,104
File Created Date : 02/12/1428 09:10:16 ص
File Modified Date : 02/12/1428 09:10:16 ص
Filename : C:\Program Files\iPod\bin\iPodService.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:00:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 780 K
Mem Usage Peak : 4072 K
Page Faults : 1538
Pagefile Usage : 5756 K
Pagefile Peak Usage : 5784 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1840
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.1.325
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 227,856
File Created Date : 01/02/1429 03:36:14 م
File Modified Date : 01/02/1429 03:36:14 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:04:17 م
Visible Windows : 0
Hidden Windows : 6
User Name : ARABSWELL\Free User
Mem Usage : 4688 K
Mem Usage Peak : 19792 K
Page Faults : 121828
Pagefile Usage : 14656 K
Pagefile Peak Usage : 23392 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 2664
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.1.325
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 227,856
File Created Date : 01/02/1429 03:36:14 م
File Modified Date : 01/02/1429 03:36:14 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:04:21 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 18556 K
Mem Usage Peak : 96952 K
Page Faults : 11160497
Pagefile Usage : 43360 K
Pagefile Peak Usage : 354272 K
File Attributes : A
==================================================
==================================================
Process Name : ntvdm.exe
ProcessID : 2884
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : NTVDM.EXE
Company : Microsoft Corporation
Window Title :
File Size : 419,840
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\ntvdm.exe
Base Address : 0x0F000000
Created On : 11/03/1429 08:31:23 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 696 K
Mem Usage Peak : 11180 K
Page Faults : 15081
Pagefile Usage : 4584 K
Pagefile Peak Usage : 8112 K
File Attributes : A
==================================================
==================================================
Process Name : mplayerc.exe
ProcessID : 3740
Priority : Normal
Product Name : Media Player Classic
Version : 6, 4, 9, 1
Description : Media Player Classic
Company : Gabest
Window Title :
File Size : 4,304,896
File Created Date : 07/12/1428 12:45:12 م
File Modified Date : 06/11/1428 09:56:12 ص
Filename : C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
Base Address : 0x00400000
Created On : 12/03/1429 03:22:33 م
Visible Windows : 0
Hidden Windows : 27
User Name : ARABSWELL\Free User
Mem Usage : 648 K
Mem Usage Peak : 18120 K
Page Faults : 7630
Pagefile Usage : 11640 K
Pagefile Peak Usage : 13904 K
File Attributes : A
==================================================
==================================================
Process Name : mediaco.exe
ProcessID : 3252
Priority : Normal
Product Name : محول الصوتيات
Version : 7.00
Description : محول الصوتيات
Company : Ozone Media
Window Title : OZO Media - محول الصوتيات والفيديو
File Size : 368,640
File Created Date : 14/11/1428 08:59:34 م
File Modified Date : 24/10/1427 08:52:48 ص
Filename : C:\Program Files\Ozone\Audio Converter\mediaco.exe
Base Address : 0x00400000
Created On : 13/03/1429 01:40:18 ص
Visible Windows : 3
Hidden Windows : 3
User Name : ARABSWELL\Free User
Mem Usage : 2608 K
Mem Usage Peak : 7656 K
Page Faults : 2456
Pagefile Usage : 4076 K
Pagefile Peak Usage : 4080 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 1820
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16608 (vista_gdr.071204-1500)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : ركــن برامج الحماية - زيزوووم للأمن والحمايه - Windows Internet Explorer
File Size : 625,664
File Created Date : 19/09/1428 10:17:52 م
File Modified Date : 27/11/1428 11:01:25 ص
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:18:07 ص
Visible Windows : 1
Hidden Windows : 28
User Name : ARABSWELL\Free User
Mem Usage : 15848 K
Mem Usage Peak : 28776 K
Page Faults : 21331
Pagefile Usage : 37320 K
Pagefile Peak Usage : 37424 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 796
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 13/03/1429 07:20:02 ص
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:20:04 ص
Visible Windows : 0
Hidden Windows : 0
User Name : ARABSWELL\Free User
Mem Usage : 2320 K
Mem Usage Peak : 2320 K
Page Faults : 664
Pagefile Usage : 936 K
Pagefile Peak Usage : 940 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2564
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 13/03/1429 10:20:04 ص
Visible Windows : 0
Hidden Windows : 1
User Name : ARABSWELL\Free User
Mem Usage : 3244 K
Mem Usage Peak : 3308 K
Page Faults : 911
Pagefile Usage : 2200 K
Pagefile Peak Usage : 2276 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 384
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 19/09/1428 10:16:08 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 13/03/1429 10:20:07 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5956 K
Mem Usage Peak : 5956 K
Page Faults : 1527
Pagefile Usage : 6476 K
Pagefile Peak Usage : 6476 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3948
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 13/03/1429 07:20:02 ص
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:20:15 ص
Visible Windows : 0
Hidden Windows : 0
User Name : ARABSWELL\Free User
Mem Usage : 2316 K
Mem Usage Peak : 2352 K
Page Faults : 1070
Pagefile Usage : 968 K
Pagefile Peak Usage : 1640 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\****l
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RTHDCPL
RTHDCPL.EXE
Realtek HD Audio Control Panel
Realtek Semiconductor Corp.
2.00.0002.0001
c:\windows\rthdcpl.exe
NeroFilterCheck
C:\WINDOWS\system32\NeroCheck.exe
NeroCheck
Ahead Software Gmbh
1.00.0000.0002
c:\windows\system32\nerocheck.exe
Device Detector
DevDetect.exe -autorun
Device Detector
ACD Systems, Ltd.
4.00.0077.0000
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
BearFlix
"C:\Program Files\BearFlix\BearFlix.exe" /pause
File not found: C:\Program Files\BearFlix\BearFlix.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Inc.
7.03.0001.0070
c:\program files\quicktime\qttask.exe
iTune****per
"C:\Program Files\iTunes\iTune****per.exe"
iTune****per Module
Apple Inc.
7.05.0000.0020
c:\program files\itunes\itune****per.exe
!AVG Anti-Spyware
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
AVG Anti-Spyware
GRISOFT s.r.o.
7.05.0001.0043
c:\program files\grisoft\avg anti-spyware 7.5\zyzoom.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
7.00.0001.0325
c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
7.00.0005.0172
c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
InterVideo WinCinema Manager.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
WinCinema Manager
InterVideo Inc.
2.00.0005.0000
c:\program files\intervideo\common\bin\wincinemamgr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MsnMsgr
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
Windows Live Messenger
Microsoft Corporation
8.05.1288.0816
c:\program files\windows live\messenger\msnmsgr.exe
swg
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
GoogleToolbarNotifier
Google Inc.
2.00.0301.1654
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
BitComet
"C:\Program Files\BitComet\BitComet.exe" /tray
BitComet - a BitTorrent Client
0.93.0009.0010
c:\program files\bitcomet\bitcomet.exe
FreeNote
C:\Program Files\FreeNote\freenote.exe
File not found: C:\Program Files\FreeNote\freenote.exe
Pando
"C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
pando
Pando Networks
1.09.0005.0003
c:\program files\pando networks\pando\pando.exe
Task Scheduler
AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Apple Software Update
Apple Inc.
2.00.0002.0092
c:\program files\apple software update\softwareupdate.exe
User_Feed_Synchronization-{B40EAF07-DF3D-4BFB-A6D9-159C49FD9797}.job
C:\WINDOWS\system32\msfeedssync.exe sync
Microsoft Feeds Synchronization
Microsoft Corporation
7.00.5730.0011
c:\windows\system32\msfeedssync.exe
.
.
----------- End Report ---------------
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:14 ص, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\iTunes\iTune****per.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Ozone\Audio Converter\mediaco.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.80:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor ****** - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [BearFlix] "C:\Program Files\BearFlix\BearFlix.exe" /pause
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTune****per] "C:\Program Files\iTunes\iTune****per.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [FreeNote] C:\Program Files\FreeNote\freenote.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 7374 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 444
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 11/03/1429 07:58:36 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 60 K
Mem Usage Peak : 704 K
Page Faults : 419
Pagefile Usage : 168 K
Pagefile Peak Usage : 1676 K
File Attributes : A
==================================================
==================================================
Process Name : csrss.exe
ProcessID : 492
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 11/03/1429 07:58:39 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2904 K
Mem Usage Peak : 26132 K
Page Faults : 64356
Pagefile Usage : 2304 K
Pagefile Peak Usage : 3552 K
File Attributes : A
==================================================
==================================================
Process Name : winlogon.exe
ProcessID : 520
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 502,272
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:42 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5104 K
Mem Usage Peak : 17508 K
Page Faults : 37315
Pagefile Usage : 13200 K
Pagefile Peak Usage : 14188 K
File Attributes : A
==================================================
==================================================
Process Name : services.exe
ProcessID : 564
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,032
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:44 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1676 K
Mem Usage Peak : 18164 K
Page Faults : 22928
Pagefile Usage : 7060 K
Pagefile Peak Usage : 14424 K
File Attributes : A
==================================================
==================================================
Process Name : lsass.exe
ProcessID : 576
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : LSA ****l (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:44 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1652 K
Mem Usage Peak : 6816 K
Page Faults : 121310
Pagefile Usage : 5696 K
Pagefile Peak Usage : 5832 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 744
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.10.4119
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 376,832
File Created Date : 19/09/1428 11:51:48 م
File Modified Date : 27/07/1426 05:36:10 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:58:47 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 452 K
Mem Usage Peak : 2772 K
Page Faults : 1395
Pagefile Usage : 776 K
Pagefile Peak Usage : 776 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 764
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:47 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1648 K
Mem Usage Peak : 5176 K
Page Faults : 4825
Pagefile Usage : 6840 K
Pagefile Peak Usage : 26796 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 836
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:49 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1600 K
Mem Usage Peak : 6200 K
Page Faults : 4431
Pagefile Usage : 6792 K
Pagefile Peak Usage : 7788 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 908
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:49 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 27116 K
Mem Usage Peak : 63232 K
Page Faults : 422582
Pagefile Usage : 36840 K
Pagefile Peak Usage : 53808 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 976
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1376 K
Mem Usage Peak : 3556 K
Page Faults : 5277
Pagefile Usage : 1668 K
Pagefile Peak Usage : 1784 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1088
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:50 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1216 K
Mem Usage Peak : 4696 K
Page Faults : 3853
Pagefile Usage : 4856 K
Pagefile Peak Usage : 4880 K
File Attributes : A
==================================================
==================================================
Process Name : spoolsv.exe
ProcessID : 1240
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 04/05/1426 11:53:32 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:58:54 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 824 K
Mem Usage Peak : 4888 K
Page Faults : 2822
Pagefile Usage : 6092 K
Pagefile Peak Usage : 6748 K
File Attributes : A
==================================================
==================================================
Process Name : AppleMobileDeviceService.exe
ProcessID : 1376
Priority : Normal
Product Name : Apple Mobile Device Service
Version : 1, 14, 0, 0
Description : Apple Mobile Device Service
Company : Apple, Inc.
Window Title :
File Size : 110,592
File Created Date : 20/10/1428 11:09:16 ص
File Modified Date : 20/10/1428 11:09:16 ص
Filename : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:00 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 200 K
Mem Usage Peak : 2428 K
Page Faults : 751
Pagefile Usage : 2200 K
Pagefile Peak Usage : 2200 K
File Attributes : A
==================================================
==================================================
Process Name : guard.exe
ProcessID : 1408
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 22
Description : AVG Anti-Spyware guard
Company : GRISOFT s.r.o.
Window Title :
File Size : 312,880
File Created Date : 14/05/1428 12:31:10 م
File Modified Date : 14/05/1428 12:31:10 م
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 13340 K
Mem Usage Peak : 49640 K
Page Faults : 422072
Pagefile Usage : 39612 K
Pagefile Peak Usage : 59024 K
File Attributes : A
==================================================
==================================================
Process Name : MDM.EXE
ProcessID : 1456
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 09:25:00 م
File Modified Date : 19/04/1424 09:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 11/03/1429 07:59:01 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 400 K
Mem Usage Peak : 3284 K
Page Faults : 1856
Pagefile Usage : 3932 K
Pagefile Peak Usage : 3948 K
File Attributes : A
==================================================
==================================================
Process Name : Ati2evxx.exe
ProcessID : 1828
Priority : Normal
Product Name : ATI External Event Utility for WindowsNT and Windows9X
Version : 6.14.10.4119
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 376,832
File Created Date : 19/09/1428 11:51:48 م
File Modified Date : 27/07/1426 05:36:10 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:11 م
Visible Windows : 0
Hidden Windows : 2
User Name : ARABSWELL\Free User
Mem Usage : 560 K
Mem Usage Peak : 4044 K
Page Faults : 1808
Pagefile Usage : 3692 K
Pagefile Peak Usage : 4956 K
File Attributes : A
==================================================
==================================================
Process Name : Explorer.EXE
ProcessID : 1980
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,033,216
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 28/05/1428 10:23:07 ص
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 11/03/1429 07:59:12 م
Visible Windows : 2
Hidden Windows : 29
User Name : ARABSWELL\Free User
Mem Usage : 15248 K
Mem Usage Peak : 52524 K
Page Faults : 1950509
Pagefile Usage : 42584 K
Pagefile Peak Usage : 70900 K
File Attributes : A
==================================================
==================================================
Process Name : RTHDCPL.EXE
ProcessID : 184
Priority : Normal
Product Name : Realtek HD Audio Sound Effect Manager
Version : 2.0.2.1
Description : Realtek HD Audio Control Panel
Company : Realtek Semiconductor Corp.
Window Title :
File Size : 14,864,384
File Created Date : 19/09/1428 11:36:07 م
File Modified Date : 13/09/1426 01:51:40 ص
Filename : C:\WINDOWS\RTHDCPL.EXE
Base Address : 0x00400000
Created On : 11/03/1429 07:59:15 م
Visible Windows : 0
Hidden Windows : 43
User Name : ARABSWELL\Free User
Mem Usage : 1504 K
Mem Usage Peak : 27240 K
Page Faults : 13135
Pagefile Usage : 17008 K
Pagefile Peak Usage : 17020 K
File Attributes : AR
==================================================
==================================================
Process Name : DevDetect.exe
ProcessID : 204
Priority : Normal
Product Name : Device Detector
Version : 4,0,77,0
Description : Device Detector
Company : ACD Systems, Ltd.
Window Title :
File Size : 439,632
File Created Date : 09/08/1428 02:35:40 م
File Modified Date : 09/08/1428 02:35:40 م
Filename : C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:15 م
Visible Windows : 0
Hidden Windows : 3
User Name : ARABSWELL\Free User
Mem Usage : 552 K
Mem Usage Peak : 4784 K
Page Faults : 2727
Pagefile Usage : 5452 K
Pagefile Peak Usage : 5480 K
File Attributes : A
==================================================
==================================================
Process Name : iTune****per.exe
ProcessID : 232
Priority : Normal
Product Name : iTunes
Version : 7.5.0.20
Description : iTune****per Module
Company : Apple Inc.
Window Title :
File Size : 267,048
File Created Date : 02/12/1428 09:10:26 ص
File Modified Date : 02/12/1428 09:10:26 ص
Filename : C:\Program Files\iTunes\iTune****per.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 7
User Name : ARABSWELL\Free User
Mem Usage : 524 K
Mem Usage Peak : 30180 K
Page Faults : 11961
Pagefile Usage : 10796 K
Pagefile Peak Usage : 10960 K
File Attributes : A
==================================================
==================================================
Process Name : zyzoom.exe
ProcessID : 240
Priority : Normal
Product Name : AVG Anti-Spyware
Version : 7, 5, 1, 43
Description : AVG Anti-Spyware
Company : GRISOFT s.r.o.
Window Title :
File Size : 6,731,312
File Created Date : 24/12/1428 03:00:05 ص
File Modified Date : 23/10/1428 01:50:41 ص
Filename : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 25
User Name : ARABSWELL\Free User
Mem Usage : 2620 K
Mem Usage Peak : 50272 K
Page Faults : 406192
Pagefile Usage : 45880 K
Pagefile Peak Usage : 68172 K
File Attributes : A
==================================================
==================================================
Process Name : ctfmon.exe
ProcessID : 252
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:16 م
Visible Windows : 0
Hidden Windows : 5
User Name : ARABSWELL\Free User
Mem Usage : 896 K
Mem Usage Peak : 3404 K
Page Faults : 4351
Pagefile Usage : 1476 K
Pagefile Peak Usage : 1480 K
File Attributes : A
==================================================
==================================================
Process Name : MsnMsgr.Exe
ProcessID : 264
Priority : Normal
Product Name : Messenger
Version : 8.5.1288.0816
Description : Windows Live Messenger
Company : Microsoft Corporation
Window Title :
File Size : 5,728,112
File Created Date : 03/08/1428 01:19:34 م
File Modified Date : 29/09/1428 03:28:52 ص
Filename : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:17 م
Visible Windows : 1
Hidden Windows : 18
User Name : ARABSWELL\Free User
Mem Usage : 3788 K
Mem Usage Peak : 29168 K
Page Faults : 28361
Pagefile Usage : 21308 K
Pagefile Peak Usage : 21772 K
File Attributes : A
==================================================
==================================================
Process Name : GoogleToolbarNotifier.exe
ProcessID : 396
Priority : Normal
Product Name : GoogleToolbarNotifier
Version : 2, 0, 301, 1654
Description : GoogleToolbarNotifier
Company : Google Inc.
Window Title :
File Size : 68,856
File Created Date : 23/09/1428 03:30:33 ص
File Modified Date : 23/09/1428 03:30:34 ص
Filename : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:18 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 424 K
Mem Usage Peak : 5608 K
Page Faults : 7944
Pagefile Usage : 6608 K
Pagefile Peak Usage : 6648 K
File Attributes : A
==================================================
==================================================
Process Name : alg.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:59:21 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 604 K
Mem Usage Peak : 3768 K
Page Faults : 2663
Pagefile Usage : 4168 K
Pagefile Peak Usage : 4212 K
File Attributes : A
==================================================
==================================================
Process Name : svchost.exe
ProcessID : 1056
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 11/03/1429 07:59:22 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 84 K
Mem Usage Peak : 4556 K
Page Faults : 1675
Pagefile Usage : 5852 K
Pagefile Peak Usage : 6004 K
File Attributes : A
==================================================
==================================================
Process Name : Pando.exe
ProcessID : 2520
Priority : Normal
Product Name : pando
Version : 1,9,5,3
Description : pando
Company : Pando Networks
Window Title :
File Size : 6,051,144
File Created Date : 07/02/1429 03:35:32 م
File Modified Date : 07/02/1429 03:35:32 م
Filename : C:\Program Files\Pando Networks\Pando\Pando.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:42 م
Visible Windows : 0
Hidden Windows : 14
User Name : ARABSWELL\Free User
Mem Usage : 10636 K
Mem Usage Peak : 24720 K
Page Faults : 505547
Pagefile Usage : 38456 K
Pagefile Peak Usage : 44952 K
File Attributes :
==================================================
==================================================
Process Name : WinCinemaMgr.exe
ProcessID : 2696
Priority : Normal
Product Name : WinCinema Manager for InterVideo WinCinema products
Version : 2.0.5
Description : WinCinema Manager
Company : InterVideo Inc.
Window Title :
File Size : 278,528
File Created Date : 20/09/1428 12:14:13 ص
File Modified Date : 08/05/1426 03:35:46 ص
Filename : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Base Address : 0x00400000
Created On : 11/03/1429 07:59:48 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 804 K
Mem Usage Peak : 3632 K
Page Faults : 2288
Pagefile Usage : 992 K
Pagefile Peak Usage : 1124 K
File Attributes : A
==================================================
==================================================
Process Name : iPodService.exe
ProcessID : 3040
Priority : Normal
Product Name : iTunes
Version : 7.5.0.20
Description : iPodService Module
Company : Apple Inc.
Window Title :
File Size : 504,104
File Created Date : 02/12/1428 09:10:16 ص
File Modified Date : 02/12/1428 09:10:16 ص
Filename : C:\Program Files\iPod\bin\iPodService.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:00:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 780 K
Mem Usage Peak : 4072 K
Page Faults : 1538
Pagefile Usage : 5756 K
Pagefile Peak Usage : 5784 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 1840
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.1.325
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 227,856
File Created Date : 01/02/1429 03:36:14 م
File Modified Date : 01/02/1429 03:36:14 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:04:17 م
Visible Windows : 0
Hidden Windows : 6
User Name : ARABSWELL\Free User
Mem Usage : 4688 K
Mem Usage Peak : 19792 K
Page Faults : 121828
Pagefile Usage : 14656 K
Pagefile Peak Usage : 23392 K
File Attributes : A
==================================================
==================================================
Process Name : avp.exe
ProcessID : 2664
Priority : Normal
Product Name : Kaspersky Anti-Virus
Version : 7.0.1.325
Description : Kaspersky Anti-Virus
Company : Kaspersky Lab
Window Title :
File Size : 227,856
File Created Date : 01/02/1429 03:36:14 م
File Modified Date : 01/02/1429 03:36:14 م
Filename : C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
Base Address : 0x00400000
Created On : 11/03/1429 08:04:21 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 18556 K
Mem Usage Peak : 96952 K
Page Faults : 11160497
Pagefile Usage : 43360 K
Pagefile Peak Usage : 354272 K
File Attributes : A
==================================================
==================================================
Process Name : ntvdm.exe
ProcessID : 2884
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : NTVDM.EXE
Company : Microsoft Corporation
Window Title :
File Size : 419,840
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\ntvdm.exe
Base Address : 0x0F000000
Created On : 11/03/1429 08:31:23 م
Visible Windows : 0
Hidden Windows : 4
User Name : ARABSWELL\Free User
Mem Usage : 696 K
Mem Usage Peak : 11180 K
Page Faults : 15081
Pagefile Usage : 4584 K
Pagefile Peak Usage : 8112 K
File Attributes : A
==================================================
==================================================
Process Name : mplayerc.exe
ProcessID : 3740
Priority : Normal
Product Name : Media Player Classic
Version : 6, 4, 9, 1
Description : Media Player Classic
Company : Gabest
Window Title :
File Size : 4,304,896
File Created Date : 07/12/1428 12:45:12 م
File Modified Date : 06/11/1428 09:56:12 ص
Filename : C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
Base Address : 0x00400000
Created On : 12/03/1429 03:22:33 م
Visible Windows : 0
Hidden Windows : 27
User Name : ARABSWELL\Free User
Mem Usage : 648 K
Mem Usage Peak : 18120 K
Page Faults : 7630
Pagefile Usage : 11640 K
Pagefile Peak Usage : 13904 K
File Attributes : A
==================================================
==================================================
Process Name : mediaco.exe
ProcessID : 3252
Priority : Normal
Product Name : محول الصوتيات
Version : 7.00
Description : محول الصوتيات
Company : Ozone Media
Window Title : OZO Media - محول الصوتيات والفيديو
File Size : 368,640
File Created Date : 14/11/1428 08:59:34 م
File Modified Date : 24/10/1427 08:52:48 ص
Filename : C:\Program Files\Ozone\Audio Converter\mediaco.exe
Base Address : 0x00400000
Created On : 13/03/1429 01:40:18 ص
Visible Windows : 3
Hidden Windows : 3
User Name : ARABSWELL\Free User
Mem Usage : 2608 K
Mem Usage Peak : 7656 K
Page Faults : 2456
Pagefile Usage : 4076 K
Pagefile Peak Usage : 4080 K
File Attributes : A
==================================================
==================================================
Process Name : iexplore.exe
ProcessID : 1820
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16608 (vista_gdr.071204-1500)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : ركــن برامج الحماية - زيزوووم للأمن والحمايه - Windows Internet Explorer
File Size : 625,664
File Created Date : 19/09/1428 10:17:52 م
File Modified Date : 27/11/1428 11:01:25 ص
Filename : C:\Program Files\Internet Explorer\iexplore.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:18:07 ص
Visible Windows : 1
Hidden Windows : 28
User Name : ARABSWELL\Free User
Mem Usage : 15848 K
Mem Usage Peak : 28776 K
Page Faults : 21331
Pagefile Usage : 37320 K
Pagefile Peak Usage : 37424 K
File Attributes : A
==================================================
==================================================
Process Name : runn.exe
ProcessID : 796
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 13/03/1429 07:20:02 ص
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:20:04 ص
Visible Windows : 0
Hidden Windows : 0
User Name : ARABSWELL\Free User
Mem Usage : 2320 K
Mem Usage Peak : 2320 K
Page Faults : 664
Pagefile Usage : 936 K
Pagefile Peak Usage : 940 K
File Attributes : A
==================================================
==================================================
Process Name : cmd.exe
ProcessID : 2564
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 388,608
File Created Date : 27/10/1423 12:00:00 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 13/03/1429 10:20:04 ص
Visible Windows : 0
Hidden Windows : 1
User Name : ARABSWELL\Free User
Mem Usage : 3244 K
Mem Usage Peak : 3308 K
Page Faults : 911
Pagefile Usage : 2200 K
Pagefile Peak Usage : 2276 K
File Attributes : A
==================================================
==================================================
Process Name : wmiprvse.exe
ProcessID : 384
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 19/09/1428 10:16:08 م
File Modified Date : 27/10/1423 12:00:00 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 13/03/1429 10:20:07 ص
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5956 K
Mem Usage Peak : 5956 K
Page Faults : 1527
Pagefile Usage : 6476 K
Pagefile Peak Usage : 6476 K
File Attributes : A
==================================================
==================================================
Process Name : CProcess.exe
ProcessID : 3948
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 13/03/1429 07:20:02 ص
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\FREEUS~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 13/03/1429 10:20:15 ص
Visible Windows : 0
Hidden Windows : 0
User Name : ARABSWELL\Free User
Mem Usage : 2316 K
Mem Usage Peak : 2352 K
Page Faults : 1070
Pagefile Usage : 968 K
Pagefile Peak Usage : 1640 K
File Attributes : A
==================================================
.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\autochk.exe
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\****l
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.3156
c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RTHDCPL
RTHDCPL.EXE
Realtek HD Audio Control Panel
Realtek Semiconductor Corp.
2.00.0002.0001
c:\windows\rthdcpl.exe
NeroFilterCheck
C:\WINDOWS\system32\NeroCheck.exe
NeroCheck
Ahead Software Gmbh
1.00.0000.0002
c:\windows\system32\nerocheck.exe
Device Detector
DevDetect.exe -autorun
Device Detector
ACD Systems, Ltd.
4.00.0077.0000
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
BearFlix
"C:\Program Files\BearFlix\BearFlix.exe" /pause
File not found: C:\Program Files\BearFlix\BearFlix.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Inc.
7.03.0001.0070
c:\program files\quicktime\qttask.exe
iTune****per
"C:\Program Files\iTunes\iTune****per.exe"
iTune****per Module
Apple Inc.
7.05.0000.0020
c:\program files\itunes\itune****per.exe
!AVG Anti-Spyware
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
AVG Anti-Spyware
GRISOFT s.r.o.
7.05.0001.0043
c:\program files\grisoft\avg anti-spyware 7.5\zyzoom.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
7.00.0001.0325
c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
7.00.0005.0172
c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
InterVideo WinCinema Manager.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
WinCinema Manager
InterVideo Inc.
2.00.0005.0000
c:\program files\intervideo\common\bin\wincinemamgr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.2180
c:\windows\system32\ctfmon.exe
MsnMsgr
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
Windows Live Messenger
Microsoft Corporation
8.05.1288.0816
c:\program files\windows live\messenger\msnmsgr.exe
swg
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
GoogleToolbarNotifier
Google Inc.
2.00.0301.1654
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
BitComet
"C:\Program Files\BitComet\BitComet.exe" /tray
BitComet - a BitTorrent Client
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
0.93.0009.0010
c:\program files\bitcomet\bitcomet.exe
FreeNote
C:\Program Files\FreeNote\freenote.exe
File not found: C:\Program Files\FreeNote\freenote.exe
Pando
"C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
pando
Pando Networks
1.09.0005.0003
c:\program files\pando networks\pando\pando.exe
Task Scheduler
AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Apple Software Update
Apple Inc.
2.00.0002.0092
c:\program files\apple software update\softwareupdate.exe
User_Feed_Synchronization-{B40EAF07-DF3D-4BFB-A6D9-159C49FD9797}.job
C:\WINDOWS\system32\msfeedssync.exe sync
Microsoft Feeds Synchronization
Microsoft Corporation
7.00.5730.0011
c:\windows\system32\msfeedssync.exe
.
.
----------- End Report ---------------
