تم حل المشكلة مشكلتي مع موقع

المصدر: مشكلتي مع موقع
في منتدى : مشاكل الأعضاء التي تم الانتهاء منها

بسم الله الرحمن الرحيم

حدثت لي مشكله بعد تنصيب برنامج وبالتحديد تنصيب كراك للبرنامج وبعدها مباشرة كل ما ادخل متصفح يدخلي ع طول علو موقع http://www.alarabeyes.com/ مما يسبب لي كثره الاعلانات وبطء بالتصفح وللعلم تم ازالة الكراك مع البرنامج فورا ..


​

 

وعليكم السلام ورحمة الله

اخى اعمل فحص بـ ● أداة Zoek ●

 

تفضل اخوي






Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Liverpool on Tue 04/14/2015 at 18:32:05.85.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Liverpool\Desktop\zoek\zoek.scr [Scan all users] [Checkboxes used]

==== System Restore Info ======================

14/04/2015 06:33:40 م Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Preload deleted successfully
C:\PROGRA~3\44fa52db-e405-4860-9675-591a035762d0 deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\Users\Liverpool\AppData\Roaming\EncryptStick deleted successfully
C:\Users\Liverpool\AppData\Roaming\New Version Available deleted successfully
C:\Users\Liverpool\AppData\Roaming\Opera Software deleted successfully
C:\Users\Liverpool\AppData\Roaming\TaiG deleted successfully
C:\Users\Liverpool\AppData\Local\CrashDumps deleted successfully
C:\Users\Liverpool\AppData\Local\Opera Software deleted successfully
C:\Users\Liverpool\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1499A23-1FEB-4A97-94F7-737C8FF9E62} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1642A155-8797-4515-B881-D6CB6A61CB1} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1906A62B-4FD5-4413-BDC2-F41390903642} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A743D-1816-4119-99DD-74E1DEC4832} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{244C0B35-1F02-4519-AE14-157742BA76} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26eaff8b-3cd5-42c3-8d9c-be5fff9f32df} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39BED449-8483-4E94-9BF3-28538284F46D} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F093C5B-B3A9-4FEB-936A-9EE6455F4166} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{570BB0A5-86DE-4659-B364-FD50CFC224C8} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ACE2783-5CA9-4E55-AD66-1A25979A577F} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7054B231-7887-44BD-AE86-ED4BB2DDECA} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7194BEFC-10D0-41B7-9A50-AFE9FBC8FBB5} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79BB6A2E-9529-451D-A6AD-7057D46B5AD0} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C60B900-6E50-40EF-B19D-878940EB7DA} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C6E5174-55E3-46D7-80F5-3B63E9AC4C7} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D251E5-9300-4674-B56B-737D32A87612} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B74919A-FA86-4E68-926F-7B3342ACF3A9} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FCF6B36-5C4D-4148-AC8D-7847CC2B9479} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90FA2583-8481-4437-B4F3-C1C6E0381769} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91F970DD-4E50-41A0-A64F-931C473219} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A9D466-856-40E5-8C5D-5EF87E36D258} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ABA48B7-24F1-4550-A45E-84B16EF88CE2} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B65042A-8E46-4451-972F-8AFDDC937EB} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6C86AE4-9DF3-49B7-B17F-1C7CA857CFEA} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8EE3359-EAFC-4F71-A315-117FF3C8C5} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADBB3777-2306-4FFE-BF71-316CECC5713} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE533267-5F22-446D-9D67-D2D4AC3ACF2} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B112B6B5-DD60-4BC9-B126-6E746426912} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B46A91B9-C90C-4A4E-94A1-98844A1A2FAE} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7FF9BA3-3516-45B8-9D7A-C3B1DEDDE548} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c83ddcbf-aec5-45e2-8b74-9cb877607be6} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE881A6E-4050-4345-9A5F-5E9CB289B46} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0E0B62E-380C-45F4-BFC-FAE5DB3B6926} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D30C9ED6-874-490D-B392-1D4943E0F663} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E117F68E-5372-4092-BDD5-389ACCD5B01B} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E31CF303-320B-46E1-834D-537FFB9017EE} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8F1CDF9-F5CB-486B-A6A5-7BDC3BE5DBA9} deleted successfully
HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC27C0B3-DB06-41A5-BCF2-569323E52057} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26eaff8b-3cd5-42c3-8d9c-be5fff9f32df} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c83ddcbf-aec5-45e2-8b74-9cb877607be6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Liverpool\Desktop\DontSleep.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0c632643 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\0c632643 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277

---- Lines extensions.wT10Uh53Lg0diE0O removed from prefs.js ----
user_pref("extensions.wT10Uh53Lg0diE0O.epoch", "1418024357");
user_pref("extensions.wT10Uh53Lg0diE0O.url", "http://syncerjpi.info/sync2/?q=hfZ9...Dzt4olxbtNtVh7n0rjnFrTa6rdCHqTnGtMFHhd9FqdwGr
---- FireFox user.js and prefs.js backups ----

user_20150414_0647_.backup
prefs_20150414_0647_.backup

ProfilePath: C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\vvxudivo.default

prefs.js not found
---- FireFox user.js and prefs.js backups ----

user_20150414_0647_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\44fa52db-e405-4860-9675-591a035762d0 not found
C:\Users\Liverpool\AppData\Roaming\0F1L1I1P0H1L1E1E1F deleted
C:\windows\SysNative\Tasks\Mistl deleted
C:\windows\SysNative\Tasks\Drv Update deleted
C:\PROGRA~3\89451e3e7f2270b deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted
C:\Users\Liverpool\AppData\Roaming\Apple Computer\Safari\Extensions\trustedshopper.safariextz deleted
C:\Users\Liverpool\AppData\Local\UpdateChecker deleted
C:\Windows\patsearch.bin deleted
C:\windows\SysNative\Tasks\GoForFiles Installer Starter deleted
C:\windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf deleted
C:\windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Liverpool\Documents\Add-in Express deleted
C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\vvxudivo.default\jetpack deleted
"C:\Windows\Installer\29c2f0.msi" deleted
"C:\Users\Liverpool\AppData\Roaming\FLLT" deleted
"C:\Windows\tasks\FLLT.job" deleted
"C:\Windows\SysNative\tasks\FLLT" deleted
"C:\Users\Liverpool\AppData\Roaming\YJT" deleted
"C:\Windows\tasks\YJT.job" deleted
"C:\Windows\SysNative\tasks\YJT" deleted
"C:\Users\Liverpool\AppData\Roaming\SPK\SPK.exe" deleted
"C:\Users\Liverpool\AppData\Roaming\SPK" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 5996 MB
CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
CPU Speed: 2530.9 MHz
Sound Card: Speakers (Conexant High Definit |
SPDIF Interface (Conexant High |
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | NVIDIA GeForce GT 540M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Broadcom 802.11n Network Adapter | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GU40N
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 488.2GB | D: 195.3GB
Hard Disks - Free: C: 317.0GB | D: 47.7GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 01/10/12 | ACRSYS - 1
Time Zone: Arab Standard Time
Motherboard *: Acer JM40_HR
Country: Qatar
Language: ARQ

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox 37.0.1
Internet Explorer Version: 11.0.9600.17691
Mozilla Firefox version: 37.0.1 (x86 ar)
Google Chrome version: 39.0.2171.71
Adobe Reader version: 10.1.13.16
Flash Player version: 17.0.0.134

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\LIVERP~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-04-02 13:54:34 4DF233D8FAA31699BF9C28ED2DB06D8C 192984 ----a-w- C:\Windows\Sysnative\drivers\idmwfp.sys
2015-03-22 18:11:33 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-03-22 17:36:26 9C3AC71A9934B884FAC567A8807E9C4D 31800 ----a-w- C:\Windows\Sysnative\drivers\revoflt.sys
====== C:\Windows\Tasks ======
2015-04-13 07:50:02 A0D791F148444F6200B08240915FE6ED 3256 ----a-w- C:\Windows\Sysnative\Tasks\9A5A8340-6B15
2015-03-22 18:01:39 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-22 18:02:14 -------- d-----w- C:\Program Files\iPod
2015-03-22 18:02:13 -------- d-----w- C:\Program Files\iTunes
2015-03-22 18:01:30 -------- d-----w- C:\Program Files\Common Files\Apple
2015-03-22 18:01:22 -------- d-----w- C:\Program Files\Bonjour
2015-03-22 17:36:25 -------- d-----w- C:\Program Files\VS Revo Group
======= C:\PROGRA~2 =====
2015-04-13 08:35:15 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
2015-04-13 06:17:48 -------- d-----w- C:\PROGRA~2\COMMON~1\TechSmith Shared
2015-04-13 06:17:41 -------- d-----w- C:\PROGRA~2\TechSmith
2015-03-22 18:02:13 -------- d-----w- C:\PROGRA~2\iTunes
2015-03-22 18:01:37 -------- d-----w- C:\PROGRA~2\Apple Software Update
2015-03-22 18:01:22 -------- d-----w- C:\PROGRA~2\Bonjour
======= C: =====
====== C:\Users\Liverpool\AppData\Roaming ======
2015-04-13 07:50:04 -------- d-----w- C:\Users\Liverpool\AppData\Roaming\Crown
2015-04-13 07:49:59 -------- d-----w- C:\Users\Liverpool\AppData\Roaming\htcon
2015-04-12 04:52:41 -------- d-----w- C:\Users\Liverpool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-03-30 10:11:27 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2015-03-22 18:01:39 -------- d-----w- C:\Users\Liverpool\AppData\Local\Apple
2015-03-22 17:36:28 -------- d-----w- C:\Users\Liverpool\AppData\Local\VS Revo Group
====== C:\Users\Liverpool ======
2015-04-14 13:59:53 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Liverpool\Desktop\TFC.exe
2015-04-13 08:33:05 2EBBFE3020E7232176F38FE5EAF0B344 243664 ----a-w- C:\Users\Liverpool\Desktop\Firefox Setup Stub 37.0.1.exe
2015-04-13 07:50:02 -------- d-----w- C:\ProgramData\Drv
2015-04-13 07:50:01 -------- d-----w- C:\ProgramData\Kirin
2015-04-13 06:17:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-04-13 06:17:54 -------- d-----w- C:\ProgramData\regid.1995-08.com.techsmith
2015-04-13 06:17:41 -------- d-----w- C:\ProgramData\TechSmith
2015-04-13 05:48:58 7EAC71CDE1F52D087648C67D574E23A2 259562296 ----a-w- C:\Users\Liverpool\Desktop\camtasia.exe
2015-04-12 04:52:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-03-22 18:02:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-22 18:02:13 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-22 17:36:26 -------- d-----w- C:\ProgramData\VS Revo Group
2015-03-22 17:36:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

====== C: exe-files ==
2015-04-14 13:59:53 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Liverpool\Desktop\TFC.exe
2015-04-13 08:35:16 63B308A3E1F062DFD3BF762FDDC2F39A 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2015-04-13 08:35:15 269BDB3CB77EB77BABE2862BEAB1F208 148080 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2015-04-13 08:33:05 2EBBFE3020E7232176F38FE5EAF0B344 243664 ----a-w- C:\Users\Liverpool\Desktop\Firefox Setup Stub 37.0.1.exe
2015-04-13 07:50:04 C49B17637803C61BC3DB3DE0BC0CC7BE 183808 ----a-w- C:\Users\Liverpool\AppData\Roaming\Crown\SPK.exe
2015-04-13 07:50:02 204E0C715CF812417E8F4E8BFA03CAEA 182272 ----a-w- C:\ProgramData\Drv\Drv.exe
2015-04-13 07:50:01 204E0C715CF812417E8F4E8BFA03CAEA 182272 ----a-w- C:\ProgramData\Kirin\Kirin.exe
2015-04-13 07:49:59 204E0C715CF812417E8F4E8BFA03CAEA 182272 ----a-w- C:\Users\Liverpool\AppData\Roaming\htcon\Updater.exe
2015-04-13 05:48:58 7EAC71CDE1F52D087648C67D574E23A2 259562296 ----a-w- C:\Users\Liverpool\Desktop\camtasia.exe
=== C: other files ==
2015-04-12 05:01:09 51DA69EC732017BB58443FD57D3B192C 687948 ----a-w- C:\Program Files (x86)\Internet Download Manager\Toolbar\H3M_BlueSky_Shapes_Toolbar\H3M_toolbars.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CONNMGRTRAY"="C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"uTorrent"="C:\Users\Liverpool\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"Dolby Home Theater v4"="C:\Dolby PCEE4\pcee4.exe -autostart"
"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CONNMGRTRAY"="C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"uTorrent"="C:\Users\Liverpool\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"Power Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""


==== Startup Folders ======================

2014-11-17 12:14:22 1932 ----a-w- C:\Users\Liverpool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk
2011-09-06 07:36:29 1782 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
2014-11-11 16:49:25 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [03/21/2015 05:29 AM]
C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [11/19/2014 10:21 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/17/2014 03:13 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/17/2014 03:13 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\9A5A8340-6B15" ["C:\Users\Liverpool\AppData\Roaming\htcon\Updater.exe"]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1510 series" ["C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\Windows\SysNative\tasks\Trojan Killer" ["C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277
user_pref("browser.startup.homepage", "http://www.arabyonline.com/?scr=90Qw8888");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\Liverpool\AppData\Roaming\IDM\idmmzcc5" [04/14/2015 06:31 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277
- Bad Ads Blocker - C:\Users\Liverpool\AppData\Roaming\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277\extensions\addonFF@AdvanT.com
- IDM CC - C:\Users\Liverpool\AppData\Roaming\IDM\idmmzcc5
- Bad Ads Blocker - %ProfilePath%\extensions\addonFF@AdvanT.com

ProfilePath: C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\vvxudivo.default
- TrustedShopper - %ProfilePath%\extensions\jid1-BKkq2B2E8NPfWg@jetpack.xpi
- Rad Rater - %ProfilePath%\extensions\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Liverpool\AppData\Roaming\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277
43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash
99F97C9FE748C37528C338A423577FCB - C:\Users\Liverpool\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin


==== Deleted Firefox Extensions ======================

C:\Users\LIVERP~1\AppData\Roaming\Mozilla\Firefox\Profiles\vvxudivo.default\extensions\jid1-BKkq2B2E8NPfWg@jetpack.xpi deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.71 (Possible outdated, latest Stable version: 41.0.2272.118) [z-db]

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[04/02/2015 04:21 PM]

Google Slides - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
IDM Integration Module - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Gmail - Liverpool\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.arabyonline.com/?src=1000"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.arabyonline.com/?src=1000"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Liverpool\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Liverpool\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Liverpool\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Liverpool\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2130138997-940779228-1964873243-1000\Software\Mozilla\Firefox\Extensions\{D3F92FFF-1F36-6371-11B3-AE1E86167E80} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D465997AC85B14B4FB5F0A3531EA2285 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Format Factory Packages deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR 64-bit Packages deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A799564D-B58C-4B41-BFF5-A05313AE2258} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdateChecker deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D465997AC85B14B4FB5F0A3531EA2285 deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: FoxPro - {598AC71E-BE58-3981-B78A-5C138F423AD6} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CONNMGRTRAY] C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Liverpool\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Monitor Ink Alerts - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Liverpool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Liverpool\AppData\Local\Mozilla\Firefox\Profiles\7lnn0bvb.default-1416991708277\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Liverpool\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=34 folders=12 5182919 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Liverpool\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LIVERP~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 04/14/2015 at 19:01:51.24 ======================

 

^
اعتذر منك اخوي ولكن للحيطه والحذر اتعامل انا مع ناس ذو خبره كافيه
انتظر الرد من اخوي عمر

 

هذا رد سديد وكافي ويجب العمل بة أولا + ضبط مصنع للمتصفح ونري ماذا تم

 

الان اخى قم بعمل ● تقرير Runscanner ●

 

تم حل المشكلة

 

تم