تم حل المشكلة مشكلة ظهور الإعلانات في المتصفح (التقرير) مرفق في الموضوع

[عطوف]

تقرير بأداة
? أداة getsysteminfo ??
رابط ملف التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

تقرير بأداة
? تقرير الهايجاك ?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:43:18 ص, on 17/02/15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SmartPCFixer\SmartPCFixer.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: مساعد

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Speed Video Splitter\msdxm.ocx
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

" /build:7601 (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 9960 bytes

......................................

 

[Atatrah]

استخدم اضافة منع الاعلانات

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عطوف]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شكرا لك

قمت بتنصيبه وإعادة التشغيل فعلا حجب الإعلانات

أن شاء الله يكون كذا على طول وفي حالة وجود اي تغيير اوافيكم به

شكرا

 

[White Man]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شكرا لك

قمت بتنصيبه وإعادة التشغيل فعلا حجب الإعلانات

أن شاء الله يكون كذا على طول وفي حالة وجود اي تغيير اوافيكم به

شكرا

هل هناك استفسارات أخرى أخى ؟

 

[عطوف]

عادة الإعلانات كما كانت

ماهي المشكلة

جزاكم الله خير

 

[Atatrah]

اذا كنت مثبت adblock على متصفحك المفروض ان لا يكون هناك اعلانات
هل هذه الاعلانات تظهر على نفس المتصفح المثبت عليه adblock ?

 

[عطوف]

نعم على نفس المتصفح

مع إن البرنامج يوضح انه مقفل اعلانات وحاجزها

شوف الصوره

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[White Man]

عادة الإعلانات كما كانت

ماهي المشكلة

جزاكم الله خيرمشاهدة المرفق 77157مشاهدة المرفق 77158

طيب .. جرب تطبيق الخطوات بالموضوع التالى واخبرنا بالنتيجة اخى ولا تنس ارفاق التقارير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد ذلك قم بعمل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عطوف]

تم عمل كل ما سبق

(( ولكن مازالت الإعلانات تظهر ))


تقرير أداة RKILL

Rkill 2.7.0 by Lawrence Abrams (Grinler)

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Program started at: 02/22/2015 02:56:56 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 systweak.com
127.0.0.1 updateservice1.systweak.com
127.0.0.1

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

127.0.0.1 systemspeedup.systweak.com
127.0.0.1 systweak.com/STCheckGenuineness

Program finished at: 02/22/2015 02:57:46 AM
Execution time: 0 hours(s), 0 minute(s), and 49 seconds(s)


++++++++++++++++++++++++++++++++++++++++
تقرير ـ ماالوير باايتس
Malwarebytes Anti-Malware

Malwarebytes Anti-Malware

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Scan Date: 03/05/36
Scan Time: 03:03:44 ص
Logfile: 11111.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.21.10
Rootkit Database: v2015.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: PC i7

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 896413
Time Elapsed: 5 hr, 33 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.UniversalUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UniversalUpdater, Quarantined, [03b4e33dd2b8d462a5c1791c56ad20e0],
PUP.Optional.Alnaddy.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALNADDY.COM\alnaddyToolbar, Quarantined, [66518d93acdef44243bac40c7a897f81],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [595ea17faae0c175f516f6ebaf5406fa],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [fcbb120ea2e8ae889a5230c69c68ae52],

Registry Values: 7
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1071-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, Quarantined, [b403e23e0d7d01354af5f31573907b85],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1071-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ?????????ç??????? ???, Quarantined, [b403e23e0d7d01354af5f31573907b85]
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1072-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ?????????ç??????? ???, Quarantined, [b403e23e0d7d01354af5f31573907b85]
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1073-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ?????????ç??????? ???, Quarantined, [b403e23e0d7d01354af5f31573907b85]
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1072-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, Quarantined, [7c3b8a9622681a1c4df235d38d76a45c],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1073-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, Quarantined, [9a1dc35d2664e55166d9e6220ff47c84],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3402252242-812742155-1843706100-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, Quarantined, [fcbb120ea2e8ae889a5230c69c68ae52]

Registry Data: 0
(No malicious items detected)

Folders: 8
PUP.Optional.SoftwareUpdater.A, C:\Program Files\SoftwareUpdater, Quarantined, [5a5d7ba56d1d67cf1a162d76e122ce32],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [b30451cf91f950e6bc1fd998b94a867a],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin\classic, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],

Files: 32
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll, Quarantined, [6a4dc55b6b1f76c0ce4c287e22e0f709],
Trojan.MSIL.Injector.Gen, E:\??U??²U?U??§??1\Internet Explorer 10.rar, Quarantined, [298e4ad64c3e89ad431de9f62cd5cf31],
CrackTool.Agent, E:\??U??²U?U??§??1\Wondershare MobileGo for Android 4.2.0.zip, Quarantined, [8a2d77a95f2b2c0acf85d672d22f6f91],
PUP.Optional.WebsSearches.A, C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal, Quarantined, [605744dccac03ff7acd5821817ecfb05],
PUP.Optional.Spigot.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\searchplugins\yahoo_ff.xml, Quarantined, [4572ff21b5d5d1650917722b2dd6669a],
PUP.Optional.SoftwareUpdater.A, C:\Program Files\SoftwareUpdater\translations.xml, Quarantined, [5a5d7ba56d1d67cf1a162d76e122ce32],
PUP.Optional.SoftwareUpdater.A, C:\Program Files\SoftwareUpdater\AppsUpd4ter.exe.config, Quarantined, [5a5d7ba56d1d67cf1a162d76e122ce32],
PUP.Optional.SoftwareUpdater.A, C:\Program Files\SoftwareUpdater\config.xml, Quarantined, [5a5d7ba56d1d67cf1a162d76e122ce32],
PUP.Optional.SoftwareUpdater.A, C:\Program Files\SoftwareUpdater\Interop.Shell32.dll, Quarantined, [5a5d7ba56d1d67cf1a162d76e122ce32],
PUP.Optional.Linkey, C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Browse and Search the Internet.lnk, Quarantined, [3582a47cc3c71224119a288cb94af40c],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\be2740b1-9ba4-40d2-9e84-7451ab772ae1-11, Quarantined, [358277a9dcae75c1191ededc0af9a759],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\be2740b1-9ba4-40d2-9e84-7451ab772ae1-11.job, Quarantined, [26916cb41e6c8fa7a2a6b46351b4b24e],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome.manifest, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\install.rdf, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\aff.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\jquery-1.8.3.min.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\mo.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\overlay.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\overlay.xul, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\popup.html, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\popup.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\tools.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\content\tr.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin\classic\button.png, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin\classic\icon.png, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin\classic\main.css, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\chrome\skin\classic\overlay.css, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules\AddonInfo.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules\FileCacher.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules\PrefMan.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules\TimePassed.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],
PUP.Optional.BetterFoxFinder.A, C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}\modules\XCipher.js, Quarantined, [e3d443dd06842f07f0e7523f6f946d93],

Physical Sectors: 0
(No malicious items detected)


(end)

++++++++++++++++

تقرير اداة Adware Cleaner

# AdwCleaner v4.111 - Logfile created 22/02/2015 at 10:16:44
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : PC i7 - ATOOOF-I7
# Running from : C:\Users\PC i7\Downloads\اداة Adware Cleaner\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : Isis

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Folder Deleted : C:\Program Files\snipsmart
Folder Deleted : C:\Program Files\FileViewPro
Folder Deleted : C:\Program Files\Dll-Files.com Fixer
Folder Deleted : C:\Users\PC i7\AppData\Local\CrashRpt
Folder Deleted : C:\Users\PC i7\AppData\Local\FileViewPro
Folder Deleted : C:\Users\PC i7\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\PC i7\AppData\LocalLow\App Lid
Folder Deleted : C:\Users\PC i7\AppData\Roaming\baidu
Folder Deleted : C:\Users\PC i7\AppData\Roaming\RHEng
Folder Deleted : C:\Users\PC i7\AppData\Roaming\dll-files.com
Folder Deleted : C:\Users\PC i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
File Deleted : C:\Users\Public\Desktop\Dll-Files Fixer.lnk
File Deleted : C:\Users\fbwuser6463\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
File Deleted : C:\Users\fbwuser6463\Desktop\Hao123.lnk
File Deleted : C:\Users\fbwuser69FA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
File Deleted : C:\Users\fbwuser69FA\Desktop\Hao123.lnk
File Deleted : C:\Users\fbwuserA8AC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk
File Deleted : C:\Users\fbwuserA8AC\Desktop\Hao123.lnk
File Deleted : C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\user.js
File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ilhhefepljbmehhbmjcflhcchkddfaon_0.localstorage
File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ilhhefepljbmehhbmjcflhcchkddfaon_0.localstorage-journal
File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ilhhefepljbmehhbmjcflhcchkddfaon
File Deleted : C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.icmwebserv.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : LaunchApp
Task Deleted : YTDownloaderUpd
Task Deleted : GoodGameEmpire W1
Task Deleted : GoodGameEmpire W2
Task Deleted : GoodGameEmpire NextW1
Task Deleted : GoodGameEmpire NextW2
Task Deleted : RDReminder
Task Deleted : DLL-Files.Com Fixer_Updates
Task Deleted : DLL-Files.Com Fixer_MONTHLY

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\PC i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\PC i7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\13d1b8a9f8961c2f\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666A3A18-7C04-48FA-87AC-FAD6622EAFE4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2ABC44C-9C7B-41F7-B6BD-84FA811968E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{144BB502-907C-4AB4-92CE-4B10A4B26D49}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21200F59-0E5C-4C43-852F-FCEFC3BCCB4C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54E7CE93-0374-44C7-AB57-6E1FEE4A2475}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C7947D3-6743-4A0E-A155-5E62FE7D1052}
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\Baidu
Key Deleted : HKCU\Software\dll-files.com
Key Deleted : HKCU\Software\Smart PC Solutions
Key Deleted : HKCU\Software\AppDataLow\Software\IObit Apps
Key Deleted : HKLM\SOFTWARE\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\dll-files.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dll-Files Fixer_is1

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v31.0 (x86 ar)


-\\ Google Chrome v40.0.2214.115

[C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

-\\ Opera v27.0.1689.69

[C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [24405 bytes] - [03/01/2015 23:13:36]
AdwCleaner[R1].txt - [1736 bytes] - [03/01/2015 23:31:32]
AdwCleaner[R2].txt - [1796 bytes] - [03/01/2015 23:44:40]
AdwCleaner[R3].txt - [6635 bytes] - [22/02/2015 10:07:37]
AdwCleaner[S0].txt - [24234 bytes] - [03/01/2015 23:17:38]
AdwCleaner[S1].txt - [1695 bytes] - [03/01/2015 23:48:44]
AdwCleaner[S2].txt - [7165 bytes] - [22/02/2015 10:16:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [7224 bytes] ##########

++++++++++++++++++++++++

تقرير أداة JunkWare Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x86
Ran by PC i7 on Sun 02/22/2015 at 10:26:07.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\Users\PC i7\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Users\PC i7\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\PC i7\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\PC i7\Local Settings\Application Data\thinstall"
Successfully deleted: [Folder] "C:\Program Files\baidu security"
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{03FDFF26-CAC2-4D0E-BC21-00A4B9E266C6}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{47206860-A2D4-4698-A9ED-D90C43F73C00}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{4DB657B4-BA10-4A57-BC51-261F81457C02}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{6C3F9A80-B54F-4FDC-A089-2295836DFB30}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{ADF7F397-C51D-4DE8-AA79-64738BAF6C84}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{C346E56C-7B13-486A-9A44-3FB5E2476A32}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{D3D3D32A-F1FC-4B7E-A9C4-4D4B64D07557}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{D4ADC54C-A779-4BF3-A104-1139C90E0DE8}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{E1CB57F4-E224-4D48-B587-345873164BDC}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{E7F8DA1F-ABA3-455F-9461-8A718C2FA1C3}
Successfully deleted: [Empty Folder] C:\Users\PC i7\appdata\local\{EC8D9EE9-6857-4DB3-A601-C7C0306D6B54}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\PC i7\AppData\Roaming\mozilla\firefox\profiles\o5ida13a.default\extensions\ffxtlbr@alnaddytoolbar.com
Successfully deleted the following from C:\Users\PC i7\AppData\Roaming\mozilla\firefox\profiles\o5ida13a.default\prefs.js

user_pref("extensions.alnaddyToolbar.cntry", "SA");
user_pref("extensions.alnaddyToolbar.hdrMd5", "");
user_pref("extensions.alnaddyToolbar.pnu_base", "{\"newVrsn\":\"13\",\"lastVrsn\":\"13\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgT
user_pref("extensions.alnaddyToolbar.sg", "{smplGrp}");
user_pref("extensions.ffxtlbr@alnaddyToolbar.com.install-event-fired", true);
user_pref("extensions.xpiState", "{\"app-profile\":{\"ffxtlbr@alnaddyToolbar.com\":{\"d\":\"C:\\\\Users\\\\PC i7\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\o5i



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/22/2015 at 10:28:50.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


++++++++++++++++++++++++++
يتبع

 

[عطوف]

تقرير أداة Zoek


Zoek.exe v5.0.0.0 Updated 21-February-2015
Tool run by PC i7 on Sun 02/22/2015 at 10:33:03.85.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC i7\Downloads\أداة Zoek\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

22/02/15 10:34:59 ص Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\2217c9bc-7a15-44e2-af22-d7f526a937ed deleted successfully
C:\Program Files\AoaoPhoto Digital Studio deleted successfully
C:\Program Files\BlazeVideo deleted successfully
C:\Program Files\Blender Foundation deleted successfully
C:\Program Files\ChatSend Toolbar deleted successfully
C:\Program Files\e456c565-0362-4af0-9946-61e33e483142 deleted successfully
C:\Program Files\f5b1e459-1860-43d0-8c9f-a85d0462776b deleted successfully
C:\Program Files\IObit deleted successfully
C:\Program Files\iWASEL VPN Service deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\NetDragon deleted successfully
C:\Program Files\PlotSoft deleted successfully
C:\Program Files\stinger deleted successfully
C:\Program Files\ThinkSky deleted successfully
C:\Program Files\TuneUp Utilities 2014 deleted successfully
C:\Program Files\WASEL Pro VPN Service deleted successfully
C:\Program Files\Wondershare deleted successfully
C:\Program Files\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

deleted successfully
C:\Program Files\Youdao deleted successfully
C:\PROGRA~2\BlazeVideo deleted successfully
C:\PROGRA~2\eSellerate deleted successfully
C:\PROGRA~2\Hi deleted successfully
C:\PROGRA~2\HiPlayer deleted successfully
C:\PROGRA~2\PC SUITE deleted successfully
C:\PROGRA~2\PlotSoft deleted successfully
C:\PROGRA~2\xml_param deleted successfully
C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521} deleted successfully
C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\PC i7\AppData\Roaming\ACD Systems deleted successfully
C:\Users\PC i7\AppData\Roaming\Cool Record Edit Pro deleted successfully
C:\Users\PC i7\AppData\Roaming\Publish Providers deleted successfully
C:\Users\PC i7\AppData\Roaming\ThinkSky deleted successfully
C:\Users\PC i7\AppData\Roaming\WebTest deleted successfully
C:\Users\PC i7\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully
C:\Users\PC i7\AppData\Local\ACD Systems deleted successfully
C:\Users\PC i7\AppData\Local\AdFender deleted successfully
C:\Users\PC i7\AppData\Local\Downloaded Installations deleted successfully
C:\Users\PC i7\AppData\Local\GGEmpire deleted successfully
C:\Users\PC i7\AppData\Local\Windows Live deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\SearchScopes\{51E51BC0-EE36-4F8E-A22A-A6B1C4DB42C7} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{108CF492-6D5B-4CB9-AFA5-7972E8EFC7BA} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10C58D95-8804-4B3B-86F8-D9D63FDFB7E9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{144bb502-907c-4ab4-92ce-4b10a4b26d49} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18F6938B-86E4-4A11-B96A-FCE848A5D584} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A9DFC91-28D2-4579-B0B3-DD3E79A16D4A} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AF10F38-27B9-44F3-AC80-31154992B8D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CEB3066-9D5D-42B8-B4C0-0A791297F419} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D53B88E-DC8F-4CA9-8F6-27EEECCB38BA} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F94380E-3520-4668-BF41-B01974B0A0E2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{202244BF-D827-42F4-A32C-6BFE331A11E3} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{207FB25F-4974-4180-B2B8-61685C822971} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21200f59-0e5c-4c43-852f-fcefc3bccb4c} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21B49B73-92EC-4AF5-9936-55A041CC3777} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{228F0B3B-F7DB-4BBD-9842-7065D38313FF} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22E1D7EA-274-451C-9D65-6D57D9E1CCA0} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2497DAB5-B7EF-4F6A-A737-33C4D12EB7D4} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{255521AC-2BBF-444C-BEF8-3CCF18B8129} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26D794A-90E0-4450-A03F-E495CE51E61} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2887EB3-4D7D-4522-8555-3E4AA437B551} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A99521D-4BDE-42A3-8BB0-FBD3FADE467} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFC8F44-C714-4393-B315-444563EF47E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D88FB28-F23C-4361-8EE4-3E44AEEBF744} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9D95D7-951F-4276-A19D-A18704E5E7} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30CB9BAE-748E-4C1E-AB7F-8169D95C243D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30E446EA-551E-426B-9FD4-EDBF25ED292C} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3254BD3A-BAA2-41C1-A1A9-17EA85397249} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32FBE759-667A-4DC1-B682-25DC07B8E3} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32FCE712-2840-43D2-8E86-E9183D76A215} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33438C32-515E-42F7-9B4B-AF1AE8F072D6} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33B1C194-EE43-46D4-826C-3EE07CBF52DA} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35EFC5C1-AA32-4922-A49F-FB76F77231F2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{385CB370-CF4C-4B62-95D2-43CA34199CE9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A21F021-4BAE-4B1B-BEDA-2B188882A7EC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CA516E3-1327-4E2F-9934-A5AD8F55375D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DBD2CFD-2F1B-4001-A2D9-69B73611914B} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{408DB454-701E-4EA4-918A-57895C8DC5F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40B84337-DC7B-4CD3-A392-F4BC9179B51D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41743760-9A2E-4423-A238-BB553F4BDF69} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4223518B-56EE-4C66-B653-9ACC9A07DA9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4266A4D1-FE66-4842-9E77-9107B716C68} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43AA78D8-29F9-4A70-BF76-8D6DE76FC3AB} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{472F9AAF-1959-4E35-B529-8A8065476840} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47C502FF-61EC-4DEA-91CD-C69A73F9797} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{480A8AB3-EE77-413E-A7FA-3712D35C8254} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48FD20D2-837-42D6-B3B0-F9F8EF4F086} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4951F5F7-C4BA-4B75-95D3-9F45A2D6993D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B77FA82-4FBE-4D1A-8C31-65CF641A24B} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B90F3E8-6DE5-4F3E-A935-8E9CE65313E8} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E1D19B0-152C-4C0D-BDC9-2DD52A87F7FD} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E6BBD9F-FDBF-48F7-9977-EA63977630D4} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E7FA544-A909-414A-827A-46AE6AB5C430} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EB3C31E-9CBE-4B7E-804-6031D22BFC97} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50E90F3B-E2C4-4BB4-B41-81142F5B1A89} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54e7ce93-0374-44c7-ab57-6e1fee4a2475} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57256C81-E985-4411-AE4D-32E8FC6317D9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57AB80A1-2E63-467E-90E4-AF882013702F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57DA64DB-EBAD-4184-A36F-20AB6DE8F59F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57F1E507-3FBD-43B2-BEAA-7A157B209D6F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58EE119D-D52C-4D95-8EF2-991CB129455} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B25C9A-A1F4-47C9-95AE-4011B0BCE0D0} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B727E55-65F1-40DE-A997-A1FC3463EB90} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BB2FA97-9662-41BE-95D-4AADA5BCAFBE} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C33106B-6F36-4956-BB38-E22AB9DDA4A} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5c7947d3-6743-4a0e-a155-5e62fe7d1052} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CC914C-F1EF-481B-B65E-9126181D367} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DF0D709-4FD2-46C1-B1B5-95268450AFF6} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EBA17C4-E575-4EAE-BE66-44D0247B59A6} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FA60EB8-CFE8-4864-BF20-B11D56859FAB} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60212966-BAD2-44E9-A7C6-E132509A6231} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{637FBE3-A50D-4602-A155-77CF31765EC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63B81B6-C2F7-4D6C-9F7-A448DD6D753} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666a3a18-7c04-48fa-87ac-fad6622eafe4} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6683FD64-BB56-4424-A015-74886A93F1B9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D72C98-C9AE-4CE7-B715-40AD2529C579} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ABE991-C897-419C-A53D-4A5C32DAD5D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67D73019-BA8D-4320-8522-BCC440E76212} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{685D08A-4AF6-4237-990-CF4E846F879} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B3319F7-41A3-48CC-B23-229B2098288E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D0436A7-FFFD-4C31-A755-9DBB3549126D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DDEFD8-5A34-4A4E-BE6D-6DA5934FA7BE} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FAD2956-82BD-40B6-8719-A292CE5363F6} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{742CB15E-4846-4DB1-BB2F-81BEC2289041} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77293854-5C39-41EE-A080-30F61A466EC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77835919-48EE-43A7-81E3-3DD9FBCB10} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B1FF3E-B146-44DC-A925-3B8DEDB86DB0} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B42E63-C288-4AE9-A9EF-C97746CAA0A8} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7949AF70-B2DC-4299-9D86-8B819E53DD4} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{795BD4EF-CCB5-4A83-8EA5-904320FEA532} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84427DEA-980A-4C1E-9053-553316481797} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{845C4E90-2A64-4A96-BF60-FF36B3899373} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{853A1C0A-294D-4764-8EC7-64B3AF454926} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85A20F9A-4F7C-4462-BD5F-9685ED6A87B} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8869D106-C166-4D30-8C73-80B5A03DCD52} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{889b1588-16e2-4d58-b05f-6994b07372e6} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89080CF0-2909-4074-B3A7-CF19E0FF78A2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D794FDA-4EEA-4308-9845-39C8FA364D64} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ED88B35-4586-438E-8586-D07083B4E797} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ff610b9-4df6-4c5e-9e4a-812ed92935b7} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E9657A-66EE-4077-9160-FA8377807E77} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9133FF28-59F5-4916-9A9B-301B22EDB019} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91938CA1-F360-41DE-9BB1-18325D7153D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92F96192-C4EF-47BF-85A5-2BBDDC83CE1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9407CD19-B415-4F5F-B029-1E5911FE4485} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9544E9F3-C40E-464D-A8F8-729C1E3864} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96240aff-7bcb-4204-bfbf-7790647a1eda} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96878B1B-61FA-4AFC-A6C3-CBD6DFE69963} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96A57A4D-DB8A-48F1-B2E9-2788B39016FA} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D46CEFD-5A94-4163-89D2-8D50DBAB48D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0D0ED47-1BC9-4B8C-A32A-A6B499EBCE85} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a2abc44c-9c7b-41f7-b6bd-84fa811968e1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2EDACBA-358E-4DEA-BDBD-4CB718E2B3DD} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A720A4E7-C4FA-4B1B-9192-DFC862FB44D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8A6EF2F-96ED-4A07-B3C2-D1C51B7CC346} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9D68B7F-F78B-405C-8F9D-F867FFFB5E6E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA995792-63D7-4E1D-A7D0-C9B9B5A866E3} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB06CA21-DDAB-474B-9313-CE36263F7DF5} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACF1A2A2-524C-45FB-993E-7B3A9117FBBB} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEA079C1-27E4-4D3D-9180-F4189BFC9C7} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3BB8FB-35F7-4E08-8026-AE291E8A166} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4698FFB-844E-4002-B32A-95A914D0194E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B66C716D-718F-41A0-B63D-177A3240F0E8} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7C12D82-B40C-4411-8994-437D5A28EB3C} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B87A4C83-88C7-4279-9B27-BAFCEF1F4CAC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B94A352B-BC81-44AE-B9E3-C7D565B67ED3} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBE22BF8-F1C-4DD3-819-E651399563} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC56849B-724D-4986-8D4D-FCA5A7C49D43} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF94E5FC-693E-454F-BD4-1E549E1C2A75} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1169911-36C7-408C-84D0-FA82BFEF82D9} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c12aafe2-4bb2-4156-84ee-765cecef5198} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C20081BC-776B-4FB8-B932-FE71E05F32D1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c3e2ef2e-54f0-4802-abf9-e21625ec5f49} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5800CE9-1D32-4B37-9025-EC94B3F69A20} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C580E184-2E36-4EEF-A25C-DA90D0E799D5} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C66623AC-5E10-4ECD-911E-DE2AFD4B7FA8} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C79998CF-29-4067-ADCE-9CE7239A6A72} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9686DAE-E646-4C26-8C5D-CB80D9C64D1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA41C19-CE42-458D-9DD7-F93765301E26} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCBCE568-467B-408A-B72A-AEEFEC1AD8C} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCBD1E62-8A8F-4F6E-9A3D-85CEFD7B4D6B} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEEB492-A5DA-4691-B955-DF66DFE3F787} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF26E78D-D0F4-40CD-9156-B47C299EB551} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D05DC1D3-8759-4BD8-829F-453348FF406D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0613DFD-4AA0-44D4-958F-C284D3F44C3B} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2886C3D-5A7D-4ED2-998D-C6D036196958} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3652FDF-54C4-47F3-BD72-46658915BD1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D44C8E8D-DE63-4EFE-941A-657A7FB27485} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4571B63-FDA9-4E34-854A-9AB15435BEE2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D619D942-573-4EA8-BABE-E27D369ED544} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D665E66-9F11-4888-ACCA-C7DB6DEE03} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D75D5608-441B-45C9-AA52-203A43768D6F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B9E5D0-ED9C-4078-B911-E0D6F4F0BB55} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA15868D-C0EC-45DF-A791-909971E4F9FC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA188B98-C563-4804-88E2-466CC1937A2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA786A39-E9F2-4745-8FAF-AFE678619DC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCBC49D2-5FDA-472E-9D11-C75AE9CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C0C360-834B-4279-A819-A8B47589CA1} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C4E5A7-8707-476D-B38C-3B4A5CCE93D} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E16182B5-7DF2-4470-BC1E-92BA888CE2} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2089C6F-2CEE-449E-A579-693845F6CC75} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3A47EF8-79FC-4B53-BCFB-1420887A5896} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4423809-E537-4F36-9DA6-23D8C746FBDC} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E85E0D03-1CE-4FF6-A4F0-56B9D72FF84} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9314F6C-C383-4FDC-8572-39D668A62031} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA11E63B-824-42F5-B5C7-1144DDD0E61} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA1DE2CD-3B98-466B-A81C-C7CC8AA3723E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA364458-CE0F-4485-A582-BF763925E710} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA71DA12-65E2-414A-B352-192FC5F2792} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE1A2C1-7536-4CB7-867C-2CBC82FB10CE} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE361B36-F959-43D7-B6AB-55925DB121} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5E7AEDE-2F46-4AF3-B43F-2B1F4A643F3E} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F80CF46-667F-4B47-9CA-B82B1BACA45F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F91A4EFF-AD30-4498-A7F2-6D5E172962E8} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9F7A573-5F07-4E55-A436-22507A22222} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB46DF1F-7CC9-4ADC-AF80-E9EEBD8CAFE} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD1C9CF-76F9-4CB6-82EC-C4678A11BF6F} deleted successfully
HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE7C5E95-29C6-4A19-A530-B3E3B0D84B5C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{889b1588-16e2-4d58-b05f-6994b07372e6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ff610b9-4df6-4c5e-9e4a-812ed92935b7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96240aff-7bcb-4204-bfbf-7790647a1eda} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c12aafe2-4bb2-4156-84ee-765cecef5198} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c3e2ef2e-54f0-4802-abf9-e21625ec5f49} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\ma-config.com\MaConfigAgent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SmartPCFixer\SmartPCFixer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Users\PC i7\Downloads\أداة Zoek\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\PCI7~1\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default

user.js not found
---- Lines Solution Real removed from prefs.js ----
user_pref("extensions.Solution Real.asul", "1420744829613");
user_pref("extensions.Solution Real.aul", "1420870335620");
user_pref("extensions.Solution Real.irl", true);
user_pref("extensions.Solution Real.is", "isgiwhSA");
user_pref("extensions.Solution Real.ug", "81BF880A-2E27-4715-9665-14666F0C049A");
---- Lines {113c6a96-cbc4-4248-bc8a-c05e9ec4b669} removed from prefs.js ----
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.daysPassed", "{\"t2d\":true,\"t7d\":true,\"t10d\":true}");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.installtime", "1420188341.876");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.is_bundle", "true");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.isFirstRun", "false");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.last_version", "");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.lastC", "{\"sm\":395556,\"li\":395592,\"mo\":395556}");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.moEnabled", true);
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.server", "

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.src", "7902");
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.toolbarButtonInstalled", true);
user_pref("{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.user_id", "F779C207-2E33-4B92-9323-3E3C9D1E2E78");
user_pref("extensions.{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}.install-event-fired", true);
user_pref("extensions.xpiState", "{\"app-profile\":{\"ffxtlbr@alnaddyToolbar.com\":{\"d\":\"C:\\\\Users\\\\PC i7\\\\AppData\\\\Roaming\\\\Mozilla\\\\F
---- Lines finder removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
---- FireFox user.js and prefs.js backups ----

prefs_20150222_1046_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\2217c9bc-7a15-44e2-af22-d7f526a937ed not found
C:\Program Files\AoaoPhoto Digital Studio not found
C:\Program Files\BlazeVideo not found
C:\Program Files\Blender Foundation not found
C:\Program Files\ChatSend Toolbar not found
C:\Program Files\e456c565-0362-4af0-9946-61e33e483142 not found
C:\Program Files\f5b1e459-1860-43d0-8c9f-a85d0462776b not found
C:\Program Files\IObit not found
C:\Program Files\iWASEL VPN Service not found
C:\Program Files\MSXML 4.0 not found
C:\Program Files\NetDragon not found
C:\Program Files\PlotSoft not found
C:\Program Files\stinger not found
C:\Program Files\ThinkSky not found
C:\Program Files\TuneUp Utilities 2014 not found
C:\Program Files\WASEL Pro VPN Service not found
C:\Program Files\Wondershare not found
C:\Program Files\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

not found
C:\Program Files\Youdao not found
C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521} not found
C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
C:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669} not found
C:\Program Files\Temp deleted
C:\Program Files\Uninstall Information deleted
C:\Program Files\Windows Live SkyDrive deleted
C:\Users\PC i7\.android deleted
C:\Program Files\Internet Download Manager deleted
C:\Program Files\Common Files\Wondershare deleted
C:\DXSETUP.exe deleted
C:\rundll32.exe deleted
C:\Users\PC i7\AppData\Roaming\Wondershare deleted
C:\Users\PC i7\AppData\Roaming\AutoGK.ini deleted
C:\Windows\system32\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\PROGRA~2\Avg_Update_0814tb deleted
C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\Wondershare Video Converter Ultimate deleted
C:\PROGRA~2\Funk Animals deleted
C:\PROGRA~2\SpeedBit deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\PC i7\AppData\Local\Wondershare deleted
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\PC i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\PC i7\AppData\LocalLow\boost_interprocess deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\system32\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\Windows\system32\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AniGIF.ocx deleted
C:\Users\PCI7~1\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\CT2786678 deleted
"C:\Windows\Installer\3580500.msi" deleted
"C:\Windows\Installer\cda2bd0.msi" deleted
"C:\Windows\Installer\3699258.msi" deleted
"C:\Users\PC i7\AppData\Roaming\ca27957b" deleted
"C:\Users\PC i7\AppData\Roaming\cb0af906" deleted
"C:\Users\PC i7\AppData\Roaming\cb5cb1e4" deleted
"C:\Users\PC i7\AppData\Roaming\cba37c7c" deleted
"C:\Users\PC i7\AppData\Roaming\cbf237f8" deleted
"C:\Users\PC i7\AppData\Roaming\cc368f46" deleted
"C:\Users\PC i7\AppData\Roaming\d1ca7ad8" deleted
"C:\Users\PC i7\AppData\Roaming\d21c37b5" deleted
"C:\Users\PC i7\AppData\Roaming\d431170d" deleted
"C:\Users\PC i7\AppData\Roaming\d4887f8a" deleted
"C:\Users\PC i7\AppData\Roaming\d6723bc0" deleted
"C:\Users\PC i7\AppData\Roaming\d6cb0c44" deleted
"C:\Users\PC i7\AppData\Roaming\d7119742" deleted
"C:\Users\PC i7\AppData\Roaming\d7d8947d" deleted
"C:\Users\PC i7\AppData\Roaming\d826eda3" deleted
"C:\Users\PC i7\AppData\Roaming\Tribal Masks" deleted
"C:\Users\PC i7\AppData\Roaming\Tuner" deleted
"C:\Users\PC i7\AppData\Roaming\Vocal Transformer" deleted
"C:\Users\PC i7\AppData\Roaming\Vocals" deleted
"C:\Users\PC i7\AppData\Roaming\WebServer" deleted
"C:\ProgramData\Abstract" deleted
"C:\ProgramData\Woodwind" deleted
"C:\ProgramData\Woodwinds" deleted
"C:\ProgramData\Work - Home" deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)
Memory (RAM): 3570 MB
CPU Info: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
CPU Speed: 3438.7 MHz
Sound Card: سماعات (Realtek High Definition |
Realtek Digital Output (Realtek |
Realtek Digital Output(Optical) |
Display Adapters: ATI Radeon HD 5450 | ATI Radeon HD 5450 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | 802.11 USB Wireless LAN Card | Intel(R) 82579V Gigabit Network Connection
CD / DVD Drives: 2x (D: | L: | ) D: ATAPI iHAS324 B | L: EZBSYS ISO CDVD DRIVE
Ports: COM8 | COM9 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 195.2GB | E: 376.0GB | F: 360.2GB | I: 2794.5GB
Hard Disks - Free: C: 96.4GB | E: 256.2GB | F: 204.0GB | I: 1314.6GB
Manufacturer *: Intel Corp.
BIOS Info: AT/AT COMPATIBLE | 12/22/11 | HPQOEM - 1072009
Time Zone: السعودية - التوقيت الرسمي
Motherboard *: Intel Corporation DH67CL
Country: ںéêêéè، ںéم© ï، ںé«مي§ï،
Language: ARA

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Google Chrome 40.0.2214.115
Internet Explorer Version: 11.0.9600.17633
Mozilla Firefox version: 31.0 (x86 ar)
Opera Browser version: 27.0.1689.69
Google Chrome version: 40.0.2214.115
Adobe Reader version: 11.0.10.32
Sun Java version: 1.7.0_25 (32-bit)
Flash Player version: 16.0.0.305

يتبع

 

[عطوف]

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\PCI7~1\AppData\Local\Temp ====
2015-02-22 07:25:59 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\libiconv2.dll
2015-02-22 07:25:59 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\libintl3.dll
2015-02-22 07:25:59 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\pcre3.dll
2015-02-22 07:25:59 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\regex2.dll
2015-02-19 07:00:13 875423375660681EBEA1781EDA926AD2 16896 ----a-w- C:\Users\PC i7\AppData\Local\Temp\SBLCopyF.EXE
====== Java Cache =====
====== C:\Windows\system32 =====
2015-02-12 04:00:03 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-02-12 04:00:01 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-11 09:18:42 15E13FB1C22A47A128965287194D1906 2380288 ----a-w- C:\Windows\System32\win32k.sys
2015-02-11 09:18:40 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-02-11 09:18:40 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\System32\secur32.dll
2015-02-11 09:18:40 CEFE50761B7681715C66AE3488363985 100352 ----a-w- C:\Windows\System32\sspicli.dll
2015-02-11 09:18:40 BF08DE8E4FA1F143D41B3241F7FCE5F6 22528 ----a-w- C:\Windows\System32\lsass.exe
2015-02-11 09:18:40 ACF312F6CCFC9249F739BF439DD4B80C 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2015-02-11 09:18:40 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\System32\auditpol.exe
2015-02-11 09:18:40 4775E1A0E15BF148098C35A19135F881 1061376 ----a-w- C:\Windows\System32\lsasrv.dll
2015-02-11 09:18:39 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-02-11 09:18:39 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-02-11 09:18:23 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-11 09:18:23 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\System32\ntkrnlpa.exe
2015-02-11 09:18:15 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\System32\TSpkg.dll
2015-02-11 09:18:15 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\System32\kerberos.dll
2015-02-11 09:18:15 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\System32\msv1_0.dll
2015-02-11 09:18:15 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\System32\schannel.dll
2015-02-11 09:18:15 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\System32\ncrypt.dll
2015-02-11 09:18:14 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\System32\credssp.dll
2015-02-11 09:18:14 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\System32\wdigest.dll
2015-02-11 09:18:09 B0F7BD3492C2D60A70F15AEADCE1E2A6 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-02-11 09:18:09 94B1F7CE1AAA5542923E0AD63C4D0050 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-11 09:18:09 71189E2787179666BDCD1374AE92BF62 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-02-11 09:18:08 E1A4D24281526DDFEA418F729CDA9DC6 30720 ----a-w- C:\Windows\System32\iernonce.dll
2015-02-11 09:18:08 C4F2424A0671907FD3AC44EBE43C3C66 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-11 09:18:08 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\System32\urlmon.dll
2015-02-11 09:18:08 74EA6C792F57E453261DA210C1BCEB53 342712 ----a-w- C:\Windows\System32\iedkcs32.dll
2015-02-11 09:18:08 73AFBF165241EB4502CD15107AA12CBA 684544 ----a-w- C:\Windows\System32\ie4uinit.exe
2015-02-11 09:18:07 55A84600EAAF8F1D3F0E6206E2EF6D48 47104 ----a-w- C:\Windows\System32\jsproxy.dll
2015-02-11 09:18:07 28B2D3CB1B4306D476200D80AF7D87AD 115712 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-02-11 09:18:06 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\System32\ieapfltr.dll
2015-02-11 09:18:06 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\System32\dxtmsft.dll
2015-02-11 09:18:06 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\System32\msfeeds.dll
2015-02-11 09:18:06 47B26D89EF9973E2DD586D0C827F61A9 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-02-11 09:18:05 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-02-11 09:18:05 6F10743069DFFC56DEE079204960844E 168960 ----a-w- C:\Windows\System32\msrating.dll
2015-02-11 09:18:05 5FB7E9786F70F4072663746072C9E6CE 62464 ----a-w- C:\Windows\System32\iesetup.dll
2015-02-11 09:18:04 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\System32\wininet.dll
2015-02-11 09:18:04 44791AA90DF93DD79E63ED3A38657964 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-02-11 09:18:03 994E7459260D315573DD72783D1B78A7 478208 ----a-w- C:\Windows\System32\ieui.dll
2015-02-11 09:18:03 6FA05244FD2E40A3DC08337146B3C425 285696 ----a-w- C:\Windows\System32\dxtrans.dll
2015-02-11 09:18:02 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\System32\ieframe.dll
2015-02-11 09:17:59 D87759889FE7BCAE4461439139E62BAA 76288 ----a-w- C:\Windows\System32\mshtmled.dll
2015-02-11 09:17:59 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-02-11 09:17:59 180168942E4A133C55E7BBF17DA3C142 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-02-11 09:17:58 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\System32\iertutil.dll
2015-02-11 09:17:57 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\System32\mshtml.dll
2015-02-11 09:17:56 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\System32\vbscript.dll
2015-02-11 09:16:32 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\System32\scesrv.dll
2015-02-11 09:16:32 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll
====== C:\Windows\system32\drivers =====
2015-02-22 00:01:10 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-22 00:00:45 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-02-22 00:00:45 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-02-22 00:00:45 312CD3307F600E7CD340B79B3DCB3A01 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-02-11 09:18:40 F516F1167EFBBC5ABC90687C94497869 369968 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-02-11 09:18:40 EF88BAC2B489D9C46F4E41ACF0219CD0 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-02-11 09:18:40 49D70660EE8266988C1F99A0297A1430 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-17 08:35:45 -------- d-----w- C:\Program Files\ESET
2015-02-16 23:33:31 -------- d-----w- C:\Program Files\Sophos
2015-02-04 00:32:09 -------- d-----w- C:\Program Files\ABC Amber BlackBerry Converter
2015-02-04 00:25:35 -------- d-----w- C:\Program Files\ABC Amber PDF Converter
2015-02-02 20:55:17 -------- d-----w- C:\Program Files\AVI MPEG RM WMV Splitter
2015-02-02 20:52:39 -------- d-----w- C:\Program Files\Boilsoft Video Splitter
2015-02-02 20:48:28 -------- d-----w- C:\Program Files\Speed Video Splitter
2015-02-02 20:42:29 -------- d-----w- C:\Program Files\Ultra Video Splitter
======= C: =====
====== C:\Users\PC i7\AppData\Roaming ======
2015-02-04 01:23:43 -------- d-----w- C:\Users\PC i7\AppData\Roaming\AmberBerry
2015-02-04 00:25:43 -------- d-----w- C:\Users\PC i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProcessText Group
2015-02-02 21:11:37 -------- d-----w- C:\Users\PC i7\AppData\Roaming\Xilisoft Corporation
2015-02-02 21:10:49 -------- d-----w- C:\Users\PC i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
====== C:\Users\PC i7 ======
2015-02-22 07:31:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Toolbar Remover
2015-02-16 23:34:56 -------- d-----w- C:\ProgramData\Sophos
2015-02-16 23:33:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-02-16 21:58:44 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Users\PC i7\Downloads\esetsmartinstaller_enu.exe
2015-02-16 21:58:13 FF520A87F8F66D5A215D9ED17037C258 11551088 ----a-w- C:\Users\PC i7\Downloads\stinger32.exe
2015-02-16 21:57:53 B8FC967A3D1B3568070B21FEEF895144 407680 ----a-w- C:\Users\PC i7\Downloads\aswclnr.exe
2015-02-16 21:57:30 AC5DFBBC294F0F8734436CDBD51AC051 110635352 ----a-w- C:\Users\PC i7\Downloads\Sophos Virus Removal Tool.exe
2015-02-16 21:56:57 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\PC i7\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-16 21:40:16 1B7F9C41AA7756C32346C0056BC682BC 3996556 ----a-w- C:\Users\PC i7\Downloads\Zyzoom_Reports-fixing_tools_001.exe
2015-02-16 21:31:29 C8591463FF9FF7E2C91F3809F60751B5 2286392 ----a-w- C:\Users\PC i7\Downloads\GetSystemInfo.exe
2015-02-04 00:25:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessText Group
2015-02-02 20:55:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVI MPEG RM WMV Splitter
2015-02-02 20:52:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
2015-02-02 20:48:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speed Video Splitter
2015-02-02 20:42:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Video Splitter
2015-02-02 15:08:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-02 15:06:09 -------- d-----w- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB

====== C: exe-files ==
2015-02-22 07:31:23 4E94153FB2498A304A679FA9A9AAFAD0 5228544 ----a-w- C:\Program Files\Smart PC Solutions\Smart Toolbar Remover\SmartToolbarRemover.exe
2015-02-22 07:31:23 01C9E2DF1981A2E2D5E475028AEFC71F 712992 ----a-w- C:\Program Files\Smart PC Solutions\Smart Toolbar Remover\unins000.exe
2015-02-21 23:24:18 AF6E966D1F38287EF4D33B246CCC3A33 1388274 ----a-w- C:\Users\PC i7\Downloads\أداة JunkWare Removal Tool\JRT.exe
2015-02-21 23:23:08 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\PC i7\Downloads\اداة Adware Cleaner\adwcleaner_4.111.exe
2015-02-21 23:20:51 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\PC i7\Downloads\ـ ماالوير باايتس\mbam-setup-2.0.4.1028.exe
2015-02-21 23:18:47 1B28807E950FB1B2F4C9AAD546D6568A 1943800 ----a-w- C:\Users\PC i7\Downloads\أداة RKILL\rkill.exe
2015-02-21 08:53:30 0D79D8B50657CB61C8AF00F7F6DEAC3C 5107877 ----a-w- C:\Users\PC i7\Downloads\Dll-Files Fixer\dffsetup.exe
2015-02-21 08:53:29 FAC08E03DFC8644C553C721165449926 49664 ----a-w- C:\Users\PC i7\Downloads\Dll-Files Fixer\Medicina - Instrucciones\Dll-Files Fixer Keygen.exe
2015-02-19 21:30:57 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files\Google\Update\Install\{B2D26F4E-5DBB-4447-B106-C39E111A4B56}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
2015-02-19 21:30:57 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe
2015-02-19 07:00:13 875423375660681EBEA1781EDA926AD2 16896 ----a-w- C:\Users\PC i7\AppData\Local\Temp\SBLCopyF.EXE
2015-02-17 08:35:53 E273331224005C5A8A504164373DE1DC 535304 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2015-02-17 08:35:53 5B3DE7968D23B476AFB256D8014B25B9 333424 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2015-02-17 08:35:53 47B06E473B78A792DF07D226E0537D63 119184 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2015-02-17 08:35:53 3C3F35C91F230493B088B334E39D1F7A 358144 ----a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-02-17 08:35:52 9E47522861242EE002D7F385C35D1322 2887824 ----a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2015-02-16 21:58:44 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Users\PC i7\Downloads\esetsmartinstaller_enu.exe
2015-02-16 21:58:13 FF520A87F8F66D5A215D9ED17037C258 11551088 ----a-w- C:\Users\PC i7\Downloads\stinger32.exe
2015-02-16 21:57:53 B8FC967A3D1B3568070B21FEEF895144 407680 ----a-w- C:\Users\PC i7\Downloads\aswclnr.exe
2015-02-16 21:57:30 AC5DFBBC294F0F8734436CDBD51AC051 110635352 ----a-w- C:\Users\PC i7\Downloads\Sophos Virus Removal Tool.exe
2015-02-16 21:56:57 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\PC i7\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-16 21:42:50 D6969D52430AFF7C1891780BA0068F19 855428 ----a-w- C:\Zyzoom_Forum_Tools\zyzoom.exe
2015-02-16 21:42:49 5B5D56738C261634C281C7BA1CA1A2DF 446464 ----a-w- C:\Zyzoom_Forum_Tools\TFC.exe
2015-02-16 21:42:48 7DEAB799CB9FF73B42A1B8A2480B5AE1 638841 ----a-w- C:\Zyzoom_Forum_Tools\run1.exe
2015-02-16 21:42:47 0351632B8B74419CE645B66BE83ACB01 52736 ----a-w- C:\Zyzoom_Forum_Tools\Bluez.exe
2015-02-16 21:42:46 344400667A932511A528C72219D1ECED 36352 ----a-w- C:\Zyzoom_Forum_Tools\AppCrashz.exe
2015-02-16 21:40:16 1B7F9C41AA7756C32346C0056BC682BC 3996556 ----a-w- C:\Users\PC i7\Downloads\Zyzoom_Reports-fixing_tools_001.exe
2015-02-16 21:31:29 C8591463FF9FF7E2C91F3809F60751B5 2286392 ----a-w- C:\Users\PC i7\Downloads\GetSystemInfo.exe
=== C: other files ==
2015-02-22 07:25:57 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\prelim.bat
2015-02-22 07:25:57 E49F9C309DC32E854A081507B89EBE39 11201 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\runvalues.bat
2015-02-22 07:25:57 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\TDL4.bat
2015-02-22 07:25:57 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\surfvox.bat
2015-02-22 07:25:57 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\searchlnk.bat
2015-02-22 07:25:57 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\mws.bat
2015-02-22 07:25:56 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\medfos.bat
2015-02-22 07:25:56 8BA81DD47CF392BEBEE506E3789F9FBA 14924 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\get.bat
2015-02-22 07:25:56 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\firefox.bat
2015-02-22 07:25:56 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\ev_clear.bat
2015-02-22 07:25:56 56CE326F6AAE3CF1709D332C04E8F9F1 191237 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\misc.bat
2015-02-22 07:25:56 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\ask.bat
2015-02-22 07:25:56 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\iexplore.bat
2015-02-22 07:25:56 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\delfolders.bat
2015-02-22 07:25:56 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\PC i7\AppData\Local\Temp\jrt\chrome.bat
2015-02-22 00:01:10 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-22 00:00:45 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-02-22 00:00:45 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-02-22 00:00:45 312CD3307F600E7CD340B79B3DCB3A01 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-02-20 18:13:27 B092CCEABE651335701E33FADCC66761 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$ISBSCXB.zip
2015-02-20 18:10:52 B22655BDECF872A68C003EAD2907C24A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IVB5KPG.zip
2015-02-20 16:35:05 DA128D1B1C775403A06722FAE07153F1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$I8ODXYX.zip
2015-02-20 16:25:58 FA5B57A431D2B94CEFDE90A76F30DF0F 128552 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RSBSCXB.zip
2015-02-20 16:25:21 52F5618936EFA7DD636CF67CB4BD3D82 70906 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RVB5KPG.zip
2015-02-20 16:24:58 19F1FFC68F721C05B84ECABF5FC5BF3F 34230 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$R8ODXYX.zip
2015-02-18 11:46:55 716CC0F8F52EA7306F507228835B9E6C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$I896DS8.zip
2015-02-18 11:46:35 1761D0849C39B7B52D7E1C4456BF01F3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IK2NQXR.zip
2015-02-18 11:46:20 1DF8C62FB13484556E908BA1150113AC 22858 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RK2NQXR.zip
2015-02-18 11:32:42 B7A19DDFC5CFF68089B754D1FEB64729 37678 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$R896DS8.zip
2015-02-18 10:50:44 C766E90EDB98BD1CA9B6E0CB9AC29039 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IFAJIAA.zip
2015-02-18 10:44:47 A18813B4AE7E5E0EC2A005A8D64E1E53 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IQUCEIQ.zip
2015-02-18 10:43:37 023ECDEEA4EA7EAED3C320746114C78B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IATC2EA.zip
2015-02-18 10:42:20 6A2306575DB0D5E65CAE9291D0DF973B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IJWOTS6.zip
2015-02-18 10:34:34 8886EB58875F0128DC768D2F3354070D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$IB0P751.zip
2015-02-18 07:12:07 D2282B6A52AC6039695E8B7C3EC7C520 573697 ----a-w- C:\Users\PC i7\Downloads\Autoruns.zip
2015-02-18 05:46:11 C55D5FCB6C02E0625F01681E02EF9657 30635 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RB0P751.zip
2015-02-18 05:45:23 D458F99263E003404EF7D8AABC41F5DF 26151 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RFAJIAA.zip
2015-02-18 05:44:56 314341FD8CF75AB8F7F86462D968C88A 12650 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RQUCEIQ.zip
2015-02-18 05:44:24 63A99437B62D31A8A4F8CEB02BCD691A 34626 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RATC2EA.zip
2015-02-18 05:43:45 D98B4F38713A52D07F3AA37F5C7F4346 16102 ----a-w- C:\$Recycle.Bin\S-1-5-21-3402252242-812742155-1843706100-1000\$RJWOTS6.zip
2015-02-17 10:44:56 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\PC i7\AppData\Local\Temp\avastBCLTMP\epbmnbdplhcomkedpjfceakddnbgfjmf.zip
2015-02-16 21:42:49 3AF4A2E7F8180A764474B3F5AA1D3C07 462349 ----a-w- C:\Zyzoom_Forum_Tools\1.vbs
2015-02-16 21:42:46 EAC393C39AC69CA813ACB017CB4AB05F 157184 ----a-w- C:\Zyzoom_Forum_Tools\zUpload2.com
2015-02-16 21:42:45 5216193E8D932CC7B476646FF5D59797 1659192 ----a-w- C:\Zyzoom_Forum_Tools\zRunScanner.com
2015-02-16 21:42:44 29C81875332F7084321C3A82A9A7BF9F 388096 ----a-w- C:\Zyzoom_Forum_Tools\zHijak.com
2015-02-16 21:42:42 3C03576502262CDC6F9EFEAA4E05A709 731136 ----a-w- C:\Zyzoom_Forum_Tools\1.com
2015-02-16 21:37:02 E9F64BA6D2E4C54E67436E696F3D4460 202233 ----a-w- C:\Users\PC i7\Desktop\GetSystemInfo_ATOOOF-I7_PC i7_2015_02_17_00_32_47.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3402252242-812742155-1843706100-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

/build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

/build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WASEL Pro]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WASEL Pro"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\WASEL Pro VPN Service\\WASEL Pro\\wasel_pro.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^PC i7^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\PC i7\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\PCI7~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\PC i7\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"
"TkBellExe"="\"C:\\Program Files\\Real\\RealPlayer\\update\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000Core.job --a------ C:\Users\PC i7\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/29/2012 04:08 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000UA.job --a------ C:\Users\PC i7\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/29/2012 04:08 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10/23/2014 02:14 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10/23/2014 02:14 AM]
C:\Windows\tasks\iToolsDaemon.job --a------ C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe online update program" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Apple Diagnostics" [C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\system32\tasks\DivX online update program" [C:\Program Files\DivX\DivX Update\DivXUpdate.exe]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000Core" [C:\Users\PC i7\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000UA" [C:\Users\PC i7\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\Google Updater and Installer" [C:\Users\PC i7\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000Core" [C:\Users\PC i7\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3402252242-812742155-1843706100-1000UA" [C:\Users\PC i7\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HP online update program" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\system32\tasks\iToolsDaemon" [C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\Opera scheduled Autoupdate 1411512278" [C:\Program Files\Opera\launcher.exe]
"C:\Windows\system32\tasks\Real Player online update program" [C:\Program Files\Real\RealPlayer\update\realsched.exe]
"C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3402252242-812742155-1843706100-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\SmartPCFixer Automatically Update" ["C:\Program Files\SmartPCFixer\update\update.EXE"]
"C:\Windows\system32\tasks\SmartPCFixer Scan Weekly" ["C:\Program Files\SmartPCFixer\SmartPCFixer.exe"]
"C:\Windows\system32\tasks\SmartPCFixer Startup" ["C:\Program Files\SmartPCFixer\SmartPCFixer.exe"]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2014\OneClick.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [09/04/2013 09:31 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [05/17/2012 02:41 PM]

بتبع

 

[عطوف]

==== Firefox Extensions ======================

ProfilePath: C:\Users\PCI7~1\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default
- Undetermined - C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\ffxtlbr@alnaddyToolbar.com
- 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd}
- Undetermined - C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669}
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - ffxtlbr@alnaddyToolbar.com
- Undetermined - {9b9d2aaa-ae26-4447-a7a1-633a32b19ddd}
- Undetermined - {113c6a96-cbc4-4248-bc8a-c05e9ec4b669}
- Undetermined - wrc@avast.com
- 9b9d2aaaae264447a7a1633a32b19ddd - %ProfilePath%\extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd}

AppDir: C:\Program Files\Mozilla Firefox
- Hotspot Shield Extension - %AppDir%\browser\extensions\afext@anchorfree.com
- Hotspot Shield Extension - %AppDir%\browser\extensions\afproxy@anchorfree.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PC i7\AppData\Roaming\Mozilla\Firefox\Profiles\o5ida13a.default
98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
559E8D42BE485208F1C4BB294D6840A4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6
5D4279248A0E506CF007BD51EBF74CEA - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6
F9DE379CE8A782530A4FA0B731F3A49B - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6
049BD7AD3B94F24FA274ED1F7FC5871B - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6
D937A4645EFF8CB4F123E3C899C052B2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6
46A59E6F7F7C1679AC7C4655E055326D - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
9419AA8A2799526EC32B473C2BB7A10D - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
A3E631EA08C5137B682BC97BDF3EB114 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader
3A9E1940B4459CC97FDCBB24FCB69004 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
D49FBD712961D2FED3D4D529EBF597F8 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player
10737B44923217BC0E67D26A9FC1F0AA - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
2645990C521342DCD08963D2DF6CD0D2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Deleted Firefox Extensions ======================

C:\Program Files\Mozilla Firefox\browser\extensions\afext@anchorfree.com deleted
C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com deleted

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aohddidmgooofkgohkbkaohadkolgejj - C:\Users\PC i7\AppData\Local\Youdao\Dict\Application\stable\YDChromeTextExtractor.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01/11/2015 10:44 AM]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[08/14/2013 03:24 PM]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[07/26/2013 05:31 PM]

Ultimate YouTube Downloader - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkpkealncpcbfklpgnggcgjjdkbljop
YouTube - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
cechdibmaolglcdioefoikpknppdekpc - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cechdibmaolglcdioefoikpknppdekpc
selector is not a valid CSS selector - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Youtube Downloader Videos - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmoghpffdalmegdmkfneekjeoagcjfg
Best Youtube Downloader - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\goacemjobhmmbdlbbfjgifjcojdfnjfm
Avast Online Security - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
RealDownloader - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Youtube Video Downloader application - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlcmkkemmjgnancnndbpmmikmhideeo
Twoo Notifications - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggafhpkgkfebnjfbiefbbbicikgchlf
Video download helper - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj
nhgpbmbhocboaalioananelcgfahjpai - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgpbmbhocboaalioananelcgfahjpai
Google Wallet - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Ad Block Popup Block Facebook AdBlock Youtube AdBlock - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbagajmdgpkkogcimdjjjhknpnbkom
Instagram for Chrome - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb
Gmail - PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
App Lid - PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\aemgobnhmjkokaanfjcikbeddfpfbcce
SavePass 1.1 - PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilhhefepljbmehhbmjcflhcchkddfaon
Sense - PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhapbopfchfogphiimjbhodmgnppoigk
Ge-Force - PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\lffnnnfdablgamegkcboelplpcjoacmm

==== Chromium Fix ======================

C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.icmwebserv.com_0.localstorage deleted successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_abc-amber-blackberry-converter.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_i-funbox.ar.softonic.com_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_itunes.ar.softonic.com_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlcmkkemmjgnancnndbpmmikmhideeo deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\aemgobnhmjkokaanfjcikbeddfpfbcce deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_aemgobnhmjkokaanfjcikbeddfpfbcce_0.localstorage deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_aemgobnhmjkokaanfjcikbeddfpfbcce_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_aemgobnhmjkokaanfjcikbeddfpfbcce_0 deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\aemgobnhmjkokaanfjcikbeddfpfbcce deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilhhefepljbmehhbmjcflhcchkddfaon deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_ilhhefepljbmehhbmjcflhcchkddfaon_0 deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ilhhefepljbmehhbmjcflhcchkddfaon deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhapbopfchfogphiimjbhodmgnppoigk deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jhapbopfchfogphiimjbhodmgnppoigk_0.localstorage deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jhapbopfchfogphiimjbhodmgnppoigk_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_jhapbopfchfogphiimjbhodmgnppoigk_0 deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\lffnnnfdablgamegkcboelplpcjoacmm deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lffnnnfdablgamegkcboelplpcjoacmm_0.localstorage deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lffnnnfdablgamegkcboelplpcjoacmm_0.localstorage-journal deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_lffnnnfdablgamegkcboelplpcjoacmm_0 deleted successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lffnnnfdablgamegkcboelplpcjoacmm deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

"

==== Reset Google Chrome ======================

C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully
C:\Users\PC i7\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A374D8EF60F699F45B4FEB7DB2A230C8 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3243FB579343EF43A819C58E02AC43B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aohddidmgooofkgohkbkaohadkolgejj deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5BF3423C-4397-4FE3-A318-C9850EA24CB3} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A374D8EF60F699F45B4FEB7DB2A230C8 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\C3243FB579343EF43A819C58E02AC43B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WASEL Pro deleted successfully

==== HijackThis Entries ======================

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

" /build:7601 (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

يتبع

 

[عطوف]

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VLF1PTY will be deleted at reboot
C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1YEREQ4 will be deleted at reboot
C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHZ87VY1 will be deleted at reboot
C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2QVYX09 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\PC i7\AppData\Local\Mozilla\Firefox\Profiles\o5ida13a.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\PC i7\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\PC i7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=744 folders=223 297655933 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fbwuser6463\AppData\Local\Temp emptied successfully
C:\Users\fbwuser69FA\AppData\Local\Temp emptied successfully
C:\Users\fbwuserA8AC\AppData\Local\Temp emptied successfully
C:\Users\PC i7\AppData\Local\Temp will be emptied at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PCI7~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VLF1PTY" not found
"C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1YEREQ4" not found
"C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHZ87VY1" not found
"C:\Users\PC i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2QVYX09" not found

==== EOF on Sun 02/22/2015 at 11:58:16.22 ======================

البرامج المثبته بأداة HiJackThis

32 Bit HP CIO Components Installer
ABC Amber BlackBerry Converter
ABC Amber PDF Converter
Adobe AIR
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Help Manager
Adobe Photoshop CS6
Adobe Reader XI (11.0.10) - Português
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Wireless Display v3.0
AnyTrans 4.2.7
Apple Mobile Device Support
Apple Software Update
ATI AVIVO Codecs
Auto Gordian Knot 2.55
Avast Pro Antivirus
AVI/MPEG/RM/WMV Splitter 4.28
BlackBerry Desktop Software 7.0
BlackBerry Desktop Software 7.0
Boilsoft Video Splitter 6.32
Bonjour
Catalyst Control Center - Branding
CCleaner
CINEMA 4D 11.514
ConvertXtoDVD 4.1.19.365
CyberLink PowerDVD 10
CyberLink PowerDVD 10
DCE Tools 1.0
DivX Setup
ESET Online Scanner v3
Facebook Messenger 2.1.4814.0
FormatFactory 3.3.5.0
GOM Video Converter
Google Chrome
Google Earth
Google Earth
Google Update Helper
HDD Regenerator
HP Customer Participation Program 14.0
HP Officejet 7000 E809a Series
HP Solution Center 14.0
HydraVision
iCloud
Intel(R) Management Engine Components
Intel(R) Network Connections 15.6.25.0
Intel(R) Network Connections 15.6.25.0
iTunes
Java 7 Update 25
Java(TM) 6 Update 14
JavaFX 2.1.1
K-Lite Codec Pack 5.5.1 (Full)
KMPlayer (remove only)
Ma-Config.com
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 31.0 (x86 ar)
MSVCRT Redists
MSVCRT Redists
MSVCRT Redists
MSXML 4.0 SP2 Parser and SDK
NEF Codec
Nero 11 Creative Collections Pack
Nero 11 Mini Repack
Nero Backup Drivers
Nero Digital
Nikon Message Center 2
Opera 12.17
Opera Stable 27.0.1689.69
PCActivizer
PDF Settings CS6
PhoneRescue 1.6.2
PhoneTrans 4.2.5
Photo Transfer App
Picasa 3
Picture Control Utility
Picture Control Utility 2
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recover My Files
Recuva
Revo Uninstaller Pro 2.5.5
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972106)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972215)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2978125)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2979575v2)
Skype™ 6.11
Smart Data Recovery v3.9
Smart Toolbar Remover v2.2
Snagit 10
Sophos Virus Removal Tool
Speed Video Splitter 4.3.42
SWF Opener
Topaz InFocus
Topaz InFocus
Topaz Adjust 3
Topaz Adjust 4
Topaz Adjust 4
Topaz Clean 3
Topaz Clean 3
Topaz DeJpeg 4
Topaz DeJpeg 4
Topaz DeNoise 5
Topaz DeNoise 5
Topaz Detail 2
Topaz Detail 2
Topaz Fusion Express 2
Topaz Fusion Express 2
Topaz ReMask 2
Topaz ReMask 2
Topaz Simplify 3
Topaz Simplify 3
Topaz Vivacity
Transmute Pro v2.50
Transmute v2.50
Ultra Video Splitter 5.1.0713
UltraISO Premium V9.62
Uninstall DreamSuite
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
VC80CRTRedist - 8.0.50727.6195
Vegas Pro 11.0
ViewNX 2
VLC media player 2.1.3
Windows Installer 4.5 SDK
WinRAR archiver
Xara3D6
Xilisoft 3GP Video Converter
Xilisoft DVD to AVI Converter 6
أداة التحميل Windows Live Upload Tool
دعم تطبيقات Apple‏ (32 بت)
مساعد تسجيل الدخول إلى Windows Live

++++++++
تممممم

 

[انا بابا يلا]

اتوقع صار افضل بكثير ملاحظ انك مثبت اعلانات كثير حاول تتعامل ب احترافية شوى ب تنصيب البرامج وانتبه من "تنصيب البرامج من تنصيب الاعلانات " يعنى بعض البرامج تنصبها تنزل اعلانات بجهازك
واستعمل برنامج Ad muncher

 

[White Man]

تمام .. الأن من خلال برنامج Revo Uninstaller
قم بحذف التالى

Sophos Virus Removal Tool
KMPlayer (remove only)
Malwarebytes Anti-Malware version 2.0.4.1028
ESET Online Scanner v3
Smart Toolbar Remover v2.2

وأخبرنا بعدها بالنتيجة
+
لديك عدة برامج تحتاج لتحديث

 

[عطوف]

برضها مازالت موجودة بعد حذف البرامج

شوفوا الصور

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وش السوات ؟؟؟

 

[White Man]

طيب .. اعمل تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عطوف]

تم عمل التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[White Man]

حمل الملف التالى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وطبق عليه التنظيف كما بالشرح

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[عطوف]

عمرو

عملت اللي قلت عليه وهذه التقارير

تقرير أداة fix

Runscanner logfile

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

* = signed file
- = file not found

General info
------------
Computer name : ATOOOF-I7
Creation time : 25/02/15 07:49:56 ص
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.11.9600.17633
OS : Windows 7 Ultimate
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.60
User Language : العربية (السعودية)‏
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
* C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
* C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
* C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Windows\System32\atieclxx.exe (AMD)
* C:\Windows\System32\atiesrxx.exe (AMD)
* C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
* C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
* C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
* C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
* C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
* C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
* C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
* C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Windows\System32\VSSVC.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
* C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
* C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
* C:\Users\PC i7\Downloads\runscanner.exe (Runscanner.net)
* C:\Program Files\ma-config.com\MaConfigAgent.exe (CybelSoft)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
* C:\Program Files\SmartPCFixer\smartpcfixer.exe
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)

Unrated items
-------------
002 * C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
002 * C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
002 * C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
002 * C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
003 * C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
003 * C:\Users\PC i7\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
010 * C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Service)
010 * C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AvastVirtualBox Interface)
010 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module)
010 * C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit))
010 * C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService)
010 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard Server (32 bit))
011 * C:\Windows\system32\DRIVERS\taphss6.sys (Anchorfree HSS VPN Adapter)
011 C:\Windows\System32\DRIVERS\ASPI32.sys (ASPI for WIN32 Kernel Driver)
011 * c:\windows\system32\drivers\aswHwid.sys (aswHwid.sys)
011 * C:\Windows\system32\drivers\aswRvrt.sys (aswRvrt.sys)
011 * C:\Windows\system32\drivers\aswVmm.sys (aswVmm.sys)
011 * c:\windows\system32\drivers\aswMonFlt.sys (avast! File System Minifilter for Windows 2003/Vista)
011 * c:\windows\system32\drivers\aswKbd.sys (avast! Keyboard Filter Driver)
011 * c:\windows\system32\drivers\aswSP.sys (avast! self protection module)
011 * c:\windows\system32\drivers\aswSnx.sys (avast! Virtualization Driver)
011 * c:\windows\system32\drivers\aswRdr2.sys (avast! WFP Redirect Driver)
011 * C:\Windows\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter)
011 * C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys (Driver NT Ma-Config.com)
011 * C:\Windows\system32\DRIVERS\hssdrv6.sys (Hotspot Shield Routing Driver)
011 * C:\Program Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver)
011 * C:\Windows\system32\DRIVERS\revoflt.sys (Revo Uninstaller Minifilter)
011 * c:\windows\system32\drivers\aswStm.sys (Stream Filter)
011 * C:\Windows\system32\DRIVERS\tap0901.sys (TAP-Win32 Virtual Network Driver)
011 C:\Windows\System32\Drivers\US280D.sys (USB Digital TV Driver)
011 * C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys (VirtualBox Support Driver)
011 C:\Windows\system32\DRIVERS\wdcsam.sys (WD SCSI Architecture Model (SAM) driver)
011 * C:\Windows\system32\WinDBdrv.sys (WinDBdrv.sys)
031 C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
031 * C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}
031 C:\Program Files\Speed Video Splitter\msdxm.ocx (Microsoft Corporation) {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}
035 * C:\Program Files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
052 * C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) {326E768D-4182-46FD-9C16-1449A49795F4}
052 * C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
052 * C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
052 * C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
061 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll (Advanced Micro Devices, Inc.) {872A9397-E0D6-4e28-B64D-52B8D0A7EA35}
061 C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll (DivX, Inc.) {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992}
061 C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll (DivX, Inc.) {83238FAE-D346-4E12-8734-D42F7554B3E6}
061 * C:\Program Files\iTunes\iTunesMiniPlayer.dll (Apple Inc.) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}
061 * C:\Program Files\Recuva\RecuvaShell.dll (Piriform Ltd) {435E5DF5-2510-463C-B223-BDA47006D002}
061 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
061 * c:\program files\real\realplayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
061 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 * C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
104 * C:\Program Files\Java\jre7\bin\jp2iexp.dll {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
104 * C:\Program Files\Java\jre7\bin\jp2iexp.dll {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
105 Add to Google Photos Screensa&ver : res://C:\Windows\system32\GPhotos.scr/200
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل محتوى FLV بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetVL.htm
145 * C:\Windows\system32\drivers\aswKbd.sys (AVAST Software)
173 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
173 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
173 GUID / CLSID not found
173 * C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll (Apple Inc.) {89D984B3-813B-406A-8298-118AFA3A22AE}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
220 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
221 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
221 GUID / CLSID not found
221 * C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll (Apple Inc.) {89D984B3-813B-406A-8298-118AFA3A22AE}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
225 * C:\Program Files\Recuva\RecuvaShell.dll (Piriform Ltd) {435E5DF5-2510-463C-B223-BDA47006D002}
225 * C:\Program Files\Recuva\RecuvaShell.dll (Piriform Ltd) {435E5DF5-2510-463C-B223-BDA47006D002}
225 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
225 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
226 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
227 GUID / CLSID not found {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F}
227 * C:\Program Files\Recuva\RecuvaShell.dll (Piriform Ltd) {435E5DF5-2510-463C-B223-BDA47006D002}
227 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
228 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
229 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
231 * C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
241 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}
241 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
011 System32\drivers\rdvgkmd.sys
011 System32\drivers\synth3dvsc.sys
011 C:\Windows\system32\drivers\tsusbhub.sys


+++++++++++++++++++++++
يتبع