(( كيف تعرف ان جهازك مخترق بالطريقة الصحيحة ))

الموضوع في 'منتدى [ حلول مشاكل الحاسوب الشائعة ]' بواسطة fahd, بتاريخ ‏مايو 12, 2010.

حالة الموضوع:
مغلق
  1. thamer300

    thamer300 زيزوومي جديد

    إنضم إلينا في:
    ‏يونيو 30, 2008
    المشاركات:
    2
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    0
    الإقامة:
    kuwait
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    السلام عليكم
    لو تكرمت يااافهيدااان (تكفى لا تردني )
    شف تقريري
    =====================
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 07:06:05 AM, on 18/11/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Flock\flock.exe
    C:\Program Files\Wyzo\wyzo.exe
    C:\Program Files\Wyzo\plugin-container.exe
    C:\Zyzoom_Forum_Tools\zyzoom.exe
    C:\Zyzoom_Forum_Tools\zHijak.com
    C:\Windows\system32\msfeedssync.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
    O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files\Zain e-GO\Zain e-GO\Zain e-GO.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: &لوحة مفاتيح ظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: فحص عناوين المواقع (URL) - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    --
    End of file - 6022 bytes

    =========================


    واش المطلوووب بعد؟
     
  2. fahd

    fahd زيزوومي VIP

    إنضم إلينا في:
    ‏ديسمبر 5, 2007
    المشاركات:
    5,572
    الإعجابات المتلقاة:
    3,273
    نقاط الجائزة:
    1,220
    الإقامة:
    k.s.a
    برامج الحماية:
    اخرى
    نظام التشغيل:
    أخرى
    fahd,
    1 person likes this.
  3. الوافي010

    الوافي010 زيزوومي جديد

    إنضم إلينا في:
    ‏نوفمبر 16, 2011
    المشاركات:
    14
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    20
    برامج الحماية:
    avast
    نظام التشغيل:
    Windows XP
    هاذا تقريري وأنشالله ترد علي فقرب فرصه أوك:openmouth:k:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:14:35 ص, on 20/11/2011
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\sttray.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\kuz\My Documents\Downloads\HiJackThis.exe

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
    O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [GSISETUP] E:\Driver\DSL-20~2\setup.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

    --
    End of file - 5886 bytes
     
  4. العاني

    العاني زيزوومي جديد

    إنضم إلينا في:
    ‏سبتمبر 6, 2011
    المشاركات:
    1
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    0
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    السلام عليكم حبيت بغد تجربة الاداة انزلكم التقرير .

    *********** تقرير الهايجاك ***********
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:17:26 م, on 21/11/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\netcut\services\AIPS.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\netcut\netcut.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Hotspot Shield\bin\openvpntray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\No-IP\DUC20.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    D:\مجلدغريب\Apocalypse143\Apocalypse143\Client.exe
    C:\WINDOWS\System32\NOTEPAD.EXE
    C:\Documents and Settings\عمر\My Documents\Downloads\Compressed\مجلد جديد (4)\Zyzoom_Report_Tool.exe
    C:\DOCUME~1\2A0D~1\LOCALS~1\Temp\Ht.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O1 - Hosts: 190.168.1.3 alani230.no-ip.biz
    O1 - Hosts: 190.168.1.3 alani230.no-ip.biz
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [srv32win] C:\Program Files\NetServer\netserve.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] 0
    O4 - HKCU\..\Run: [srv32win] C:\Program Files\NetServer\netserve.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O13 - Gopher Prefix:
    O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files\netcut\services\AIPS.exe
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

    --
    End of file - 6734 bytes


    *********** تقرير مسجل النظام ***********

    "Silent Runners.vbs", revision 60, http://www.silentrunners.org/
    Operating System: Windows XP SP3
    Search enabled of all directories on local fixed drives for DESKTOP.INI
    DLL launch points
    Output limited to non-default values, except where indicated by "{++}"


    Startup items buried in registry:
    ---------------------------------

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
    "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
    "IDMan" = "C:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]
    "Wisdom-soft AutoScreenRecorder 3.1 Pro" = "0" [file not found]
    "srv32win" = "C:\Program Files\NetServer\netserve.exe" ["Retina-X Studios, LLC"]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
    "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
    "IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
    "HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
    "TkBellExe" = ""C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot" ["RealNetworks, Inc."]
    "avgnt" = ""C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min" ["Avira Operations GmbH & Co. KG"]
    "SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."]
    "srv32win" = "C:\Program Files\NetServer\netserve.exe" ["Retina-X Studios, LLC"]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
    -> {HKLM...CLSID} = "IDM integration (IDMIEHlprObj Class)"
    \InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Internet Download Manager, Tonec Inc."]

    {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "مساعد تسجيل الدخول إلى Windows Live"
    \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]

    {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
    \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]

    {E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"
    \InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]

    {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\(Default) = (no title provided)
    -> {HKLM...CLSID} = "Hotspot Shield Class"
    \InProcServer32\(Default) = "C:\Program Files\Hotspot Shield\HssIE\HssIE.dll" ["AnchorFree Inc."]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

    IDM Shell Extension\(Default) = "{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
    -> {HKLM...CLSID} = "IDM Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "ملحق Display Panning CPL"
    -> {HKLM...CLSID} = "ملحق Display Panning CPL"
    \InProcServer32\(Default) = "deskpan.dll" [file not found]

    "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
    -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

    "{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
    -> {HKLM...CLSID} = "History Band"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]

    "{CDC95B92-E27C-4745-A8C5-64A52A78855D}" = "IDM Shell Extension"
    -> {HKLM...CLSID} = "IDM Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]

    "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
    -> {HKLM...CLSID} = "RealOne Player Context Menu Class"
    \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]

    "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning"
    -> {HKLM...CLSID} = "Shell Extension for Malware scanning"
    \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira Operations GmbH & Co. KG"]

    "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

    "{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "أجهزة التوصيل والتشغيل العالمي"
    -> {HKLM...CLSID} = "أجهزة التوصيل والتشغيل العالمي"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

    "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
    -> {HKLM...CLSID} = "WPDShServiceObj Class"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
    <<!>> igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]

    HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

    <<!>> livecall\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
    -> {HKLM...CLSID} = (no title provided)
    \InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]

    <<!>> msnim\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
    -> {HKLM...CLSID} = (no title provided)
    \InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]

    HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

    Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
    -> {HKLM...CLSID} = "Shell Extension for Malware scanning"
    \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira Operations GmbH & Co. KG"]

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

    HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

    HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

    HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

    igfxcui\(Default) = "{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}"
    -> {HKLM...CLSID} = "GraphicsShellExt Class"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\igfxpph.dll" ["Intel Corporation"]

    HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

    Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
    -> {HKLM...CLSID} = "Shell Extension for Malware scanning"
    \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira Operations GmbH & Co. KG"]

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

    HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
    -> {HKLM...CLSID} = "WinRAR"
    \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]


    Group Policies {GPedit.msc branch and setting}:
    -----------------------------------------------

    Note: detected settings may not have any effect.

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

    "NoSMHelp" = (REG_DWORD) dword:0x00000001
    {User Configuration|Administrative Templates|Start Menu and Taskbar|
    Remove Help menu from Start Menu}


    Active Desktop and Wallpaper:
    -----------------------------

    Active Desktop may be disabled at this entry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

    Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
    HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
    "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

    Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
    HKCU\Control Panel\Desktop\
    "Wallpaper" = "C:\Documents and Settings\عمر\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


    Enabled Screen Saver:
    ---------------------

    HKCU\Control Panel\Desktop\
    "SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS]


    Windows Portable Device AutoPlay Handlers
    -----------------------------------------

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

    GOMPlayDVDOnArrival\
    "Provider" = "GOM Player"
    "InvokeProgID" = "GomPlayer.DVD"
    "InvokeVerb" = "open"
    HKLM\SOFTWARE\Classes\GomPlayer.DVD\shell\open\command\(Default) = ""C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"" ["Gretech Corp."]

    GOMPlayMediaOnArrival\
    "Provider" = "GOM Player"
    "InvokeProgID" = "GomPlayer.MediaFile"
    "InvokeVerb" = "open"
    HKLM\SOFTWARE\Classes\GomPlayer.MediaFile\shell\open\command\(Default) = ""C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"" ["Gretech Corp."]
    HKLM\SOFTWARE\Classes\GomPlayer.MediaFile\shell\open\DropTarget\CLSID = "{D0F0AD6B-ECCC-401E-8E71-C4363D41399C}"
    -> {HKLM...CLSID} = (no title provided)
    \LocalServer32\(Default) = "C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.exe" ["Gretech Corp."]

    MSWPDShellNamespaceHandler\
    "Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
    "CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
    "InitCmdLine" = " "
    -> {HKLM...CLSID} = "WPDShextAutoplay"
    \LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]

    RPCDBurningOnArrival\
    "Provider" = "RealPlayer"
    "InvokeProgID" = "RealPlayer.CDBurn.6"
    "InvokeVerb" = "open"
    HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]

    RPDeviceOnArrival\
    "Provider" = "RealPlayer"
    "ProgID" = "RealPlayer.HWEventHandler"
    HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = "{67E76F1D-BDE2-4052-913C-2752366192D2}"
    -> {HKLM...CLSID} = "RealNetworks Scheduler"
    \LocalServer32\(Default) = ""C:\Program Files\Real\RealPlayer\Update\realsched.exe" -autoplay" ["RealNetworks, Inc."]

    RPDVDBurningOnArrival\
    "Provider" = "RealPlayer"
    "InvokeProgID" = "RealPlayer.DVDBurn.6"
    "InvokeVerb" = "open"
    HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burndvd "%1"" ["RealNetworks, Inc."]

    RPPlayCDAudioOnArrival\
    "Provider" = "RealPlayer"
    "InvokeProgID" = "RealPlayer.AudioCD.6"
    "InvokeVerb" = "play"
    HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /play %1 " ["RealNetworks, Inc."]

    RPPlayDVDMovieOnArrival\
    "Provider" = "RealPlayer"
    "InvokeProgID" = "RealPlayer.DVD.6"
    "InvokeVerb" = "play"
    HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /dvd %1 " ["RealNetworks, Inc."]

    RPPlayMediaOnArrival\
    "Provider" = "RealPlayer"
    "InvokeProgID" = "RealPlayer.AutoPlay.6"
    "InvokeVerb" = "open"
    HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]


    DESKTOP.INI DLL launch in local fixed drive directories:
    --------------------------------------------------------

    C:\WINDOWS\Offline Web Pages\DESKTOP.INI
    [.ShellClassInfo]
    CLSID={F5175861-2688-11d0-9C5E-00AA00A45957}
    -> {HKLM...CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\webcheck.dll" [MS]


    Enabled Scheduled Tasks:
    ------------------------

    "RealUpgradeLogonTaskS-1-5-21-1801674531-606747145-1644491937-1001" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]
    "RealUpgradeScheduledTaskS-1-5-21-1801674531-606747145-1644491937-1001" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]


    Winsock2 Service Provider DLLs:
    -------------------------------

    Namespace Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
    000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
    000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
    000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    Transport Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
    %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
    %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


    Toolbars, Explorer Bars, Extensions:
    ------------------------------------

    Extensions (Tools menu items, main toolbar menu buttons)

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    {E2E2DD38-D088-4134-82B7-F2BA38496583}\
    "MenuText" = "@xpsp3res.dll,-20001"
    "Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]


    HOSTS file
    ----------

    C:\WINDOWS\System32\drivers\etc\HOSTS

    maps: 3 domain names to IP addresses,
    2 of the IP addresses are *not* localhost!


    Running Services (Display Name, Service Name, Path {Service DLL}):
    ------------------------------------------------------------------

    Arp Intelligent Protection Service, AIPS, "C:\Program Files\netcut\services\AIPS.exe" ["Arcai.com"]
    Avira Realtime Protection, AntiVirService, ""C:\Program Files\Avira\AntiVir Desktop\avguard.exe"" ["Avira Operations GmbH & Co. KG"]
    Avira Scheduler, AntiVirSchedulerService, ""C:\Program Files\Avira\AntiVir Desktop\sched.exe"" ["Avira Operations GmbH & Co. KG"]
    Hotspot Shield Monitoring Service, HssWd, "C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS" [null data]
    Hotspot Shield Routing Service, HssSrv, "C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe" ["AnchorFree Inc."]
    Hotspot Shield Service, hshld, "C:\Program Files\Hotspot Shield\bin\openvpnas.exe" [null data]
    Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]


    ---------- (launch time: 2011-11-21 21:17:30)
    <<!>>: Suspicious data at a malware launch point.

    + This report excludes default entries except where indicated.
    + To see *everywhere* the script checks and *everything* it finds,
    launch it from a command prompt or a shortcut with the -all parameter.
    + The search for DESKTOP.INI DLL launch points on all local fixed drives
    took 34 seconds.
    ---------- (total run time: 71 seconds)


    *********** جميع عمليات الذاكرة ***********

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\netcut\services\AIPS.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\netcut\netcut.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Hotspot Shield\bin\openvpntray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\No-IP\DUC20.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    D:\مجلدغريب\Apocalypse143\Apocalypse143\Client.exe
    C:\WINDOWS\System32\NOTEPAD.EXE
    C:\Documents and Settings\عمر\My Documents\Downloads\Compressed\مجلد جديد (4)\Zyzoom_Report_Tool.exe


    *********** عمليات الذاكره الغير موقعه رقميا _ بدون عمليات النظام _ ***********

    C:\Program Files\netcut\services\AIPS.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\netcut\netcut.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\No-IP\DUC20.exe
    D:\مجلدغريب\Apocalypse143\Apocalypse143\Client.exe
    C:\WINDOWS\System32\NOTEPAD.EXE
    C:\Documents and Settings\عمر\My Documents\Downloads\Compressed\مجلد جديد (4)\Zyzoom_Report_Tool.exe


    *********** المجلدات والملفات التي تم انشاؤها في آخر شهر ***********

    2011-11-21 21:17:24 ----A---- C:\zzlog.txt
    2011-11-21 21:17:24 ----A---- C:\WINDOWS\system32\Gif89.dll
    2011-11-21 20:50:43 ----D---- C:\Program Files\PC Icon Extractor
    2011-11-21 20:50:43 ----D---- C:\Program Files\Common Files\Program4Pc
    2011-11-21 20:50:43 ----A---- C:\WINDOWS\PC Icon Extractor Uninstaller.exe
    2011-11-20 22:47:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2011-11-20 19:45:50 ----D---- C:\WINDOWS\system32\NtmsData
    2011-11-20 12:36:41 ----HD---- C:\Windupdt
    2011-11-20 02:36:28 ----D---- C:\Program Files\Star Downloader
    2011-11-20 02:29:29 ----D---- C:\Program Files\VirusTotalUploader2
    2011-11-19 19:53:45 ----D---- C:\Program Files\MyLanViewer
    2011-11-19 16:25:02 ----D---- C:\WINDOWS\system32\appmgmt
    2011-11-19 16:15:10 ----SHD---- C:\RECYCLER
    2011-11-19 16:05:59 ----D---- C:\Documents and Settings\عمر\Application Data\SmartCode Solutions
    2011-11-19 15:59:49 ----RSD---- C:\WINDOWS\assembly
    2011-11-19 15:59:14 ----D---- C:\WINDOWS\system32\en-US
    2011-11-19 15:59:08 ----D---- C:\Program Files\Microsoft.NET
    2011-11-19 15:59:06 ----D---- C:\WINDOWS\Microsoft.NET
    2011-11-19 15:48:38 ----D---- C:\Documents and Settings\All Users\Application Data\webcamXP 5
    2011-11-19 15:48:34 ----D---- C:\Program Files\wLite
    2011-11-19 15:47:04 ----D---- C:\Documents and Settings\عمر\Application Data\GetRightToGo
    2011-11-19 15:36:44 ----D---- C:\Documents and Settings\عمر\Application Data\EMCO
    2011-11-19 15:36:43 ----D---- C:\Documents and Settings\All Users\Application Data\EMCO
    2011-11-19 15:28:36 ----D---- C:\Documents and Settings\عمر\Application Data\FileZilla
    2011-11-19 04:58:17 ----D---- C:\WINDOWS\pss
    2011-11-19 04:03:03 ----D---- C:\Program Files\No-IP
    2011-11-19 03:37:59 ----D---- C:\Documents and Settings\All Users\Application Data\hssff
    2011-11-19 02:31:56 ----A---- C:\WINDOWS\system32\h323log.txt
    2011-11-19 02:30:50 ----A---- C:\WINDOWS\system32\usbui.dll
    2011-11-19 02:29:45 ----A---- C:\WINDOWS\imsins.BAK
    2011-11-19 02:29:42 ----SHD---- C:\WINDOWS\Installer
    2011-11-19 02:29:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2011-11-19 02:29:41 ----D---- C:\Program Files\Common Files\ODBC
    2011-11-19 02:29:41 ----A---- C:\WINDOWS\ODBCINST.INI
    2011-11-19 02:29:37 ----RD---- C:\Program Files
    2011-11-19 02:29:37 ----D---- C:\Program Files\Common Files\SpeechEngines
    2011-11-19 02:29:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2011-11-19 02:29:37 ----D---- C:\Program Files\Common Files
    2011-11-19 02:29:18 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2011-11-19 02:29:18 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2011-11-19 02:29:18 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2011-11-19 02:29:15 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2011-11-19 02:29:12 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2011-11-19 02:29:10 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2011-11-19 02:29:10 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2011-11-19 02:29:10 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2011-11-19 02:29:10 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2011-11-19 02:29:10 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2011-11-19 02:29:08 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2011-11-19 02:29:08 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2011-11-19 02:29:08 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2011-11-19 02:29:08 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2011-11-19 02:29:07 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2011-11-19 02:29:03 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
    2011-11-19 02:29:03 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
    2011-11-19 02:29:03 ----RA---- C:\WINDOWS\system32\kbdarme.dll
    2011-11-19 02:29:03 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
    2011-11-19 02:29:02 ----RA---- C:\WINDOWS\system32\kbdintel.dll
    2011-11-19 02:29:02 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
    2011-11-19 02:29:02 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
    2011-11-19 02:29:02 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
    2011-11-19 02:29:01 ----RA---- C:\WINDOWS\system32\kbdintam.dll
    2011-11-19 02:29:01 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
    2011-11-19 02:29:01 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
    2011-11-19 02:29:01 ----RA---- C:\WINDOWS\system32\kbdindev.dll
    2011-11-19 02:29:01 ----A---- C:\WINDOWS\system32\c_iscii.dll
    2011-11-19 02:29:00 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
    2011-11-19 02:28:58 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
    2011-11-19 02:28:58 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
    2011-11-19 02:28:57 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
    2011-11-19 02:28:57 ----RA---- C:\WINDOWS\system32\kbdfa.dll
    2011-11-19 02:28:57 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
    2011-11-19 02:28:57 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
    2011-11-19 02:28:57 ----A---- C:\WINDOWS\system32\kbdusa.dll
    2011-11-19 02:28:52 ----RA---- C:\WINDOWS\system32\kbdheb.dll
    2011-11-19 02:28:43 ----RA---- C:\WINDOWS\system32\kbdth3.dll
    2011-11-19 02:28:43 ----RA---- C:\WINDOWS\system32\kbdth2.dll
    2011-11-19 02:28:43 ----RA---- C:\WINDOWS\system32\kbdth1.dll
    2011-11-19 02:28:43 ----RA---- C:\WINDOWS\system32\kbdth0.dll
    2011-11-19 02:28:43 ----A---- C:\WINDOWS\system32\ftlx041e.dll
    2011-11-19 02:28:40 ----A---- C:\WINDOWS\system32\irclass.dll
    2011-11-19 02:28:40 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2011-11-19 02:28:40 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2011-11-19 02:28:39 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2011-11-19 02:28:39 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2011-11-19 02:28:36 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2011-11-19 02:28:36 ----A---- C:\WINDOWS\TASKMAN.EXE
    2011-11-19 02:28:36 ----A---- C:\WINDOWS\system32\batt.dll
    2011-11-19 02:28:35 ----A---- C:\WINDOWS\NOTEPAD.EXE
    2011-11-19 02:28:34 ----A---- C:\WINDOWS\system32\storprop.dll
    2011-11-19 02:28:26 ----ASH---- C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\desktop.ini
    2011-11-19 02:28:26 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2011-11-19 02:26:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2011-11-19 02:26:18 ----D---- C:\WINDOWS\system32\CatRoot
    2011-11-19 02:26:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2011-11-19 02:25:54 ----A---- C:\WINDOWS\setuplog.txt
    2011-11-19 02:25:51 ----D---- C:\Documents and Settings
    2011-11-19 02:25:17 ----SH---- C:\boot.ini
    2011-11-19 02:25:14 ----A---- C:\WINDOWS\system32\$winnt$.inf
    2011-11-19 02:08:00 ----SHD---- C:\System Volume Information
    2011-11-19 02:01:38 ----D---- C:\temp
    2011-11-19 01:52:57 ----SD---- C:\WINDOWS\Offline Web Pages
    2011-11-19 01:52:57 ----SD---- C:\WINDOWS\Downloaded Program Files
    2011-11-19 01:52:57 ----RSD---- C:\WINDOWS\Fonts
    2011-11-19 01:52:57 ----RD---- C:\WINDOWS\Web
    2011-11-19 01:52:57 ----HD---- C:\WINDOWS\inf
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\WinSxS
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\WBEM
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\twain_32
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Temp
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\wins
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\wbem
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\usmt
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\spool
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\ShellExt
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\Setup
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\ras
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\oobe
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\npp
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\mui
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\inetsrv
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\IME
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\icsxml
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\ias
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\export
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\drivers
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\dhcp
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\config
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\ar-sa
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\ar
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\3com_dmi
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\3076
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\2052
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1054
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1042
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1041
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1037
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1033
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1031
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1028
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32\1025
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system32
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\system
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\security
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Resources
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\repair
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Provisioning
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\PeerNet
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\PCHealth
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\NLDRV
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Network Diagnostic
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\mui
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\msapps
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\msagent
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Media
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\L2Schemas
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\java
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\ime
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Help
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\ehome
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Driver Cache
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Debug
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Cursors
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Connection Wizard
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\Config
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\AppPatch
    2011-11-19 01:52:57 ----D---- C:\WINDOWS\addins
    2011-11-19 01:52:57 ----D---- C:\WINDOWS
    2011-11-19 01:27:10 ----D---- C:\Documents and Settings\All Users\Application Data\NSPData
    2011-11-19 01:27:00 ----D---- C:\Program Files\NetServer
    2011-11-19 01:12:56 ----D---- C:\Program Files\WinPcap
    2011-11-19 01:12:48 ----D---- C:\Program Files\netcut
    2011-11-19 01:10:15 ----D---- C:\WINDOWS\Sun
    2011-11-19 00:53:40 ----D---- C:\WINDOWS\SoftwareDistribution
    2011-11-19 00:53:30 ----SD---- C:\WINDOWS\system32\Microsoft
    2011-11-19 00:53:30 ----D---- C:\WINDOWS\Prefetch
    2011-11-19 00:53:29 ----A---- C:\WINDOWS\SchedLgU.Txt
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxzoom.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxtray.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxress.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxpph.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxhk.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxext.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxexps.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxeud.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxdo.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxdiag.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxdgps.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxdev.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\igfxcfg.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmrem.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmgicd.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmgdev.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmdev5.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\ialmdd5.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\iAlmCoIn_v3889.dll
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\hkcmd.exe
    2011-11-19 00:51:55 ----A---- C:\WINDOWS\system32\hccutils.dll
    2011-11-19 00:51:49 ----RA---- C:\WINDOWS\system32\FltrCoi.dll
    2011-11-19 00:51:49 ----RA---- C:\WINDOWS\LoadDll.dll
    2011-11-19 00:51:29 ----A---- C:\WINDOWS\system32\NicInst.dll
    2011-11-19 00:51:29 ----A---- C:\WINDOWS\system32\NicCo2.dll
    2011-11-19 00:51:29 ----A---- C:\WINDOWS\system32\e100bmsg.dll
    2011-11-19 00:46:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2011-11-19 00:45:59 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
    2011-11-19 00:45:59 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
    2011-11-19 00:45:59 ----A---- C:\WINDOWS\SOUNDMAN.EXE
    2011-11-19 00:45:59 ----A---- C:\WINDOWS\Alcrmv.exe
    2011-11-19 00:45:49 ----A---- C:\WINDOWS\system32\ksuser.dll
    2011-11-19 00:45:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2011-11-19 00:45:45 ----A---- C:\WINDOWS\system32\sfms32.dll
    2011-11-19 00:45:45 ----A---- C:\WINDOWS\system32\sfman32.dll
    2011-11-19 00:45:45 ----A---- C:\WINDOWS\system32\P16Xres.dll
    2011-11-19 00:45:45 ----A---- C:\WINDOWS\system32\P16X.dll
    2011-11-19 00:45:45 ----A---- C:\WINDOWS\system32\A3d.dll
    2011-11-19 00:41:42 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2011-11-19 00:38:19 ----N---- C:\WINDOWS\system32\spmsg.dll
    2011-11-19 00:38:18 ----HD---- C:\WINDOWS\$hf_mig$
    2011-11-19 00:38:09 ----A---- C:\WINDOWS\control.ini
    2011-11-19 00:38:09 ----A---- C:\AUTOEXEC.BAT
    2011-11-19 00:37:54 ----A---- C:\WINDOWS\OEWABLog.txt
    2011-11-19 00:37:51 ----A---- C:\WINDOWS\system32\mapi32.dll
    2011-11-19 00:37:50 ----D---- C:\WINDOWS\system32\dllcache
    2011-11-19 00:37:18 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2011-11-19 00:37:15 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2011-11-19 00:37:11 ----HD---- C:\Program Files\WindowsUpdate
    2011-11-19 00:37:08 ----D---- C:\Program Files\Online Services
    2011-11-19 00:36:58 ----D---- C:\Program Files\Windows Media Connect 2
    2011-11-19 00:36:38 ----D---- C:\WINDOWS\system32\DirectX
    2011-11-19 00:36:07 ----D---- C:\Program Files\Common Files\Java
    2011-11-19 00:35:52 ----A---- C:\WINDOWS\system32\javaws.exe
    2011-11-19 00:35:52 ----A---- C:\WINDOWS\system32\javaw.exe
    2011-11-19 00:35:52 ----A---- C:\WINDOWS\system32\java.exe
    2011-11-19 00:35:28 ----A---- C:\WINDOWS\system32\desktop.ini
    2011-11-19 00:35:28 ----A---- C:\WINDOWS\desktop.ini
    2011-11-19 00:35:20 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2011-11-19 00:35:19 ----D---- C:\Program Files\Common Files\Services
    2011-11-19 00:35:19 ----A---- C:\WINDOWS\system32\acctres.dll
    2011-11-19 00:35:16 ----SD---- C:\WINDOWS\Tasks
    2011-11-19 00:35:16 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2011-11-19 00:35:14 ----D---- C:\Program Files\Common Files\MSSoap
    2011-11-19 00:35:07 ----D---- C:\WINDOWS\system32\Macromed
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wuweb.dll
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wups.dll
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wucltui.dll
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2011-11-19 00:35:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\wuapi.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\qmgr.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\bitsprx4.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2011-11-19 00:35:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2011-11-19 00:34:58 ----D---- C:\Program Files\Movie Maker
    2011-11-19 00:34:34 ----D---- C:\WINDOWS\system32\Restore
    2011-11-19 00:34:34 ----A---- C:\WINDOWS\system32\srsvc.dll
    2011-11-19 00:34:34 ----A---- C:\WINDOWS\system32\srrstr.dll
    2011-11-19 00:34:34 ----A---- C:\WINDOWS\system32\srclient.dll
    2011-11-19 00:34:34 ----A---- C:\WINDOWS\system32\fltMc.exe
    2011-11-19 00:34:34 ----A---- C:\WINDOWS\system32\fltlib.dll
    2011-11-19 00:34:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2011-11-19 00:34:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2011-11-19 00:34:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2011-11-19 00:34:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2011-11-19 00:34:33 ----A---- C:\WINDOWS\system32\ils.dll
    2011-11-19 00:34:32 ----A---- C:\WINDOWS\system32\msconf.dll
    2011-11-19 00:34:29 ----D---- C:\Program Files\NetMeeting
    2011-11-19 00:34:29 ----A---- C:\WINDOWS\system32\msoert2.dll
    2011-11-19 00:34:29 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2011-11-19 00:34:28 ----A---- C:\WINDOWS\system32\inetres.dll
    2011-11-19 00:34:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2011-11-19 00:34:25 ----D---- C:\Program Files\Outlook Express
    2011-11-19 00:34:25 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2011-11-19 00:34:25 ----A---- C:\WINDOWS\system32\mstinit.exe
    2011-11-19 00:34:25 ----A---- C:\WINDOWS\system32\mstask.dll
    2011-11-19 00:34:25 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2011-11-19 00:34:25 ----A---- C:\WINDOWS\system32\icwdial.dll
    2011-11-19 00:34:24 ----A---- C:\WINDOWS\system32\isign32.dll
    2011-11-19 00:34:24 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2011-11-19 00:34:17 ----D---- C:\Program Files\Common Files\System
    2011-11-19 00:34:16 ----D---- C:\Program Files\Internet Explorer
    2011-11-19 00:33:43 ----D---- C:\Program Files\ComPlus Applications
    2011-11-19 00:33:41 ----A---- C:\WINDOWS\vbaddin.ini
    2011-11-19 00:33:41 ----A---- C:\WINDOWS\vb.ini
    2011-11-19 00:33:38 ----D---- C:\WINDOWS\Registration
    2011-11-19 00:33:32 ----D---- C:\Program Files\Windows Media Player
    2011-11-19 00:33:27 ----A---- C:\WINDOWS\system32\write.exe
    2011-11-19 00:33:20 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2011-11-19 00:33:20 ----A---- C:\WINDOWS\system32\hticons.dll
    2011-11-19 00:33:20 ----A---- C:\WINDOWS\system32\avwav.dll
    2011-11-19 00:33:20 ----A---- C:\WINDOWS\system32\avmeter.dll
    2011-11-19 00:33:19 ----A---- C:\WINDOWS\system32\winchat.exe
    2011-11-19 00:33:19 ----A---- C:\WINDOWS\system32\avtapi.dll
    2011-11-19 00:33:11 ----A---- C:\WINDOWS\system32\getuname.dll
    2011-11-19 00:33:11 ----A---- C:\WINDOWS\system32\charmap.exe
    2011-11-19 00:33:10 ----A---- C:\WINDOWS\system32\winmine.exe
    2011-11-19 00:33:10 ----A---- C:\WINDOWS\system32\sol.exe
    2011-11-19 00:33:10 ----A---- C:\WINDOWS\system32\mshearts.exe
    2011-11-19 00:33:10 ----A---- C:\WINDOWS\system32\freecell.exe
    2011-11-19 00:33:10 ----A---- C:\WINDOWS\system32\calc.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\tslabels.ini
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\tskill.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\tscon.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\shadow.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\reset.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\regini.exe
    2011-11-19 00:33:09 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\msg.exe
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\logoff.exe
    2011-11-19 00:33:08 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2011-11-19 00:33:01 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2011-11-19 00:33:00 ----A---- C:\WINDOWS\system32\accwiz.exe
    2011-11-19 00:32:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2011-11-19 00:32:59 ----A---- C:\WINDOWS\system32\mplay32.exe
    2011-11-19 00:32:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2011-11-19 00:32:58 ----RA---- C:\WINDOWS\system32\mspaint.exe
    2011-11-19 00:32:58 ----D---- C:\Program Files\Windows NT
    2011-11-19 00:32:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2011-11-19 00:32:57 ----A---- C:\WINDOWS\system32\spider.exe
    2011-11-19 00:32:56 ----A---- C:\WINDOWS\system32\tsgqec.dll
    2011-11-19 00:32:56 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2011-11-19 00:32:56 ----A---- C:\WINDOWS\system32\rhttpaa.dll
    2011-11-19 00:32:56 ----A---- C:\WINDOWS\system32\aaclient.dll
    2011-11-19 00:32:54 ----RA---- C:\WINDOWS\system32\mstscax.dll
    2011-11-19 00:32:54 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2011-11-19 00:32:54 ----A---- C:\WINDOWS\system32\remotepg.dll
    2011-11-19 00:32:54 ----A---- C:\WINDOWS\system32\rdshost.exe
    2011-11-19 00:32:54 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2011-11-19 00:32:54 ----A---- C:\WINDOWS\system32\mstsc.exe
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\termsrv.dll
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\rdchost.dll
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\qprocess.exe
    2011-11-19 00:32:53 ----A---- C:\WINDOWS\system32\icaapi.dll
    2011-11-19 00:32:52 ----RA---- C:\WINDOWS\system32\mtxoci.dll
    2011-11-19 00:32:52 ----RA---- C:\WINDOWS\system32\msdtcuiu.dll
    2011-11-19 00:32:52 ----RA---- C:\WINDOWS\system32\msdtcprx.dll
    2011-11-19 00:32:52 ----D---- C:\WINDOWS\system32\MsDtc
    2011-11-19 00:32:52 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2011-11-19 00:32:51 ----RA---- C:\WINDOWS\system32\msdtctm.dll
    2011-11-19 00:32:51 ----RA---- C:\WINDOWS\system32\msdtclog.dll
    2011-11-19 00:32:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2011-11-19 00:32:51 ----A---- C:\WINDOWS\system32\msdtc.exe
    2011-11-19 00:32:50 ----D---- C:\WINDOWS\system32\Com
    2011-11-19 00:32:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2011-11-19 00:32:50 ----A---- C:\WINDOWS\system32\mtxex.dll
    2011-11-19 00:32:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
    2011-11-19 00:32:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2011-11-19 00:32:50 ----A---- C:\WINDOWS\system32\colbact.dll
    2011-11-19 00:32:49 ----A---- C:\WINDOWS\system32\stclient.dll
    2011-11-19 00:32:49 ----A---- C:\WINDOWS\system32\comrepl.dll
    2011-11-19 00:32:49 ----A---- C:\WINDOWS\system32\comaddin.dll
    2011-11-19 00:32:49 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2011-11-19 00:32:49 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2011-11-19 00:32:48 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2011-11-19 00:32:48 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2011-11-19 00:32:48 ----A---- C:\WINDOWS\system32\catsrv.dll
    2011-11-19 00:32:47 ----A---- C:\WINDOWS\system32\comuid.dll
    2011-11-19 00:32:47 ----A---- C:\WINDOWS\system32\comsnap.dll
    2011-11-19 00:32:47 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2011-11-19 00:32:39 ----A---- C:\WINDOWS\system32\servdeps.dll
    2011-11-19 00:32:39 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2011-11-19 00:32:39 ----A---- C:\WINDOWS\system32\licwmi.dll
    2011-11-19 00:32:38 ----A---- C:\WINDOWS\system32\cmprops.dll
    2011-11-19 00:25:09 ----D---- C:\Documents and Settings\عمر\Application Data\Mozilla
    2011-11-19 00:25:04 ----D---- C:\Program Files\Mozilla Firefox
    2011-11-19 00:24:40 ----D---- C:\Documents and Settings\عمر\Application Data\WinRAR
    2011-11-19 00:24:38 ----D---- C:\Program Files\WinRAR
    2011-11-19 00:22:00 ----D---- C:\Hotspot Shield
    2011-11-19 00:21:50 ----D---- C:\Program Files\Hotspot Shield
    2011-11-19 00:18:56 ----D---- C:\Documents and Settings\عمر\Application Data\Avira
    2011-11-19 00:18:26 ----D---- C:\Program Files\Avira
    2011-11-19 00:18:26 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2011-11-19 00:17:35 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
    2011-11-19 00:17:25 ----A---- C:\WINDOWS\system32\deployJava1.dll
    2011-11-19 00:17:17 ----D---- C:\Program Files\Java
    2011-11-19 00:16:32 ----D---- C:\Documents and Settings\عمر\Application Data\Sun
    2011-11-19 00:15:17 ----D---- C:\Program Files\Microsoft
    2011-11-19 00:15:02 ----D---- C:\Program Files\Windows Live SkyDrive
    2011-11-19 00:14:52 ----D---- C:\Program Files\Windows Live
    2011-11-19 00:12:58 ----D---- C:\Program Files\Common Files\Windows Live
    2011-11-19 00:12:45 ----D---- C:\Documents and Settings\عمر\Application Data\Macromedia
    2011-11-19 00:12:13 ----D---- C:\Program Files\Common Files\xing shared
    2011-11-19 00:12:09 ----A---- C:\WINDOWS\system32\rmoc3260.dll
    2011-11-19 00:12:07 ----A---- C:\WINDOWS\system32\pndx5032.dll
    2011-11-19 00:12:07 ----A---- C:\WINDOWS\system32\pndx5016.dll
    2011-11-19 00:12:06 ----A---- C:\WINDOWS\system32\msvcp71.dll
    2011-11-19 00:12:04 ----D---- C:\Program Files\Real
    2011-11-19 00:12:04 ----D---- C:\Documents and Settings\All Users\Application Data\Real
    2011-11-19 00:12:03 ----D---- C:\Documents and Settings\عمر\Application Data\Real
    2011-11-19 00:07:52 ----D---- C:\Documents and Settings\عمر\Application Data\GRETECH
    2011-11-19 00:07:50 ----D---- C:\Documents and Settings\عمر\Application Data\Adobe
    2011-11-19 00:07:44 ----D---- C:\Program Files\GRETECH
    2011-11-19 00:07:15 ----D---- C:\Program Files\XP Codec Pack
    2011-11-19 00:06:10 ----D---- C:\Program Files\Internet Download Manager
    2011-11-19 00:05:41 ----D---- C:\Documents and Settings\عمر\Application Data\IDM
    2011-11-19 00:05:41 ----D---- C:\Documents and Settings\عمر\Application Data\DMCache
    2011-11-19 00:01:45 ----A---- C:\WINDOWS\system32\igfxres.dll
    2011-11-19 00:01:29 ----D---- C:\Documents and Settings\عمر\Application Data\Identities
    2011-11-19 00:01:26 ----HD---- C:\Program Files\Uninstall Information
    2011-11-19 00:00:35 ----SD---- C:\Documents and Settings\عمر\Application Data\Microsoft
    2011-11-19 00:00:35 ----ASH---- C:\Documents and Settings\عمر\قائمة ابدأ\البرامج\بدء التشغيل\desktop.ini
    2011-11-19 00:00:35 ----ASH---- C:\Documents and Settings\عمر\Application Data\desktop.ini
    2011-10-30 21:37:50 ----A---- C:\Program Files\WNetWatcher.exe





    ---------------------------------------------------------------------

    This Report Created By Zyzoom.org Tools & Silent Runners & HijackThis
     
  5. mody2000

    mody2000 زيزوومي جديد

    إنضم إلينا في:
    ‏ابريل 18, 2010
    المشاركات:
    73
    الإعجابات المتلقاة:
    13
    نقاط الجائزة:
    90
    الإقامة:
    cairo
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows XP
    بارك الله فيك
     
  6. mostafa3114

    mostafa3114 زيزوومي جديد

    إنضم إلينا في:
    ‏أغسطس 16, 2008
    المشاركات:
    72
    الإعجابات المتلقاة:
    3
    نقاط الجائزة:
    80
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    بارك الله فيك على التوضيح
     
  7. ll-security-ll

    ll-security-ll زيزوومي نشيط

    إنضم إلينا في:
    ‏ديسمبر 20, 2011
    المشاركات:
    130
    الإعجابات المتلقاة:
    11
    نقاط الجائزة:
    180
    برامج الحماية:
    اخرى
    نظام التشغيل:
    أخرى
    بارك الله فيك وجزاك الله خير

    من بعد اذنك احب ان ابدي معلومة بسيطة

    بخصوص هذا الملف SYSTEM.INI

    تم اختباره على نظام
    وندوز XP <-------النتيجة CGA40WOA.FON= CGA40850.FON

    وندوز 7 <-------النتيجة CGA40WOA.FON= CGA40WOA.FON

    معا العلم تم فحص الجهاز بجميع برامج مكافحة التجسس وبرامج الحماية ولم يتبين اي اصابة
    ايضا معا متابعة مايدور من اتصالات خارجية وعمليات في الجهاز واخذ تقارير وكانت سليمة​

    اما بخصوص التاكد من وجود ملف تجسس متصل فالحل بسيط
    لمن يخاف من تثبيت البرامج

    اغلاق جميع البرامج / متصفح - مراسلة
    السبب لتحديد بشكل ادق

    الاهم وجود الاتصال للانترنت

    (( ابدا )) ثم (( تشغيل )) ثم نكتب الكلمة (( CMD )) ثم (( NETSTAT -ANO )) ثم الضغط على(( انتر ))​


    (( START )) (( RUN )) ((CMD)) (( NETSTAT -ANO ))​

    الصورة بالتفصيل
    [​IMG]

    الرقم 1 / هو الامر المدخل
    الرقم 2 / الاي بي المتصل الخارجي + المنفذ
    الرقم 3 / معرف العملية المتصلة

    المهم :-​

    الاي بي المتصل الخارجي + المنفذ
    معرف العملية المتصله
    التعرف على المنافذ الخطيرة لتحديد بشكل اسرع

    (( على سبيل المثال )) وجود ملف تجسس في داخل الجهاز لبرنامج بيفروست ومتصل على البورت 81

    سيظهر لنا في هذه القائمة وللكشف عن الملف المصدر المتصل نشاهد المعرف للعملية
    ومن ثم نبحث عليه في
    ادارة المهام - العمليات - من الشريط العلوي نختار عرض - تحديدالاعمدة - نؤشر على خيار PID

    والبحث عن المعرف الذي وجدناه​

    ملاحظة : بعض الباتشات تكون مخفية في القائمة لكن يوجد الكثير من البرامج لمثل هذه المهام

    تحذير امني : لا تقم بالتحميل لمثل هذه البرامج بشكل عشوائي ابحث عن المصدر الموثوق
    ويوجد في المنتدى العديد من المواضيع الخاصة بمثل هذه البرامج

    توضيح: في حال اردت ان يقوم الامر بالتحديث مستمر فقط اكتب

    NETSTAT -ANO 5
    الرقم 5 بمكانك تغييره باي رقم يناسبك فهو يقوم بعملية التحديث للقائمة بعد كل خمس ثواني

    ايضا هنالك الامر​

    NETSTAT -B
    يبين لك الاتصالات للعمليات المتصلة في حال اردت التحديد بشكل ادق

    بالتوفيق​
     
  8. الشاهيني

    الشاهيني زيزوومي جديد

    إنضم إلينا في:
    ‏سبتمبر 7, 2011
    المشاركات:
    40
    الإعجابات المتلقاة:
    3
    نقاط الجائزة:
    40
    برامج الحماية:
    COMODO
    نظام التشغيل:
    Windows XP
    الطريقة اكيد غير صحيحة وببساطة للتأكد عند اول فورمات للحاسبة وقبل تنصيب البرامج ادخل كمامشروح سابقا وسترى ان نفس المعلومات التي تشير الى وجود فيروسات موجودة.
     
  9. أبو عبد الرحمن.

    أبو عبد الرحمن. كبير المراقبين طاقم الإدارة عضو المكتبة الإلكترونية

    إنضم إلينا في:
    ‏ديسمبر 28, 2011
    المشاركات:
    9,341
    الإعجابات المتلقاة:
    16,578
    نقاط الجائزة:
    1,320
    الإقامة:
    مصر
    برامج الحماية:
    اخرى
    نظام التشغيل:
    أخرى
    :no::no:معلش يا اخوانا
    بصراحة تهت ومعرفتش اعمل حاجة منهم :b::b:
    ومشكور الاخ الغالي
     
  10. ارغب في زمن اخر

    ارغب في زمن اخر زيزوومي مميز

    إنضم إلينا في:
    ‏أكتوبر 14, 2011
    المشاركات:
    512
    الإعجابات المتلقاة:
    106
    نقاط الجائزة:
    550
    برامج الحماية:
    avast
    نظام التشغيل:
    Windows 7
    جزاك الله كل خير ~
     
  11. أسيرالريم

    أسيرالريم زيزوومي جديد

    إنضم إلينا في:
    ‏يوليو 2, 2008
    المشاركات:
    16
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    20
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    جزاك الله خير على هذه المعلومات القيمة
     
  12. هات من الاخر

    هات من الاخر زيزوومي فعال

    إنضم إلينا في:
    ‏فبراير 13, 2008
    المشاركات:
    233
    الإعجابات المتلقاة:
    3
    نقاط الجائزة:
    280
    الإقامة:
    نقطة البرامج للكمبيوتر
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    سعطيك العافية
     
  13. fadi-sheikh

    fadi-sheikh زيزوومي فعال

    إنضم إلينا في:
    ‏فبراير 8, 2011
    المشاركات:
    237
    الإعجابات المتلقاة:
    17
    نقاط الجائزة:
    290
    الإقامة:
    IRAQ-SYRIA-JORDAN-US
    برامج الحماية:
    Norton
    نظام التشغيل:
    Windows XP
    ممكن تقلي في اي قسم اضع مشاركتي مع التقارير المطلوبة يعني اقصد يجب علي وضعها في موضوع جديد
     
  14. أبو عائشه

    أبو عائشه عضو شرف الأعضاء النشطين لهذا الشهر نجم المنتدى

    إنضم إلينا في:
    ‏نوفمبر 13, 2007
    المشاركات:
    12,961
    الإعجابات المتلقاة:
    13,356
    نقاط الجائزة:
    1,545
    الإقامة:
    حيث يكون أي نظام تشغيل مجاني حر تجدني
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Linux
  15. DagALkeef

    DagALkeef زيزوومي مبدع

    إنضم إلينا في:
    ‏فبراير 26, 2012
    المشاركات:
    1,408
    الإعجابات المتلقاة:
    185
    نقاط الجائزة:
    650
    الإقامة:
    .~. مَدِيِنَّة الرِيّاض .~.
    برامج الحماية:
    اخرى
    نظام التشغيل:
    Windows 7
  16. محمد555

    محمد555 زيزوومي جديد

    إنضم إلينا في:
    ‏مايو 28, 2008
    المشاركات:
    19
    الإعجابات المتلقاة:
    0
    نقاط الجائزة:
    20
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows XP
    معلومات جميله جدا وفقك الله لما فيه الخير كله
     
  17. احساس شايب

    احساس شايب زيزوومي مبدع

    إنضم إلينا في:
    ‏فبراير 26, 2012
    المشاركات:
    1,311
    الإعجابات المتلقاة:
    88
    نقاط الجائزة:
    640
    الإقامة:
    KSA
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows XP
    كلام سليم اخي فهد


    جزاك الله خير
     
  18. جويل الشرقيه

    جويل الشرقيه زيزوومي مميز

    إنضم إلينا في:
    ‏مارس 31, 2011
    المشاركات:
    591
    الإعجابات المتلقاة:
    47
    نقاط الجائزة:
    530
    برامج الحماية:
    avast
    نظام التشغيل:
    Windows 7
    [​IMG]
     
  19. سافر حبيب الروح

    سافر حبيب الروح زيزوومي نشيط

    إنضم إلينا في:
    ‏يناير 5, 2012
    المشاركات:
    104
    الإعجابات المتلقاة:
    50
    نقاط الجائزة:
    140
    برامج الحماية:
    avast
    نظام التشغيل:
    Windows XP
    الله يعطيك العافية يافهد بارك الله في جهودك ورفع الله قدرك
     
  20. وهج

    وهج زيزوومي جديد

    إنضم إلينا في:
    ‏نوفمبر 21, 2008
    المشاركات:
    18
    الإعجابات المتلقاة:
    2
    نقاط الجائزة:
    20
    برامج الحماية:
    avast
    نظام التشغيل:
    Windows XP
    الله يعطيك العافيه ،
     
حالة الموضوع:
مغلق

مشاركة هذه الصفحة

جاري تحميل الصفحة...