تم حل المشكلة اعلانات و فتح الصفحات مشكلة ads by volaro

  • بادئ الموضوع بادئ الموضوع king_3sool
  • تاريخ البدء تاريخ البدء
  • المشاهدات 4,733
الحالة
مغلق و غير مفتوح للمزيد من الردود.
K

king_3sool

زيزوومي نشيط
إنضم
11 ديسمبر 2007
المشاركات
188
مستوى التفاعل
7
النقاط
230
الإقامة
r
غير متصل
السلام عليكم ورحمه الله وبركاته

عندي مشكلة ads by volaro

اعلانات اسفل المتصفح
 

وعليكم السلام ورحمة الله

طبق التالى اخى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : White Man
# AdwCleaner v4.002 - Report created 28/10/2014 at 18:36:05
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : NASSER - NASSER-PC
# Running from : C:\Users\NASSER\Downloads\Programs\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : webinstrNew

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Users\Public\Documents\baidu
Folder Deleted : C:\Program Files\ver7BlockAndSurf
File Deleted : C:\Windows\system32\drivers\webinstrNew.sys
File Deleted : C:\Users\NASSER\AppData\Roaming\Mozilla\Firefox\Profiles\35kq5z1c.default-1413673609906\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : BlockAndSurf Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{D3ECB4BA-041A-5DC6-548E-1CF0BEDFBCB2}]
Key Deleted : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CD0FED26-3E26-3AD8-6838-B0D77C8D1C86

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 ar)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [8787 octets] - [28/10/2014 13:13:59]
AdwCleaner[R1].txt - [1055 octets] - [28/10/2014 13:41:05]
AdwCleaner[R2].txt - [1709 octets] - [28/10/2014 18:33:13]
AdwCleaner[S0].txt - [8355 octets] - [28/10/2014 13:16:34]
AdwCleaner[S1].txt - [1536 octets] - [28/10/2014 18:36:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1596 octets] ##########
 
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader XI (11.0.09)
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AnyCleaner
Apple Mobile Device Support
Apple Software Update
Baidu Antivirus
BlackBerry Desktop Software 7.1
BlackBerry Desktop Software 7.1
BlackBerry Link
BlackBerry Link
CCleaner
FormatFactory 3.3.1.0
Google Chrome
Google Update Helper
HiJackThis
HUAWEI FMC UnLock
iBrowse
iFunbox (v2.7.2386.747), iFunbox DevTeam
Internet Download Manager
iTunes
Java 7 Update 71
K-Lite Codec Pack 10.6.5 Full
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 32.0.3 (x86 ar)
Mp3tag v2.65
MSVC90_x86
MySQL Server 5.5
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
PC Connectivity Solution
PDF Settings
PhoneClean 3.4.0
Realtek High Definition Audio Driver
Samsung Kies
Samsung Kies
Samsung Kies3
Samsung Kies3
Samsung Story Album Viewer
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2931365)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972215)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2894842v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition
WinRAR 5.00 (32-بت)
WinSoftMEsti
حزمة اللغة العربية لـ Microsoft .NET Framework 4
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 4.7)
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 7.01.0.9)
حزمة برامج تشغيل Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
دعم تطبيق Apple
 
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التقرير الاخير
وكذا انتهيت من طلباتك

و في انتظار الحل

الله يوفقك
 
توقيع : White Man
هذي صورة للمشكله مع فتح صفحات جديدة

NExgMi.png
 
توقيع : White Man
تم حذف جميع اللي طلبت

بس هذا ما حصلته

WinSoftMEsti

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


هذا التقرير

طريقة التصفير كيف بس أهم شي ما تضيع معلومات
 
الحين أتوقع الجهاز مافيه برنامج حماية ممكن برنامج حماية
 
صفرة المتصفح و باقي المشكله
 
king_3sool قال:
صفرة المتصفح و باقي المشكله
أنقر للتوسيع...
حمل أداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
اخى , قم بتشغيلها كمسئول واكتب الامر

createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b

ضع علامة امام Scan all users ثم اضغط Run Script

وبعد ذلك قم بعمل فحص بـ
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
>> اضغط Scan وبعد الانتهاء اضغط Clean

ولا تنس ارفاق التقارير
 
توقيع : White Man
Zoek.exe v5.0.0.0 Updated 29-10-2014
Tool run by NASSER on Thu 10/30/2014 at 14:32:12.35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\NASSER\Downloads\Programs\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 14:34:25.22 =====

--- Create Environment Variables 14:34:26.80
--- Create System Restore Point 14:34:34.43
--- Checking Input 14:34:53.50
--- AU AppData Check 14:35:02.12
--- Remove From Windows Installer 14:35:08.61
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2014
Ran by NASSER at 2014-10-30 14:38:15
Running from C:\Users\NASSER\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_f6203f42fc049f762bd88baa6920a29) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Link (HKLM\...\BlackBerry_10_Desktop) (Version: 1.1.0.37 - Research In Motion Ltd.)
BlackBerry Link (Version: 1.1.0.37 - Research In Motion Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
FormatFactory 3.3.1.0 (HKLM\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc‎.‎)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
HUAWEI FMC UnLock (HKLM\...\{1F8C3E2C-7829-4EB8-92A7-6F8151F61763}) (Version: 1.00.0000 - Huawei technologies)
iCloud (HKLM\...\{8D9592B4-7E22-4D1F-B2CB-B5F0F2F619CB}) (Version: 4.0.3.56 - Apple Inc.)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.7.2386.747 - )
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
K-Lite Codec Pack 10.6.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 ar) (HKLM\...\Mozilla Firefox 32.0.3 (x86 ar)) (Version: 32.0.3 - Mozilla)
Mp3tag v2.65 (HKLM\...\Mp3tag) (Version: v2.65 - Florian Heidenreich)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MySQL Server 5.5 (HKLM\...\{20381839-62AB-4689-8FF2-24C4C3E18B08}) (Version: 5.5.23 - Oracle Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PhoneClean 3.4.0 (HKLM\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.4.0 - iMobie Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.17.5 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WavePad Sound Editor (HKLM\...\WavePad) (Version: 5.96 - NCH Software)
WinRAR 5.00 (32-بت) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinSoftMEsti (Version: 0.1 - Adobe Systems Incorporated) Hidden
حزمة اللغة العربية لـ Microsoft .NET Framework 4 (HKLM\...\Microsoft .NET Framework 4 Client Profile ARA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
حزمة برامج تشغيل Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
دعم تطبيق Apple (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4238018866-1968395549-2816781118-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

18-10-2014 22:34:30 Removed Bonjour
18-10-2014 22:41:12 ‏‏تم إزالة PC Connectivity Solution
18-10-2014 22:42:08 Removed MySQL Server 5.5
18-10-2014 22:52:37 Installed Java 7 Update 71
28-10-2014 10:49:34 Removed QuickTime 7
28-10-2014 15:17:09 نقطة تفتيش من قبل قاتل المحترف
28-10-2014 15:19:14 نقطة تفتيش من قبل قاتل المحترف
28-10-2014 15:45:44 Installed HiJackThis
28-10-2014 16:11:10 Removed HiJackThis
30-10-2014 11:34:35 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0517AFDA-4421-4B15-B926-43A9654840BD} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {13D5D833-1416-4BCD-A861-8B6BD20F8212} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
Task: {1B005D5E-BEFF-47D0-9DA6-F248EFC465BC} - System32\Tasks\5FOFD9B73D6C-2CRMOI6 => C:\Users\NASSER\AppData\Roaming\ARHome\Updater.exe
Task: {26D66707-BEC1-429C-A8F5-25E430120E46} - System32\Tasks\keepup => C:\Users\NASSER\AppData\Roaming\miaul\RJFC.exe [2014-10-20] ()
Task: {3B66BB94-04B4-4D26-95FC-EBA7F1F551D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)
Task: {5130DC2A-029F-49AA-9928-F31D5409647D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5DF84143-8C84-4806-BB11-47F9EC92A9F1} - System32\Tasks\4CEFD9B73D6C-1CRMOI2 => C:\Users\NASSER\AppData\Roaming\ARHome\Updater.exe
Task: {7F02064B-E328-42EF-A1BF-9A77E58EFB83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9AE071CD-EC49-48B3-B26E-469065C2CC2F} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {C2FA439F-70A9-43BE-8712-C55D5313BC2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-07] (Adobe Systems Incorporated)
Task: {D47DCAF0-0F24-4993-9B88-F45BF9204CA9} - System32\Tasks\Java Update => C:\Program Files\Java\Java.exe [2014-10-03] ()
Task: {E3104DA6-4811-4CA2-9391-9579E470915B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {EC4E9ECC-8327-445D-A795-6B64F8972AC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-30 10:49 - 2012-03-30 10:49 - 08174080 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
2012-06-26 13:11 - 2012-06-26 13:11 - 02302040 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 08197208 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00345688 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00202328 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00027736 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00282200 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
2014-10-14 01:49 - 2014-10-14 01:49 - 01967616 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\39659843ad86aa46d0a4f047de2eda73\Kies.UI.ni.dll
2014-10-14 01:49 - 2014-10-14 01:49 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\095a2dfe20c265228fa511b6a12101ec\Kies.MVVM.ni.dll
2014-10-14 01:49 - 2014-10-14 01:49 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ae8ad480c97e815b01458428b002a9ac\Kies.Common.DeviceServiceLib.Interface.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00363008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\a6a0ec1c790a9d57c083d6754e976b0c\DevicePhoto.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00296960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\05dd922770840e53b85a2aac14d10502\DeviceVideo.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00613376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\690acb4c784b03fc62530011796e6452\DevicePodcast.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\360ee18a6d6fd729279591938f92c222\DummyStorePlugin.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 14994944 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\1c98d11ed18e91a3b82e57581acfd112\Kies.Theme.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00583168 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0d489fe82997cd619b6f0570b53ccf28\Kies.Common.DeviceServiceLib.FileService.ni.dll
2014-10-14 01:49 - 2014-10-14 01:49 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\868fe4716b7ae98e0f55c2582c401761\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 01004544 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\f61f520413930845ed68d9ac3b62b90a\DeviceCommonLib.ni.dll
2014-10-14 01:50 - 2014-10-14 01:50 - 00232448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\d947af9bc319cf523a3cc639aafd7e0e\ASF_cSharpAPI.ni.dll
2014-10-28 19:06 - 2014-10-28 19:06 - 00043008 _____ () c:\users\nasser\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwy9j6o.dll
2013-08-23 22:01 - 2013-08-23 22:01 - 25100288 _____ () C:\Users\NASSER\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-07 10:47 - 2014-09-23 07:06 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-10-07 10:47 - 2014-09-23 07:06 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-10-07 10:47 - 2014-09-23 07:07 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-10-07 10:47 - 2014-09-23 07:07 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-10-07 10:47 - 2014-09-23 07:06 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-19 16:46 - 2014-10-07 11:50 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-09-13 15:53 - 2014-09-13 15:53 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-10-30 14:31 - 2014-10-30 14:31 - 01292800 _____ () C:\Users\NASSER\Downloads\Programs\zoek.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4238018866-1968395549-2816781118-500 - Administrator - Disabled)
Guest (S-1-5-21-4238018866-1968395549-2816781118-501 - Limited - Disabled)
NASSER (S-1-5-21-4238018866-1968395549-2816781118-1000 - Administrator - Enabled) => C:\Users\NASSER

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/30/2014 02:34:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Protect.

System Error:
‏‏يتعذر على النظام العثور على الملف المحدد.
.

Error: (10/30/2014 02:34:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Hook Base.

System Error:
‏‏يتعذر على النظام العثور على الملف المحدد.
.

Error: (10/30/2014 02:34:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu FS Monitor Driver.

System Error:
‏‏يتعذر على النظام العثور على الملف المحدد.
.

Error: (10/30/2014 02:34:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Antivirus Minifilter Driver.

System Error:
‏‏يتعذر على النظام العثور على الملف المحدد.
.

Error: (10/30/2014 02:31:05 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.1026 - حدث فشل أثناء تهيئة البنية الأساسية لإرفاق API الخاص بإنشاء ملفات التعريف. لن تسمح هذه العملية بإرفاق منشئ ملفات التعريف. HRESULT: 0x80004005. معرف العملية (عشري): 6124. معرف الرسالة: [0x2509].

Error: (10/28/2014 08:02:14 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136

Error: (10/28/2014 08:02:14 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136

Error: (10/28/2014 08:02:14 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/28/2014 08:02:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136

Error: (10/28/2014 08:02:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136


System errors:
=============
Error: (10/28/2014 07:04:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ‏‏فشل تحميل برنامج التشغيل التالي الخاص ببدء تشغيل النظام أو تمهيد للتشغيل:
amdkmafd

Error: (10/28/2014 06:37:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ‏‏فشل تحميل برنامج التشغيل التالي الخاص ببدء تشغيل النظام أو تمهيد للتشغيل:
amdkmafd

Error: (10/28/2014 06:29:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: ‏‏تم إنهاء خدمة HitmanPro 3.7 Crusader (Boot) بسبب الخطأ الخاص بالخدمة %%0.

Error: (10/28/2014 06:28:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ‏‏فشل تحميل برنامج التشغيل التالي الخاص ببدء تشغيل النظام أو تمهيد للتشغيل:
amdkmafd

Error: (10/28/2014 01:19:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: ‏‏فشل بدء تشغيل الخدمة Windows Search بسبب الخطأ التالي:
%%1053

Error: (10/28/2014 01:19:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: ‏‏تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة Windows Search.

Error: (10/28/2014 01:19:37 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/28/2014 01:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ‏‏تم إنهاء الخدمة Windows Search بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 30000 مللي ثانية: أعد تشغيل الخدمة.

Error: (10/28/2014 01:19:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: ‏‏تم إنهاء خدمة Windows Search بسبب الخطأ الخاص بالخدمة %%-1073473535.

Error: (10/28/2014 01:18:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ‏‏فشل تحميل برنامج التشغيل التالي الخاص ببدء تشغيل النظام أو تمهيد للتشغيل:
amdkmafd


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 51%
Total physical RAM: 3000.84 MB
Available physical RAM: 1455.98 MB
Total Pagefile: 5999.96 MB
Available Pagefile: 4008.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1874.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:199.38 GB) (Free:26.69 GB) NTFS
Drive d: () (Fixed) (Total:98.6 GB) (Free:83.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C94AC94A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98.6 GB) - (Type=OF Extended)

==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014
Ran by NASSER (administrator) on NASSER-PC on 30-10-2014 14:36:49
Running from C:\Users\NASSER\Downloads\Programs
Loaded Profile: NASSER (Available profiles: NASSER)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: العربية (السعودية)‏
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Apple Inc.) C:\Program Files\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(BitTorrent Inc.) C:\Users\NASSER\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Dropbox, Inc.) C:\Users\NASSER\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
() C:\Users\NASSER\Downloads\Programs\zoek.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2217256 2013-09-07] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12013272 2013-11-10] (Realtek Semiconductor)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [RIM PeerManager] => C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4265472 2013-04-26] (Research In Motion Limited)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3821136 2013-12-16] (Tonec Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [uTorrent] => C:\Users\NASSER\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-25] (BitTorrent Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [GoogleChromeAutoLaunch_B58F6E141947A1D149EF147DFA4CCB1B] => C:\Program Files\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\MountPoints2: {04be3fae-1753-11e3-ac73-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\MountPoints2: {81345613-91ce-11e3-9013-0280486f8601} - F:\AutoRun.exe
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\MountPoints2: {8134561e-91ce-11e3-9013-0280486f8601} - F:\AutoRun.exe
HKU\S-1-5-21-4238018866-1968395549-2816781118-1000\...\MountPoints2: {81345633-91ce-11e3-9013-0280486f8601} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-09-08] (Microsoft Corporation)
Startup: C:\Users\NASSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\NASSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8F203EB941B6CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ar-SA
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\NASSER\AppData\Roaming\Mozilla\Firefox\Profiles\yi5c6eqa.default-1414513394811
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Extension: Super Block Ads - C:\Program Files\Mozilla Firefox\distribution\bundles\addon@Vonteera.com [2014-10-25]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NASSER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\NASSER\AppData\Roaming\IDM\idmmzcc5 [2013-12-18]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NASSER\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

CHR StartupUrls: Default -> "hxxp://
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
", "hxxp://
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
CHR Profile: C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22]
CHR Extension: (Highlight to Search) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\floipahigmmkfhkoapmnijnlnboniglg [2014-10-13]
CHR Extension: (IDM Integration Module) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-12-28]
CHR Extension: (Google Play) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-04-22]
CHR Extension: (Google Mail Checker) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
CHR Extension: (Gmail) - C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-12-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-11-10] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-10-19] (Macrovision Europe Ltd.) [File not signed]
R2 Mysql; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8916 2013-11-03] () [File not signed]
R2 RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-04-26] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1235456 2013-04-26] (Research In Motion Limited) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [15968 2013-09-07] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [23720 2013-09-07] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3211264 2013-11-10] (Qualcomm Atheros Communications, Inc.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [174936 2013-11-10] (Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [144600 2013-11-10] (Broadcom Corporation.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-10-28] ()
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6.sys [14336 2013-04-26] (Research in Motion Limited)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27888 2013-09-07] (Synaptics Incorporated)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 14:35 - 2014-10-30 14:36 - 00000000 ____D () C:\FRST
2014-10-30 14:34 - 2014-10-30 14:34 - 00000419 _____ () C:\zoek-results.log
2014-10-30 14:32 - 2014-10-30 14:37 - 00000619 _____ () C:\runcheck.txt
2014-10-30 14:32 - 2014-10-30 14:32 - 00000000 ____D () C:\zoek_backup
2014-10-28 19:23 - 2014-10-28 19:23 - 00000000 ____D () C:\Users\NASSER\Desktop\بيانات Firefox القديمة
2014-10-28 19:13 - 2014-10-28 19:13 - 00164097 _____ () C:\Users\NASSER\Desktop\runscanner.run
2014-10-28 19:13 - 2014-10-28 19:13 - 00161094 _____ () C:\Users\NASSER\Desktop\التقارير.rar
2014-10-28 19:09 - 2014-10-28 19:09 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Baidu
2014-10-28 18:37 - 2014-10-28 19:09 - 00000000 ____D () C:\ProgramData\Baidu
2014-10-28 18:37 - 2014-10-28 18:37 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2014-10-28 18:26 - 2014-10-28 18:26 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-28 18:19 - 2014-10-28 18:19 - 00000338 _____ () C:\Windows\system32\.crusader
2014-10-28 18:03 - 2014-10-28 18:20 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-28 14:26 - 2014-10-28 14:26 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-10-28 14:15 - 2014-10-28 17:59 - 00000000 ____D () C:\Users\NASSER\Doctor Web
2014-10-28 13:44 - 2014-10-28 13:44 - 00002328 _____ () C:\Windows\patsearch.bin
2014-10-28 13:44 - 2014-10-28 13:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-10-28 13:39 - 2014-10-28 13:39 - 01998336 _____ () C:\Users\NASSER\Downloads\adwcleaner_4.002.exe
2014-10-28 13:18 - 2014-10-28 19:04 - 00072666 _____ () C:\Windows\PFRO.log
2014-10-28 13:18 - 2014-10-28 19:04 - 00000372 _____ () C:\Windows\setupact.log
2014-10-28 13:18 - 2014-10-28 13:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-28 13:12 - 2014-10-28 18:36 - 00000000 ____D () C:\AdwCleaner
2014-10-27 20:20 - 2014-10-27 20:43 - 00000000 ____D () C:\Users\NASSER\Desktop\10
2014-10-25 04:22 - 2014-10-25 04:22 - 00000240 _____ () C:\Users\NASSER\AppData\Local\563ipR.vbs
2014-10-19 01:55 - 2014-10-19 01:55 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-19 01:54 - 2014-10-19 01:54 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-19 01:54 - 2014-10-19 01:54 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-19 01:54 - 2014-10-19 01:54 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-19 01:54 - 2014-10-19 01:54 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-19 01:54 - 2014-10-19 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-19 00:40 - 2014-10-19 00:40 - 00000901 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-10-19 00:40 - 2014-10-19 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-10-19 00:13 - 2014-10-19 00:13 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-19 00:13 - 2014-10-19 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-19 00:11 - 2014-10-19 00:13 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-10-19 00:11 - 2014-10-19 00:13 - 00000000 ____D () C:\Program Files\iTunes
2014-10-19 00:11 - 2014-10-19 00:11 - 00000000 ____D () C:\Program Files\iPod
2014-10-14 01:22 - 2014-10-14 01:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-14 01:22 - 2014-10-14 01:22 - 00001949 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-14 01:09 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 01:09 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 01:09 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 01:09 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 01:09 - 2014-08-19 00:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 01:09 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 01:09 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 01:09 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 01:09 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 01:09 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 01:09 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 01:09 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 01:09 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 01:09 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 01:09 - 2014-08-19 00:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 01:09 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 01:09 - 2014-08-19 00:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 01:09 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 01:09 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 01:09 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 01:09 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 01:09 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 01:09 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 01:09 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 01:09 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 01:09 - 2014-08-19 00:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 01:09 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 01:09 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 01:09 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 01:09 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 00:58 - 2014-07-01 01:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-14 00:58 - 2014-06-06 09:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-14 00:58 - 2014-03-10 00:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-14 00:58 - 2014-03-10 00:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-14 00:42 - 2014-07-07 04:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-14 00:42 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-14 00:38 - 2014-08-23 04:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-14 00:38 - 2014-08-23 03:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 00:38 - 2014-06-03 12:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-14 00:38 - 2014-06-03 12:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 00:38 - 2014-06-03 12:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-14 00:38 - 2014-06-03 12:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-14 00:27 - 2014-06-16 04:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-14 00:27 - 2014-06-16 04:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-10-14 00:27 - 2014-06-16 04:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-14 00:20 - 2014-07-14 04:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-14 00:09 - 2014-05-14 19:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-14 00:09 - 2014-05-14 19:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-14 00:09 - 2014-05-14 19:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-14 00:09 - 2014-05-14 19:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-14 00:09 - 2014-05-14 19:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-14 00:09 - 2014-05-14 19:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-14 00:09 - 2014-05-14 19:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-14 00:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-14 00:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-13 01:18 - 2014-10-13 01:18 - 00005715 _____ () C:\Users\NASSER\Desktop\Readme.txt
2014-10-12 00:34 - 2014-10-12 00:37 - 00000716 _____ () C:\Users\NASSER\Desktop\1436.txt
2014-10-09 12:35 - 2014-10-25 04:22 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\miaul
2014-10-09 11:47 - 2014-10-09 13:04 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Audacity
2014-10-09 11:37 - 2014-10-09 11:37 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2014-10-09 11:37 - 2014-10-09 11:37 - 00001052 _____ () C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2014-10-09 11:37 - 2014-10-09 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-07 13:29 - 2014-10-28 19:06 - 00000000 ___RD () C:\Users\NASSER\iCloudDrive
2014-10-07 13:29 - 2014-10-07 13:29 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-10-07 13:29 - 2014-10-07 13:29 - 00000000 ____D () C:\Users\NASSER\AppData\Local\Apple Inc
2014-10-07 13:22 - 2014-10-12 00:11 - 00000000 ____D () C:\Program Files\360
2014-10-07 12:11 - 2014-10-19 01:01 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Mp3tag
2014-10-07 12:11 - 2014-10-19 00:40 - 00000000 ____D () C:\Program Files\Mp3tag
2014-10-07 11:54 - 2014-10-07 11:54 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\dBpoweramp
2014-10-07 11:52 - 2014-10-07 11:52 - 05199808 _____ () C:\Windows\system32\SpoonUninstall.exe
2014-10-07 11:51 - 2014-10-07 11:51 - 25782208 _____ () C:\Users\NASSER\Downloads\dMC-R15.1-Ref-Trial.exe
2014-10-07 11:50 - 2014-10-07 11:50 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\SPK
2014-10-07 11:50 - 2014-10-07 11:50 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Fixs
2014-10-07 10:54 - 2014-10-07 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 14:36 - 2013-09-19 12:18 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 14:36 - 2013-09-19 12:17 - 00000830 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 14:36 - 2013-09-19 12:17 - 00000826 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 14:35 - 2013-09-11 04:47 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\uTorrent
2014-10-30 14:30 - 2013-09-09 01:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-30 14:30 - 2013-09-07 03:21 - 02072951 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 19:14 - 2009-07-14 07:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 19:14 - 2009-07-14 07:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 19:10 - 2013-09-07 03:36 - 02146070 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-28 19:07 - 2013-09-09 00:04 - 00000000 ___RD () C:\Users\NASSER\Dropbox
2014-10-28 19:07 - 2013-09-09 00:00 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Dropbox
2014-10-28 19:04 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 19:02 - 2014-06-24 14:48 - 00000000 ____D () C:\Program Files\iBrowse
2014-10-28 19:02 - 2013-09-07 03:34 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\DMCache
2014-10-28 18:45 - 2013-09-07 03:34 - 00000000 ____D () C:\Users\NASSER\Downloads\Compressed
2014-10-28 18:36 - 2013-09-07 03:25 - 00000000 ____D () C:\Users\NASSER
2014-10-28 18:30 - 2009-07-14 07:33 - 01888920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 18:06 - 2013-09-07 05:31 - 00185128 _____ () C:\Users\NASSER\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 13:49 - 2014-09-19 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 13:12 - 2013-09-07 03:34 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\IDM
2014-10-25 08:18 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-10-25 04:22 - 2014-03-19 05:23 - 00004744 __RSH () C:\ProgramData\ntuser.pol
2014-10-19 01:55 - 2013-09-19 08:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 01:54 - 2013-09-19 08:33 - 00000000 ____D () C:\Program Files\Java
2014-10-19 01:38 - 2013-09-07 05:42 - 00000000 ____D () C:\Program Files\MyFree Codec
2014-10-19 01:36 - 2013-09-07 05:24 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-10-19 01:35 - 2013-09-07 05:27 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-19 00:11 - 2014-09-13 15:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-10-19 00:11 - 2013-09-07 05:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-14 05:05 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-14 01:23 - 2013-10-19 11:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-14 01:22 - 2013-10-19 11:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-14 01:22 - 2013-10-19 11:34 - 00000000 ____D () C:\Program Files\Adobe
2014-10-14 01:12 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-14 01:05 - 2013-09-07 04:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-13 04:33 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-13 02:40 - 2014-01-29 23:36 - 00000000 ____D () C:\Users\NASSER\Downloads\ip
2014-10-13 02:07 - 2013-09-07 03:34 - 00000000 ____D () C:\Users\NASSER\Downloads\Video
2014-10-13 01:38 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\iFunbox_UserCache
2014-10-13 01:18 - 2013-09-07 05:24 - 07446008 _____ (深圳创想天空科技有限公司) C:\Users\NASSER\Desktop\iTools.exe
2014-10-07 13:39 - 2013-09-09 01:58 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Adobe
2014-10-07 13:30 - 2013-09-07 06:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-07 13:29 - 2014-02-10 00:01 - 00000000 ____D () C:\Users\NASSER\AppData\Local\8A417C1C-21F4-4E29-8566-7F6D9CE46689.aplzod
2014-10-07 13:29 - 2013-09-07 05:30 - 00000000 ____D () C:\Users\NASSER\AppData\Roaming\Apple Computer
2014-10-07 10:53 - 2013-09-09 01:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-07 10:53 - 2013-09-09 01:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\NASSER\AppData\Local\Temp\7za.exe
C:\Users\NASSER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwy9j6o.dll
C:\Users\NASSER\AppData\Local\Temp\hijackthis.exe
C:\Users\NASSER\AppData\Local\Temp\NirCmd.exe
C:\Users\NASSER\AppData\Local\Temp\PEVZ.EXE
C:\Users\NASSER\AppData\Local\Temp\remove.exe
C:\Users\NASSER\AppData\Local\Temp\sed.exe
C:\Users\NASSER\AppData\Local\Temp\shortcut.exe
C:\Users\NASSER\AppData\Local\Temp\swreg.exe
C:\Users\NASSER\AppData\Local\Temp\swxcacls.exe
C:\Users\NASSER\AppData\Local\Temp\wget.exe
C:\Users\NASSER\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-28 13:04

==================== End Of Log ============================
 
Zoek.exe v5.0.0.0 Updated 29-10-2014
Tool run by NASSER on Thu 10/30/2014 at 14:32:12.35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\NASSER\Downloads\Programs\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30/10/14 02:34:51 م Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\Users\NASSER\.android deleted
C:\Program Files\MyFree Codec deleted
C:\Users\NASSER\AppData\Roaming\Baidu deleted
C:\PROGRA~2\Baidu deleted
C:\Users\NASSER\AppData\Local\563ipR.vbs deleted
C:\Users\NASSER\AppData\Local\cache deleted
C:\Users\NASSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\Windows\system32\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\Windows\system32\tasks\Baidu PC Faster Update deleted
C:\Windows\system32\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
"C:\Users\NASSER\AppData\Roaming\SPK\SPK.exe" deleted
"C:\Users\NASSER\AppData\Roaming\miaul\RJFC.exe" deleted
"C:\Program Files\Internet Download Manager\IDMan.exe" deleted
"C:\Program Files\Internet Download Manager\idmftype.dll" deleted
"C:\Program Files\Internet Download Manager\idmindex.dll" deleted
"C:\Program Files\Internet Download Manager\idmmkb.dll" deleted
"C:\Program Files\Internet Download Manager\IDMNetMon.dll" deleted
"C:\Program Files\Internet Download Manager\IDMShellExt.dll" deleted
"C:\Program Files\Internet Download Manager\IEMonitor.exe" deleted
"C:\Users\NASSER\AppData\Roaming\SPK" deleted
"C:\Users\NASSER\AppData\Roaming\miaul" deleted
"C:\Program Files\Internet Download Manager" not deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\NASSER\AppData\Roaming\IDM\idmmzcc5" [12/18/2013 01:14 AM]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\NASSER\AppData\Roaming\Mozilla\Firefox\Profiles\yi5c6eqa.default-1414513394811
40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
54740489C66AFC8B78CF9A2893A5DA63 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
4434D2F33401E780FA13CF7DC8E31471 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files\Internet Download Manager\IDMGCExt.crx[]

IDM Integration Module - NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Google Play - NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi

==== Chromium Fix ======================

C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4238018866-1968395549-2816781118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-4238018866-1968395549-2816781118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

==== Empty IE Cache ======================

C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUDU8JDD will be deleted at reboot
C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZMZ0LD will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\NASSER\AppData\Local\Mozilla\Firefox\Profiles\yi5c6eqa.default-1414513394811\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=579 folders=41 21972166 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\NASSER\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\NASSER\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\Internet Download Manager" not found
"C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUDU8JDD" not found
"C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZMZ0LD" not found

==== EOF on Thu 10/30/2014 at 14:57:10.73 ======================
 
king_3sool قال:
Zoek.exe v5.0.0.0 Updated 29-10-2014
Tool run by NASSER on Thu 10/30/2014 at 14:32:12.35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\NASSER\Downloads\Programs\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30/10/14 02:34:51 م Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\Users\NASSER\.android deleted
C:\Program Files\MyFree Codec deleted
C:\Users\NASSER\AppData\Roaming\Baidu deleted
C:\PROGRA~2\Baidu deleted
C:\Users\NASSER\AppData\Local\563ipR.vbs deleted
C:\Users\NASSER\AppData\Local\cache deleted
C:\Users\NASSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\Windows\system32\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\Windows\system32\tasks\Baidu PC Faster Update deleted
C:\Windows\system32\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
"C:\Users\NASSER\AppData\Roaming\SPK\SPK.exe" deleted
"C:\Users\NASSER\AppData\Roaming\miaul\RJFC.exe" deleted
"C:\Program Files\Internet Download Manager\IDMan.exe" deleted
"C:\Program Files\Internet Download Manager\idmftype.dll" deleted
"C:\Program Files\Internet Download Manager\idmindex.dll" deleted
"C:\Program Files\Internet Download Manager\idmmkb.dll" deleted
"C:\Program Files\Internet Download Manager\IDMNetMon.dll" deleted
"C:\Program Files\Internet Download Manager\IDMShellExt.dll" deleted
"C:\Program Files\Internet Download Manager\IEMonitor.exe" deleted
"C:\Users\NASSER\AppData\Roaming\SPK" deleted
"C:\Users\NASSER\AppData\Roaming\miaul" deleted
"C:\Program Files\Internet Download Manager" not deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\NASSER\AppData\Roaming\IDM\idmmzcc5" [12/18/2013 01:14 AM]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\NASSER\AppData\Roaming\Mozilla\Firefox\Profiles\yi5c6eqa.default-1414513394811
40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
54740489C66AFC8B78CF9A2893A5DA63 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
4434D2F33401E780FA13CF7DC8E31471 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files\Internet Download Manager\IDMGCExt.crx[]

IDM Integration Module - NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Google Play - NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi

==== Chromium Fix ======================

C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4238018866-1968395549-2816781118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-4238018866-1968395549-2816781118-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

==== Empty IE Cache ======================

C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUDU8JDD will be deleted at reboot
C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZMZ0LD will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\NASSER\AppData\Local\Mozilla\Firefox\Profiles\yi5c6eqa.default-1414513394811\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\NASSER\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=579 folders=41 21972166 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\NASSER\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\NASSER\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\Internet Download Manager" not found
"C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUDU8JDD" not found
"C:\Users\NASSER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZMZ0LD" not found

==== EOF on Thu 10/30/2014 at 14:57:10.73 ======================
أنقر للتوسيع...
ما هى الاخبار ؟
 
توقيع : White Man
توقيع : White Man
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى