تم حل المشكلة الجهاز بطيء جداً وتعليق بعض البرامج.. التقارير بالداخل

كلو ميه ميه · 19 فبراير 2017

السلام عليكم ورحمة الله وبركاته

ياخوان يوجد لدي مشكله في جهازي اللابتوب Asus k43s .. الجهاز بطيء ويعلق بعض البرامج مثل الوورد اذا فتحت اكثر من ملف يعلق .. وال adobe reader اذا فتحت اكثر من ملف يعلق .. نظفت الجهاز باستخدام اداة زيزوم ومانفع .. سويت سكان بالكاسبر سكي .. وحذفت الملفات المؤقته باستخدام برنامج your uninstaller . . ومانفع .. وتحت التقارير اللي ممكن تنفع ..

تقرير ال RunScanner

=============================

Runscanner logfile

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

* = signed file
- = file not found

General info
------------
Computer name : ECC-PC
Creation time : 2/19/2017 1:14:25 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7601.17514
OS : Windows 7 Professional
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.50
User Language : Arabic (Saudi Arabia)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
* C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Software Ltd.)
* C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe (Babylon Software Ltd.)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\conhost.exe (Microsoft Corporation)
* C:\Windows\System32\conhost.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe (Kaspersky Lab ZAO)
* C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Kaspersky Lab ZAO)
C:\Windows\KMService.exe
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
* C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
* C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
* C:\ZyzooM\RunScanner.exe (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
C:\Windows\SysWOW64\srvany.exe
* C:\Windows\System32\audiodg.exe (Microsoft Corporation)
* C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Users\ECC\Downloads\ZyzooM Maintenance Tool V.2.exe (ZyzooM ForumS)

Unrated items
-------------
002 * C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
002 * C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Software Ltd.)
010 * C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service)
010 * C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service)
010 * C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer)
010 * C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer)
010 * C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (64-bit))
010 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Kaspersky Anti-Virus)
010 * C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService)
011 * C:\Windows\system32\DRIVERS\cm_km_w.sys (Cryptographic Module)
011 * C:\Windows\system32\DRIVERS\klflt.sys (Filter Core [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\HECIx64.sys (Intel(R) Management Engine Interface)
011 * C:\Windows\system32\DRIVERS\klim6.sys (Kaspersky Lab Intermediate Network Driver [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Unified Driver)
011 * C:\Windows\system32\DRIVERS\klhk.sys (klhk [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\klkbdflt.sys (KLKBDFLT Keyboard Device Filter [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\klmouflt.sys (KLMOUFLT Mouse Device Filter [fre_wlh_x64])
011 * C:\Windows\system32\DRIVERS\klpd.sys (KLPD [fre_wnet_x64])
011 * C:\Windows\system32\DRIVERS\kneps.sys (KNEPS Power [fre_wnet_amd64])
011 * C:\Windows\system32\DRIVERS\klwtp.sys (Network filtering component)
011 * C:\Windows\system32\DRIVERS\kltdi.sys (Network filtering component [fre_wnet_amd64])
011 * C:\Windows\system32\drivers\nvhda64v.sys (NVIDIA HDMI Audio Driver)
011 * C:\Windows\system32\DRIVERS\nvlddmkm.sys (nvlddmkm)
011 * C:\Windows\system32\DRIVERS\Rt64win7.sys (Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver )
011 * C:\Windows\System32\Drivers\RtsUVStor.sys (Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8)
011 * C:\Windows\system32\drivers\RTKVHD64.sys (Realtek(r) High Definition Audio Function Driver)
011 * C:\Windows\system32\DRIVERS\kldisk.sys (Virtual Disk fre_wnet_x64)
035 C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96}
041 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) {47833539-D0C5-4125-9FA8-0819E2EAAC93}
042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
042 GUID / CLSID not found {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}
042 GUID / CLSID not found {5547CE1F-74E9-41E5-9CBF-5211ECC37341}
045 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) {47833539-D0C5-4125-9FA8-0819E2EAAC93}
047 Zone: unimelbcloud-files.sharepoint.com :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: unimelbcloud-myfiles.sharepoint.com :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

048 Zone: unimelbcloud-files.sharepoint.com :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

048 Zone: unimelbcloud-myfiles.sharepoint.com :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

052 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
052 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) {AE7CD045-E861-484f-8273-0445EE161910}
052 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) {F4971EE7-DAA0-4053-9964-665D8EE6A077}
052 * C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Software Ltd.) {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
052 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}
052 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) {93BC2EA7-2F17-4729-948A-D2E03FFB2412}
052 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 * C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonDocTranslationPI.dll (Babylon Software Ltd.) {947217BD-E967-400A-B14A-BA851A8EDCBB}
061 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
062 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
064 C:\Windows\system32\user32.dll (Microsoft Corporation)
069 * C:\Windows\system32\AdobePDF.dll (Adobe Systems Inc)
105 Append Link Target to Existing PDF : res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
105 Append to Existing PDF : res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIEAppend.html
105 Convert Link Target to Adobe PDF : res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
105 Convert to Adobe PDF : res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIECapture.html
105 E&xport to Microsoft Excel : res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
105 Se&nd to OneNote : res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
105 Translate this web page with Babylon : res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
105 Translate with Babylon : res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
107 * C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
145 * C:\Windows\system32\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
173 GUID / CLSID not found {A6595CD1-BF77-430A-A452-18696685F7C7}
173 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
173 * C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonDocTranslationPI.dll (Babylon Software Ltd.) {947217BD-E967-400A-B14A-BA851A8EDCBB}
173 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
173 * C:\Program Files\WinRAR\rarext32.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found {A6595CD1-BF77-430A-A452-18696685F7C7}
221 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
221 * C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonDocTranslationPI.dll (Babylon Software Ltd.) {947217BD-E967-400A-B14A-BA851A8EDCBB}
221 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
221 * C:\Program Files\WinRAR\rarext32.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 GUID / CLSID not found
225 GUID / CLSID not found {474C98EE-CF3D-41f5-80E3-4AAB0AB04301}
225 GUID / CLSID not found {474C98EE-CF3D-41f5-80E3-4AAB0AB04301}
225 GUID / CLSID not found {A6595CD1-BF77-430A-A452-18696685F7C7}
225 GUID / CLSID not found {A6595CD1-BF77-430A-A452-18696685F7C7}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
225 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
225 * C:\Program Files\WinRAR\rarext32.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 * C:\Program Files\WinRAR\rarext32.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found {474C98EE-CF3D-41f5-80E3-4AAB0AB04301}
227 * C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\shellex.dll (Kaspersky Lab ZAO) {6ECB6C79-632B-4E91-821A-A8B86346FD93}
231 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
253 GUID / CLSID not found {7EFA68C6-086B-43e1-A2D2-55A113531240}

Missing files
-------------
002 C:\Program Files (x86)\Desktop Calendar\CanDesk.exe
010 C:\Windows\system32\srvany.exe
011 c:\windows\system32\DRIVERS\klkbdflt2.sys
073 C:\Program Files\TechUtilities\TechUtilities.exe

============================================

تقرير ال HiJacks

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:23:17 PM, on 2/19/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ECC\Downloads\ZyzooM Maintenance Tool V.2.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\ZyzooM\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [Desktop Calendar] C:\Program Files (x86)\Desktop Calendar\CanDesk.exe 9
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: Virtual Keyboard - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11944 bytes

==========================================================

تقرير ال AppCrash

'##########################################'
' '
' أداة الصيانة المعتمدة لمنتديات زيزووم للأمن والحماية '
' ForuM.ZyzooM.NeT '
' '
' '
'##########################################'

==================================================
Process File : -AcrobatPro_11 by jajok.com.exe
Event Name : Stopped working
Event Time : 3/19/2016 5:13:10 AM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x0001b7d6
Fault Module Name : -AcrobatPro_11 by jajok.com.exe
Fault Module Version: 1.0.2.1
Process Path : C:\Users\ECC\Downloads\-AcrobatPro_11 by jajok.com.exe
Report File Size : 6,828
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_-AcrobatPro_11 b_9322d6c35d4d29812c8bd6867a14573f166efd_4f7e2d1d\Report.wer
==================================================

==================================================
Process File : -AcrobatPro_11 by jajok.com.exe
Event Name : Stopped working
Event Time : 3/19/2016 5:13:33 AM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x0001b7d6
Fault Module Name : -AcrobatPro_11 by jajok.com.exe
Fault Module Version: 1.0.2.1
Process Path : C:\Users\ECC\Downloads\-AcrobatPro_11 by jajok.com.exe
Report File Size : 6,828
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_-AcrobatPro_11 b_9322d6c35d4d29812c8bd6867a14573f166efd_5336879c\Report.wer
==================================================

==================================================
Process File : -AcrobatPro_11 by jajok.com.exe
Event Name : Stopped working
Event Time : 3/19/2016 5:13:22 AM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x0001b7d6
Fault Module Name : -AcrobatPro_11 by jajok.com.exe
Fault Module Version: 1.0.2.1
Process Path : C:\Users\ECC\Downloads\-AcrobatPro_11 by jajok.com.exe
Report File Size : 6,828
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_-AcrobatPro_11 b_9322d6c35d4d29812c8bd6867a14573f166efd_54ae5d32\Report.wer
==================================================

==================================================
Process File : -AcrobatPro_11 by jajok.com.exe
Event Name : Stopped working
Event Time : 3/19/2016 5:12:50 AM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x0001b7d6
Fault Module Name : -AcrobatPro_11 by jajok.com.exe
Fault Module Version: 1.0.2.1
Process Path : C:\Users\ECC\Downloads\-AcrobatPro_11 by jajok.com.exe
Report File Size : 6,828
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_-AcrobatPro_11 b_9322d6c35d4d29812c8bd6867a14573f166efd_5f31e4a9\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Webpage display problem
Event Time : 2/28/2016 6:44:20 AM
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report File Size : 1,742
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_12df8271b62395a348f102b12959f9768e2baf9_4e9d7031\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Webpage display problem
Event Time : 2/28/2016 6:44:20 AM
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report File Size : 1,742
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_12df8271b62395a348f102b12959f9768e2baf9_4e9d7031\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Webpage display problem
Event Time : 2/15/2017 2:18:32 PM
User Name : ECC
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report File Size : 1,742
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_12df8271b62395a348f102b12959f9768e2baf9_166da2d7\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Webpage display problem
Event Time : 2/12/2016 8:48:09 PM
User Name : ECC
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report File Size : 1,742
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_12df8271b62395a348f102b12959f9768e2baf9_071af4f8\Report.wer
==================================================

==================================================
Process File : WINWORD.EXE
Event Name : Stopped working
Event Time : 2/14/2017 5:17:41 PM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x00087d52
Fault Module Name : wwlib.dll
Fault Module Version: 15.0.4893.1000
Process Path : C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
Report File Size : 24,952
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_WINWORD.EXE_86e7394bc6da1c84496199143e11522527620a0_19383235\Report.wer
==================================================

==================================================
Process File : WINWORD.EXE
Event Name : Stopped working
Event Time : 2/12/2017 2:21:09 PM
User Name : ECC
Exception Code : 0xc0000005
Exception Offset : 0x0027dfe9
Fault Module Name : wwlib.dll
Fault Module Version: 15.0.4893.1000
Process Path : C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
Report File Size : 28,122
Report File Path : C:\Users\ECC\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_WINWORD.EXE_f7af453c5d89f590db5d6a8672c85a25ac9d5d5c_26d0fcea\Report.wer
==================================================

########################################

White Man >< منتديات زيزووم للأمن والحماية // عمرو سعد

ForuM.ZyzooM.NeT

#############

=====================================

تقرير ال ErrLog مرفق ..

أشكركم جزيل الشكر على المساعدة ..

المحترف العربي · 19 فبراير 2017

لديك تولبار وبرامج خبيثة استخدم برنامج ادوير هنا الشرح:

...

...
والله ولى التوفيق
...
ثانيا قم بأزالة برنامج Babylon Software Ltd
من جذوره لانه ملئ بالتولبارات الخطيرة التي تثقل الجهاز
ثم افحص مرة اخري الجهاز ببرنامج مالويرابيتس واختر فحص
مخصص ثم خيار فحص الجذور الخفية

وانصحك بتعطيل هذه
البرامج اذا لاتستخدمها لانها بها تحديثات تزيد من ثقل الجهاز
يمكنك تعطيلها من ادارة المهام او التاسك مانجر هذه هي:
...

* C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Software Ltd.)
* C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe (Babylon Software Ltd.)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
010 * C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service)
002 * C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Software Ltd.)
010 * C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
...
ايضا ادخل الي تشغيل او run اكتب الامر التالي:
msconfig
+
startup
+

...
والله ولى التوفيق
...

كلو ميه ميه · 20 فبراير 2017

السلام عليكم..

شكرا جزيلا ايها المحترف العربي .. عملت اللي قلت لي .. ولكن انا احتاج برنامج Babylon للعمل ماأستطيع الاستغناء عنه .. مارأيك؟؟؟؟

هذا التقرير المطلوب

===========================

# AdwCleaner v6.043 - Logfile created 20/02/2017 at 11:39:31
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-13.1 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : ECC - ECC-PC
# Running from : C:\Users\ECC\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\51197eff-31d3-1
[-] Folder deleted: C:\ProgramData\51197eff-5005-0
[-] Folder deleted: C:\Users\ECC\AppData\Local\Babylon
[-] Folder deleted: C:\Users\ECC\AppData\Roaming\Babylon
[-] Folder deleted: C:\Program Files\Babylon
[-] Folder deleted: C:\ProgramData\Babylon
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Babylon
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
[-] Folder deleted: C:\Users\Public\Documents\Guid
[-] Folder deleted: C:\Program Files (x86)\Babylon
[-] Folder deleted: C:\Users\ECC\AppData\Local\Temp\Babylon
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
[-] Folder deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
[-] Folder deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof
[-] Folder deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
[-] Folder deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlcphjankhppgohedpkjonpadimhaoof

***** [ Files ] *****

[-] File deleted: C:\Users\ECC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
[-] File deleted: C:\Users\ECC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Babylon.lnk
[-] File deleted: C:\Users\Public\Desktop\Babylon.lnk
[-] File deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpiifgmgnfdiblgpaepbmfdkcheicgof_0.localstorage
[-] File deleted: C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpiifgmgnfdiblgpaepbmfdkcheicgof_0.localstorage-journal

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\.bgl
[-] Key deleted: HKLM\SOFTWARE\Classes\.bof
[-] Key deleted: HKLM\SOFTWARE\Classes\BabyDict
[-] Key deleted: HKLM\SOFTWARE\Classes\BabyGloss
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64
[-] Key deleted: HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64.1
[-] Key deleted: HKLM\SOFTWARE\Classes\BabyOptFile
[-] Key deleted: HKLM\SOFTWARE\Classes\Prod.cap
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\.bgl
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\.bof
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabyDict
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabyGloss
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\BabyOptFile
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
[#] Key deleted on reboot: HKCU\Software\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{947217BD-E967-400A-B14A-BA851A8EDCBB}]
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\Babylon
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\DriverRestore
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\eSupport.com
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-87010155-628136687-1990474337-1000\Software\csastats
[#] Key deleted on reboot: HKCU\Software\Babylon
[#] Key deleted on reboot: HKCU\Software\DriverRestore
[#] Key deleted on reboot: HKCU\Software\eSupport.com
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\csastats
[-] Key deleted: HKLM\SOFTWARE\Babylon
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Key deleted on reboot: [x64] HKCU\Software\Babylon
[#] Key deleted on reboot: [x64] HKCU\Software\DriverRestore
[#] Key deleted on reboot: [x64] HKCU\Software\eSupport.com
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Babylon Client
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
[-] Key deleted: HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Key deleted: HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe

***** [ Web browsers ] *****

[-] [C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: gpiifgmgnfdiblgpaepbmfdkcheicgof
[-] [C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: nlcphjankhppgohedpkjonpadimhaoof

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8284 Bytes] - [20/02/2017 11:39:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [7937 Bytes] - [20/02/2017 11:36:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8430 Bytes] ##########

=======================================

وهذي من Malwarebytes

Malwarebytes

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

-Log Details-
Scan Date: 2/20/17
Scan Time: 11:50 AM
Logfile: Malwarebytes report.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ECC-PC\ECC

-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 212538
Time Elapsed: 1 hr, 14 min, 44 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 1
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, No Action By User, [339], [133383],1.0.1064

Module: 1
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, No Action By User, [339], [133383],1.0.1064

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\_metadata, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof, No Action By User, [812], [179803],1.0.1064

File: 29
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, No Action By User, [339], [133383],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons\nta-128.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons\nta-48.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\android-icon.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\empty-favicon.ico, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\ios-icon.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\jquery.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.css, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.html, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\no_thumb.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\search-icon.png, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\background.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\jquery.min.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp_bkgd.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp_util.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\utils.js, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\_metadata\computed_hashes.json, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\_metadata\verified_contents.json, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\config.json, No Action By User, [812], [179803],1.0.1064
PUP.Optional.Spigot, C:\Users\ECC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\manifest.json, No Action By User, [812], [179803],1.0.1064
RiskWare.Tool.HCK, C:\USERS\ECC\DOWNLOADS\UNIVERSAL_ADOBE_PATCHER_V1.2.ZIP, No Action By User, [2561], [69152],1.0.1064
PUP.Optional.InstallCore, C:\USERS\ECC\DOWNLOADS\ITOOLS-IPHONE-MANAGER-2016.3.3.0.6.ZIP, No Action By User, [8], [301065],1.0.1064
PUP.Optional.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-87010155-628136687-1990474337-1000\$RQX3RHP.EXE, No Action By User, [8], [78708],1.0.1064
PUP.Optional.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-87010155-628136687-1990474337-1000\$RDHSBVX.6\ITOOLS-IPHONE-MANAGER-2016.3.3.0.6.ZIP, No Action By User, [8], [301065],1.0.1064
RiskWare.Tool.HCK, C:\$RECYCLE.BIN\S-1-5-21-87010155-628136687-1990474337-1000\$RFHEYCI.2\UNIVERSAL_ADOBE_PATCHER_V1.2\ADOBE.SNR.PATCH-PAINTER.EXE, No Action By User, [2561], [69152],1.0.1064
PUP.Optional.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-87010155-628136687-1990474337-1000\$RDHSBVX.6\ITOOLS-IPHONE-MANAGER-2016.3.3.0.6\ITOOLS-IPHONE-MANAGER-2016.3.3.0.6.EXE, No Action By User, [8], [301065],1.0.1064
HackTool.WpaKill, C:\WINDOWS\SETUP\SCRIPTS\FAXCOOL.EXE, No Action By User, [4638], [75683],1.0.1064

Physical Sector: 0
(No malicious items detected)

(end)

====================

المحترف العربي · 20 فبراير 2017

انت حر اخي في اختيارك وماعلي الرسول الا البلاغ
وانظر ايضا جهازك مصاب ب29 PUP.Optional قم بأزالتها
من الحجز في برنامج مالويرا واعد تشغيل الحاسب موفق
... ... ...

كلو ميه ميه · 20 فبراير 2017

الله يعطيك العافيه حذفت اللي في الحجر كله .. ولما اعاد تشغيل الجهاز كان بطيء جداً .. بعدين صار ممتاز .. هل هذا طبيعي؟

بالنسبة للبرنامج ان شاء الله بشوف له حل ..

بارك الله فيك ماقصرت ..

المحترف العربي · 20 فبراير 2017

نعم طبيعي لان البرنامج يقوم ببعض العمليات للتأكد انه
تم احتواء الموقف ويحاول تحديث نفسه وهكذا ويمكنك
تحديثه يدويا هنا اقصد لك برنامج مالويرا لكن انظر للفرق
الان عما سبق واعطني رأيك بعد هذا الرد وانصحك باعادة
تنصيب برنامج Babylon وقبل تنصيبه مرة ثانية نصب قبله
برنامج Unchecky لان هذا البرنامج يمنع تنصيب التولبار وغيره
من الادوات الضارة عند تنصيبك اي برنامج وفقك الله...

كلو ميه ميه · 21 فبراير 2017

الله يجزاك خير ويرحم والديك ويرفع قدرك .. ماقصرت .. استفسار اخير

تنصج بالكاسبر انتي فايروس ولا انترنت سكيورتي؟ لأن النسخه عندي انترنت سكيورتي بتنتهي بعد خمس ايام .. واتوقع انه ثقيل على الجهاز ... نصيحتك؟

وليد المفلح · 21 فبراير 2017

كلو ميه ميه قال:
الله يجزاك خير ويرحم والديك ويرفع قدرك .. ماقصرت .. استفسار اخير

تنصج بالكاسبر انتي فايروس ولا انترنت سكيورتي؟ لأن النسخه عندي انترنت سكيورتي بتنتهي بعد خمس ايام .. واتوقع انه ثقيل على الجهاز ... نصيحتك؟

سكيورتي.. افضل من فايروس.. في المميزات والحماية .. بنسبه لثقل.. معروف كاسبر في جميع اصداراتـه ثقله على الجهاز... كلنه قوي جدا مقارنه ببرامج الأخرى من وجه نظري. وتجربة شخصية

وشوف الموضوع اخونا الغالي اليوناني يمكن يفيدك في برنامج الكاسبر 2017

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

تقبل مروري..

كلو ميه ميه · 21 فبراير 2017

وليد المفلح قال:
سكيورتي.. افضل من فايروس.. في المميزات والحماية .. بنسبه لثقل.. معروف كاسبر في جميع اصداراتـه ثقله على الجهاز... كلنه قوي جدا مقارنه ببرامج الأخرى من وجه نظري. وتجربة شخصية

وشوف الموضوع اخونا الغالي اليوناني يمكن يفيدك في برنامج الكاسبر 2017

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

تقبل مروري..

الله يجزاك خير ويرضى عليك .. ماقصرت

المحترف العربي · 21 فبراير 2017

كلو ميه ميه قال:
الله يجزاك خير ويرضى عليك .. ماقصرت

>>>
السلام عليكم هل تم حل المشكلة الاساسية يغلق الموضوع؟
...

كلو ميه ميه · 26 فبراير 2017

تم حل المشكلة .. الله يعطيكم العافية ..

تم حل المشكلة الجهاز بطيء جداً وتعليق بعض البرامج.. التقارير بالداخل

كلو ميه ميه

زيزوومي جديد

المرفقات

المحترف العربي

زيزوومي ماسى

كلو ميه ميه

زيزوومي جديد

المحترف العربي

زيزوومي ماسى

كلو ميه ميه

زيزوومي جديد

المحترف العربي

زيزوومي ماسى

كلو ميه ميه

زيزوومي جديد

وليد المفلح

زيزوومى متألق

توقيع : وليد المفلح

كلو ميه ميه

زيزوومي جديد

المحترف العربي

زيزوومي ماسى

كلو ميه ميه

زيزوومي جديد