تمت الافاده ✔ طلب فحص من خبراء زيزوم لباتش idm

[Dz_zYz0]

السلام عليكم و رحمة الله وبركاته

اخوانى تحية طيبة لكم جميعا

و جدت ملف تقوم باعادة فترة تجريبية لبرنامج idm

و قمت بوضعه على موقع الفايرس توتال

و كانت نتيجة الفحص دي :

[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]

فقلت ربما يكون false positives

لذلك اردت من خبرائنا تحليلها و ابداء ارائهم حولها

الرابط

[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]
​

 

[أبو رمش]

البتد فيندر عند التحميل قام بحجب الصفحة ..
[hide]

[/hide]

 

[imadeddine wissamimadeddine wissam is verified member.]

الملف سليم في نظر Eset
بدون تشغيل

 

[imadeddine wissamimadeddine wissam is verified member.]

الملف مكتشف بمحرك البيتديفندر

 

[awake]

 

[awake]

طبعا ياخواني البت ديفندر ليس عدو للباتشات والكراكات فان كانت سليمه لا يحذفها وان كان مصابه يقوم بحذفها
واكبر دليل ان معظم البرامج الموجوده على جهازي مفعله بكراكات وباتشات

 

[أبو عائشهأبو عائشه is verified member.]

إن كان همك هو تسجيل برنامج الداونلود مانجر فتفضل هذا أستخدمه بعد التحديث ليصبح البرنامج كامل بدون استخدام كراك إعادة الفترة التجريبية كل مرة وهذا عن تجربة شخصية

فقط كل ما عليك فعله هو أن تضع الملف في مجلد البرنامج وتضغط عليه وتوافق على الرسالة التي تظهر لك ويصبح البرنامج كامل وعند التحديث استخدمه مرة أخرى وهكذا

[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]
وهذا فحص الفايروس توتال للملف
[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]

 

[VVIP]

# الملف سليم يستخدم من أكثر من 1000 شخص والملف معروف منذ ثلاثه أشهر مضت

فحص الـ KSN

البرامج الأخرى معروف أكتشافها للكراكات وحتى وأن كانت سليمه بحجه أنتهاك الحقوق !!

​

 

[Dz_zYz0]

الله يبارك فيكم و يعطيكم العافية يا افاضل
بس كنت عاوز تحليل العينة لمعرفة مثلا هل ينشئ ملفات خبيثة في النظام
هل يحقن نفسه او نسخ نفسه في مجلدات النظام . شئ من هذا القبيل

البتد فيندر عند التحميل قام بحجب الصفحة ..
[hide]

[/hide]

الملف سليم في نظر Eset
بدون تشغيل

مشاهدة المرفق 70155

إن كان همك هو تسجيل برنامج الداونلود مانجر فتفضل هذا أستخدمه بعد التحديث ليصبح البرنامج كامل بدون استخدام كراك إعادة الفترة التجريبية كل مرة وهذا عن تجربة شخصية

فقط كل ما عليك فعله هو أن تضع الملف في مجلد البرنامج وتضغط عليه وتوافق على الرسالة التي تظهر لك ويصبح البرنامج كامل وعند التحديث استخدمه مرة أخرى وهكذا

[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]
وهذا فحص الفايروس توتال للملف
[hide]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/hide]

# الملف سليم يستخدم من أكثر من 1000 شخص والملف معروف منذ ثلاثه أشهر مضت

فحص الـ KSN

البرامج الأخرى معروف أكتشافها للكراكات وحتى وأن كانت سليمه بحجه أنتهاك الحقوق !!

​

 

[elmasry2006elmasry2006 is verified member.]

Analysis Report for Trial+Reset+IDM+Auto.exe
MD5: 9befd618d619fbd9fb1f8d8851ef09dc
[#############################################################################]


[=============================================================================]
Table of Contents
[=============================================================================]

- General information
- Trial+Rese.exe
a) Registry Activities
b) File Activities
c) Other Activities


[#############################################################################]
1. General Information
[#############################################################################]
[=============================================================================]
[=============================================================================]
Time needed: 63 s
Report created: 08/31/14, 22:32:54 UTC
Termination reason: All tracked processes have exited
Program version: 1.76.3886


[#############################################################################]
2. Trial+Rese.exe
[#############################################################################]
[=============================================================================]
General information about this executable
[=============================================================================]
Analysis Reason: Primary Analysis Subject
Filename: Trial+Rese.exe
MD5: 9befd618d619fbd9fb1f8d8851ef09dc
SHA-1: f19ae0254589c55e3659b763fa365f8bab41a8b0
File Size: 1191936 Bytes
Command Line: "C:\Trial+Rese.exe"
Process-status
at analysis end: dead
Exit Code: 0

[=============================================================================]
Load-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\ntdll.dll ],
Base Address: [0x7C900000 ], Size: [0x000AF000 ]
Module Name: [ C:\WINDOWS\system32\kernel32.dll ],
Base Address: [0x7C800000 ], Size: [0x000F6000 ]
Module Name: [ C:\WINDOWS\system32\WSOCK32.dll ],
Base Address: [0x71AD0000 ], Size: [0x00009000 ]
Module Name: [ C:\WINDOWS\system32\WS2_32.dll ],
Base Address: [0x71AB0000 ], Size: [0x00017000 ]
Module Name: [ C:\WINDOWS\system32\ADVAPI32.dll ],
Base Address: [0x77DD0000 ], Size: [0x0009B000 ]
Module Name: [ C:\WINDOWS\system32\RPCRT4.dll ],
Base Address: [0x77E70000 ], Size: [0x00092000 ]
Module Name: [ C:\WINDOWS\system32\Secur32.dll ],
Base Address: [0x77FE0000 ], Size: [0x00011000 ]
Module Name: [ C:\WINDOWS\system32\msvcrt.dll ],
Base Address: [0x77C10000 ], Size: [0x00058000 ]
Module Name: [ C:\WINDOWS\system32\WS2HELP.dll ],
Base Address: [0x71AA0000 ], Size: [0x00008000 ]
Module Name: [ C:\WINDOWS\system32\VERSION.dll ],
Base Address: [0x77C00000 ], Size: [0x00008000 ]
Module Name: [ C:\WINDOWS\system32\WINMM.dll ],
Base Address: [0x76B40000 ], Size: [0x0002D000 ]
Module Name: [ C:\WINDOWS\system32\GDI32.dll ],
Base Address: [0x77F10000 ], Size: [0x00049000 ]
Module Name: [ C:\WINDOWS\system32\USER32.dll ],
Base Address: [0x7E410000 ], Size: [0x00091000 ]
Module Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll ],
Base Address: [0x773D0000 ], Size: [0x00103000 ]
Module Name: [ C:\WINDOWS\system32\SHLWAPI.dll ],
Base Address: [0x77F60000 ], Size: [0x00076000 ]
Module Name: [ C:\WINDOWS\system32\MPR.dll ],
Base Address: [0x71B20000 ], Size: [0x00012000 ]
Module Name: [ C:\WINDOWS\system32\WININET.dll ],
Base Address: [0x771B0000 ], Size: [0x000AA000 ]
Module Name: [ C:\WINDOWS\system32\CRYPT32.dll ],
Base Address: [0x77A80000 ], Size: [0x00095000 ]
Module Name: [ C:\WINDOWS\system32\MSASN1.dll ],
Base Address: [0x77B20000 ], Size: [0x00012000 ]
Module Name: [ C:\WINDOWS\system32\OLEAUT32.dll ],
Base Address: [0x77120000 ], Size: [0x0008B000 ]
Module Name: [ C:\WINDOWS\system32\ole32.dll ],
Base Address: [0x774E0000 ], Size: [0x0013D000 ]
Module Name: [ C:\WINDOWS\system32\PSAPI.DLL ],
Base Address: [0x76BF0000 ], Size: [0x0000B000 ]
Module Name: [ C:\WINDOWS\system32\IPHLPAPI.DLL ],
Base Address: [0x76D60000 ], Size: [0x00019000 ]
Module Name: [ C:\WINDOWS\system32\USERENV.dll ],
Base Address: [0x769C0000 ], Size: [0x000B4000 ]
Module Name: [ C:\WINDOWS\system32\UxTheme.dll ],
Base Address: [0x5AD70000 ], Size: [0x00038000 ]
Module Name: [ C:\WINDOWS\system32\COMDLG32.dll ],
Base Address: [0x763B0000 ], Size: [0x00049000 ]
Module Name: [ C:\WINDOWS\system32\SHELL32.dll ],
Base Address: [0x7C9C0000 ], Size: [0x00817000 ]

[=============================================================================]
Run-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\MSCTF.dll ],
Base Address: [0x74720000 ], Size: [0x0004C000 ]

[=============================================================================]
Popups
[=============================================================================]
Window Name: IDM trial reset
Displayed Times: 1
Window Text:
Automatically
Reset the IDM trial now



[=============================================================================]
2.a) Trial+Rese.exe - Registry Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Registry Values Read:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ],
Value Name: [ CUAS ], Value: [ 0 ], 1 time
Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ],
Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time
Key: [ HKLM\SYSTEM\Setup ],
Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows ],
Value Name: [ AppInit_DLLs ], Value: [ ], 1 time
Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers ],
Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\Joystick\Winmm ],
Value Name: [ wheel ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\ProductOptions ],
Value Name: [ ProductType ], Value: [ WinNT ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ],
Value Name: [ TSAppCompat ], Value: [ 0 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Control Panel\Mouse ],
Value Name: [ SwapMouseButtons ], Value: [ 0 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Language Hotkey ], Value: [ 1 ], 4 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Layout Hotkey ], Value: [ 2 ], 4 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Local Settings ], Value: [ %USERPROFILE%\Local Settings ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Personal ], Value: [ %USERPROFILE%\My Documents ], 1 time

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Monitored Registry Keys:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\system\CurrentControlSet\control\NetworkProvider\HwOrder ],
Watch subtree: [ 0 ], Notify Filter: [ Value Change ], 1 time


[=============================================================================]
2.b) Trial+Rese.exe - File Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Files Modified:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ Ip ]
File Name: [ \Device\Ip ]
File Name: [ \Device\Tcp ]

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File System Control Communication:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File: [ C:\Program Files\Common Files\ ], Control Code: [ 0x00090028 ], 1 time

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Device Control Communication:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File: [ \Device\KsecDD ], Control Code: [ 0x00390008 ], 8 times
File: [ \Device\Tcp ], Control Code: [ 0x00120003 ], 6 times

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Memory Mapped Files:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll ]
File Name: [ C:\WINDOWS\WindowsShell.Manifest ]
File Name: [ C:\WINDOWS\system32\IPHLPAPI.DLL ]
File Name: [ C:\WINDOWS\system32\MSCTF.dll ]
File Name: [ C:\WINDOWS\system32\PSAPI.DLL ]
File Name: [ C:\WINDOWS\system32\SHELL32.dll ]
File Name: [ C:\WINDOWS\system32\UxTheme.dll ]
File Name: [ C:\WINDOWS\system32\WININET.dll ]
File Name: [ C:\WINDOWS\system32\WINMM.dll ]
File Name: [ C:\WINDOWS\system32\WS2HELP.dll ]
File Name: [ C:\WINDOWS\system32\WS2_32.dll ]
File Name: [ C:\WINDOWS\system32\WSOCK32.dll ]
File Name: [ C:\WINDOWS\system32\imm32.dll ]
File Name: [ C:\WINDOWS\system32\rpcss.dll ]

[=============================================================================]
2.c) Trial+Rese.exe - Other Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Mutexes Created:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Mutex: [ CTF.Asm.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.Compart.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.LBES.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.Layouts.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.TMD.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.TimListCache.FMPDefaultS-1-5-21-842925246-1425521274-308236825-500MUTEX.DefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ MSCTF.Shared.MUTEX.IFG ]

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Keyboard Keys Monitored:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Virtual Key Code: [ VK_LBUTTON (1) ], 86 times
Virtual Key Code: [ VK_RBUTTON (2) ], 86 times

 

[أبو رمش]

يا ساتر كل هذا !

 

[Dz_zYz0]

Analysis Report for Trial+Reset+IDM+Auto.exe
MD5: 9befd618d619fbd9fb1f8d8851ef09dc
[#############################################################################]


[=============================================================================]
Table of Contents
[=============================================================================]

- General information
- Trial+Rese.exe
a) Registry Activities
b) File Activities
c) Other Activities


[#############################################################################]
1. General Information
[#############################################################################]
[=============================================================================]
[=============================================================================]
Time needed: 63 s
Report created: 08/31/14, 22:32:54 UTC
Termination reason: All tracked processes have exited
Program version: 1.76.3886


[#############################################################################]
2. Trial+Rese.exe
[#############################################################################]
[=============================================================================]
General information about this executable
[=============================================================================]
Analysis Reason: Primary Analysis Subject
Filename: Trial+Rese.exe
MD5: 9befd618d619fbd9fb1f8d8851ef09dc
SHA-1: f19ae0254589c55e3659b763fa365f8bab41a8b0
File Size: 1191936 Bytes
Command Line: "C:\Trial+Rese.exe"
Process-status
at analysis end: dead
Exit Code: 0

[=============================================================================]
Load-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\ntdll.dll ],
Base Address: [0x7C900000 ], Size: [0x000AF000 ]
Module Name: [ C:\WINDOWS\system32\kernel32.dll ],
Base Address: [0x7C800000 ], Size: [0x000F6000 ]
Module Name: [ C:\WINDOWS\system32\WSOCK32.dll ],
Base Address: [0x71AD0000 ], Size: [0x00009000 ]
Module Name: [ C:\WINDOWS\system32\WS2_32.dll ],
Base Address: [0x71AB0000 ], Size: [0x00017000 ]
Module Name: [ C:\WINDOWS\system32\ADVAPI32.dll ],
Base Address: [0x77DD0000 ], Size: [0x0009B000 ]
Module Name: [ C:\WINDOWS\system32\RPCRT4.dll ],
Base Address: [0x77E70000 ], Size: [0x00092000 ]
Module Name: [ C:\WINDOWS\system32\Secur32.dll ],
Base Address: [0x77FE0000 ], Size: [0x00011000 ]
Module Name: [ C:\WINDOWS\system32\msvcrt.dll ],
Base Address: [0x77C10000 ], Size: [0x00058000 ]
Module Name: [ C:\WINDOWS\system32\WS2HELP.dll ],
Base Address: [0x71AA0000 ], Size: [0x00008000 ]
Module Name: [ C:\WINDOWS\system32\VERSION.dll ],
Base Address: [0x77C00000 ], Size: [0x00008000 ]
Module Name: [ C:\WINDOWS\system32\WINMM.dll ],
Base Address: [0x76B40000 ], Size: [0x0002D000 ]
Module Name: [ C:\WINDOWS\system32\GDI32.dll ],
Base Address: [0x77F10000 ], Size: [0x00049000 ]
Module Name: [ C:\WINDOWS\system32\USER32.dll ],
Base Address: [0x7E410000 ], Size: [0x00091000 ]
Module Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll ],
Base Address: [0x773D0000 ], Size: [0x00103000 ]
Module Name: [ C:\WINDOWS\system32\SHLWAPI.dll ],
Base Address: [0x77F60000 ], Size: [0x00076000 ]
Module Name: [ C:\WINDOWS\system32\MPR.dll ],
Base Address: [0x71B20000 ], Size: [0x00012000 ]
Module Name: [ C:\WINDOWS\system32\WININET.dll ],
Base Address: [0x771B0000 ], Size: [0x000AA000 ]
Module Name: [ C:\WINDOWS\system32\CRYPT32.dll ],
Base Address: [0x77A80000 ], Size: [0x00095000 ]
Module Name: [ C:\WINDOWS\system32\MSASN1.dll ],
Base Address: [0x77B20000 ], Size: [0x00012000 ]
Module Name: [ C:\WINDOWS\system32\OLEAUT32.dll ],
Base Address: [0x77120000 ], Size: [0x0008B000 ]
Module Name: [ C:\WINDOWS\system32\ole32.dll ],
Base Address: [0x774E0000 ], Size: [0x0013D000 ]
Module Name: [ C:\WINDOWS\system32\PSAPI.DLL ],
Base Address: [0x76BF0000 ], Size: [0x0000B000 ]
Module Name: [ C:\WINDOWS\system32\IPHLPAPI.DLL ],
Base Address: [0x76D60000 ], Size: [0x00019000 ]
Module Name: [ C:\WINDOWS\system32\USERENV.dll ],
Base Address: [0x769C0000 ], Size: [0x000B4000 ]
Module Name: [ C:\WINDOWS\system32\UxTheme.dll ],
Base Address: [0x5AD70000 ], Size: [0x00038000 ]
Module Name: [ C:\WINDOWS\system32\COMDLG32.dll ],
Base Address: [0x763B0000 ], Size: [0x00049000 ]
Module Name: [ C:\WINDOWS\system32\SHELL32.dll ],
Base Address: [0x7C9C0000 ], Size: [0x00817000 ]

[=============================================================================]
Run-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\MSCTF.dll ],
Base Address: [0x74720000 ], Size: [0x0004C000 ]

[=============================================================================]
Popups
[=============================================================================]
Window Name: IDM trial reset
Displayed Times: 1
Window Text:
Automatically
Reset the IDM trial now



[=============================================================================]
2.a) Trial+Rese.exe - Registry Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Registry Values Read:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ],
Value Name: [ CUAS ], Value: [ 0 ], 1 time
Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ],
Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time
Key: [ HKLM\SYSTEM\Setup ],
Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows ],
Value Name: [ AppInit_DLLs ], Value: [ ], 1 time
Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers ],
Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\Joystick\Winmm ],
Value Name: [ wheel ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\ProductOptions ],
Value Name: [ ProductType ], Value: [ WinNT ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ],
Value Name: [ TSAppCompat ], Value: [ 0 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Control Panel\Mouse ],
Value Name: [ SwapMouseButtons ], Value: [ 0 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Language Hotkey ], Value: [ 1 ], 4 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Layout Hotkey ], Value: [ 2 ], 4 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Local Settings ], Value: [ %USERPROFILE%\Local Settings ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Personal ], Value: [ %USERPROFILE%\My Documents ], 1 time

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Monitored Registry Keys:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\system\CurrentControlSet\control\NetworkProvider\HwOrder ],
Watch subtree: [ 0 ], Notify Filter: [ Value Change ], 1 time


[=============================================================================]
2.b) Trial+Rese.exe - File Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Files Modified:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ Ip ]
File Name: [ \Device\Ip ]
File Name: [ \Device\Tcp ]

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File System Control Communication:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File: [ C:\Program Files\Common Files\ ], Control Code: [ 0x00090028 ], 1 time

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Device Control Communication:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File: [ \Device\KsecDD ], Control Code: [ 0x00390008 ], 8 times
File: [ \Device\Tcp ], Control Code: [ 0x00120003 ], 6 times

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Memory Mapped Files:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll ]
File Name: [ C:\WINDOWS\WindowsShell.Manifest ]
File Name: [ C:\WINDOWS\system32\IPHLPAPI.DLL ]
File Name: [ C:\WINDOWS\system32\MSCTF.dll ]
File Name: [ C:\WINDOWS\system32\PSAPI.DLL ]
File Name: [ C:\WINDOWS\system32\SHELL32.dll ]
File Name: [ C:\WINDOWS\system32\UxTheme.dll ]
File Name: [ C:\WINDOWS\system32\WININET.dll ]
File Name: [ C:\WINDOWS\system32\WINMM.dll ]
File Name: [ C:\WINDOWS\system32\WS2HELP.dll ]
File Name: [ C:\WINDOWS\system32\WS2_32.dll ]
File Name: [ C:\WINDOWS\system32\WSOCK32.dll ]
File Name: [ C:\WINDOWS\system32\imm32.dll ]
File Name: [ C:\WINDOWS\system32\rpcss.dll ]

[=============================================================================]
2.c) Trial+Rese.exe - Other Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Mutexes Created:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Mutex: [ CTF.Asm.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.Compart.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.LBES.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.Layouts.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.TMD.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ CTF.TimListCache.FMPDefaultS-1-5-21-842925246-1425521274-308236825-500MUTEX.DefaultS-1-5-21-842925246-1425521274-308236825-500 ]
Mutex: [ MSCTF.Shared.MUTEX.IFG ]

[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Keyboard Keys Monitored:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Virtual Key Code: [ VK_LBUTTON (1) ], 86 times
Virtual Key Code: [ VK_RBUTTON (2) ], 86 times

الله اكبر

ممكن ترجمة لو سمحتم

 

[SkY MaRvEL]

السلام عليكم اخي الرد متأخر لكن تفضل هذا فحص الافاست

 

[محسن 12]

الملف مكتشف بمحرك البيتديفندر

فعلا أخي الحصان أمسك ويبدو انه خطير لان الحصان طلب الرسترة لاول مرة :

 

[White Man]

جميع الإكتشافات والتسميات مريبة أخى
+
عند تشغيله يقوم بنسخ نفسه الى بدء التشغيل مع الويندوز !!

 

[Dz_zYz0]

السلام عليكم اخي الرد متأخر لكن تفضل هذا فحص الافاست

مشاهدة المرفق 70327

فعلا أخي الحصان أمسك ويبدو انه خطير لان الحصان طلب الرسترة لاول مرة :

جميع الإكتشافات والتسميات مريبة أخى
+
عند تشغيله يقوم بنسخ نفسه الى بدء التشغيل مع الويندوز !!

هههه . كنت اتمنى انو يكون مجرد اكتشاف خاطئ . حتى ننتهي من امر البحث عن كراكاته
لكن ههه لا يوجد كراك مجاني . لا بد من دفع الثمن حتى و لو كان الثمن ليس مالا

=============================

اشكر الجميع على مشاركاته جزاهم الله كل خير
يغلق لانتهاء الغرض منه