~ ZHPDiag v2018.1.16.12 By Nicolas Coolman (2018/01/16)
~ Run by BARAA (Administrator) (2018/01/17 16:59:19)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\BARAA\Desktop\ZHPDiag.txt
~ Report: C:\Users\BARAA\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Enterprise, 32-bit (Build 16299) =>.Microsoft Corporation

---\\ Internet Browsers (3) - 0s
~ GCIE: Google Chrome v63.0.3239.132
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.192.16299.0

---\\ Windows Product Information (3) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (2) - 2s
Kaspersky Internet Security v18.0.0.405 (Protection)
Windows Defender (Deactivate)

---\\ System optimization software (1) - 2s
~ CCleaner v5.36 (Optimize)

---\\ Surveillance software (2) - 2s
~ Adobe Flash Player 28 PPAPI (Surveillance)
~ Adobe Reader XI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1786.772 MB (10% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 41 GB (34%) free of 119 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-F6CHQDU
~ User Name: BARAA
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 41 GB free of 119 GB (System)
~ Drive D: has 87 GB free of 120 GB
~ Drive E: has 40 GB free of 65 GB

---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (23) - 2s
[MD5.152D8FB49984351A39F87A592EECD896] - 01/01/2018 - (.Microsoft Corporation - مستكشف Windows.) -- C:\WINDOWS\Explorer.exe [3485392] =>.Microsoft Windows®
[MD5.BFEF0511D30F8866AF6595FC21460856] - 29/09/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [63488] =>.Microsoft Corporation
[MD5.127B9C203C5A3D65783BB7E7A833FF47] - 29/09/2017 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\WINDOWS\System32\Wininit.exe [269192] =>.Microsoft Windows Publisher®
[MD5.8350F5E43892F64681BA2FEC10755867] - 01/01/2018 - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) -- C:\WINDOWS\System32\wininet.dll [2869760] =>.Microsoft Corporation
[MD5.26FBE96E2899C3BA494C9B61EF3005F0] - 01/01/2018 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\WINDOWS\System32\Winlogon.exe [613376] =>.Microsoft Corporation
[MD5.74F80C32971C104DCFEF243F6C1F3E28] - 29/09/2017 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\WINDOWS\System32\sppcomapi.dll [403968] =>.Microsoft Corporation
[MD5.0A821BF024E347943D6F5C5180FAEA31] - 28/12/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.B3DE07C1C551F27047436C84FED88940] - 01/01/2018 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [506264] =>.Microsoft Windows®
[MD5.25E93AC838DBBA1757501C9F3B85DC74] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [22936] =>.Microsoft Windows®
[MD5.813041DC9CF434D539372C50F6B72F0E] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation
[MD5.17CD2948AC64E0E17111566FF2D05A25] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [116736] =>.Microsoft Corporation
[MD5.4335F9E2BAF27AE67C66A9E766F6496B] - 01/01/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [111616] =>.Microsoft Corporation
[MD5.79FFBEEF3CEBCD265E865EF7BADB3BC1] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [68608] =>.Microsoft Corporation
[MD5.97B6AFF4BDDA95434490E82D48EDD028] - 29/09/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [89600] =>.Microsoft Corporation
[MD5.CA3B20720265F619DAE5B5F563BC2BEC] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [185856] =>.Microsoft Corporation
[MD5.B064AC889BC0979E078788F6CE42906C] - 28/12/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [434072] =>.Microsoft Windows®
[MD5.EB4037039C67DA01046DCF3518231A7E] - 01/01/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [236544] =>.Microsoft Corporation
[MD5.109F81235FBB151DE8A90AA935C1BDD2] - 01/01/2018 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [1995672] =>.Microsoft Windows®
[MD5.ADA500A1BF37FA0659AD08AC70EE9C0F] - 29/09/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [81920] =>.Microsoft Corporation
[MD5.729ABF4C4A4624BF153B261675223508] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [79872] =>.Microsoft Corporation
[MD5.C6F1CFFAC6A26102DF039BA7B8243051] - 01/01/2018 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [131072] =>.Microsoft Corporation
[MD5.1855CAF9D9C29DE064920077293186D4] - 01/01/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [96152] =>.Microsoft Windows®
[MD5.134523B18C89C4E1E46C4AA5CA048F49] - 28/12/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [353688] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (6) - 3s
O23 - Service: Advanced SystemCare Service 11 (AdvancedSystemCareService11) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
O23 - Service: خدمة Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) . (.iFunSoft - Product Updater.) - C:\Program Files\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe =>.Qi Wang®
O23 - Service: KMS-R@1n (KMS-R@1n) . (...) - C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator
O23 - Service: Kaspersky Secure Connection خدمة 2.0.0 (KSDE2.0.0) . (.AO Kaspersky Lab - Kaspersky Secure Connection.) - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe =>.Kaspersky Lab®

---\\ Services not Microsoft (SR=Run, SS=Stop) (13) - 14s
SS - Demand [27/09/2017] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [11/01/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [11/12/2017] [ 1058080] Advanced SystemCare Service 11 (AdvancedSystemCareService11) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
SR - Auto [24/01/2017] [ 354672] خدمة Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) . (.AO Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe =>.Kaspersky Lab®
SS - Demand [02/07/2017] [ 300120] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SS - Auto [16/12/2017] [ 153168] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [16/12/2017] [ 153168] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [26/12/2017] [ 2956472] iFunSoft Updater (iFunSoftUpdaterSvc) . (.iFunSoft.) - C:\Program Files\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe =>.Qi Wang®
SS - Auto [02/07/2017] [ 23040] KMS-R@1n (KMS-R@1n) . (...) - C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator
SS - Demand [24/07/2015] [ 301056] KMS-host Service (KMSEmulator) . (.MDL Forum, mod by Ratiborus.) - C:\ProgramData\KMSAutoS\bin\KMSSS.exe =>HackTool.WinActivator
SR - Auto [24/01/2017] [ 354672] Kaspersky Secure Connection خدمة 2.0.0 (KSDE2.0.0) . (.AO Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe =>.Kaspersky Lab®
SS - Demand [11/09/2017] [ 33224] SHAREit Hotspot Service (uSHAREitSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe =>.SHAREit Technologies Co.Ltd®
SS - Demand [31/03/2016] [ 411648] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files\Wondershare\WAF\2.2.0.5\WsAppService.exe =>.Wondershare

---\\ Task Planned Automatically (Register) (17) - 31s
O38 - TASK: {04E3F428-F3B6-482B-A037-14FA8DAFBEF9}[\MEGA\MEGAsync Update Task S-1-5-21-3670302237-3725136352-3398788399-1001] - (.Mega Limited - MEGAupdater.) -- C:\Users\BARAA\AppData\Local\MEGAsync\MEGAupdater.exe [760736] =>.MEGA Limited
O38 - TASK: {1FF7E95E-8B39-47AF-A59D-B4B8C104D7EC}[\WinUtilities_Disk_Cleaner_D81CDF27E9284401] - (.YL Software - WinUtilities Disk Cleaner.) -- C:\Program Files\WinUtilities\ToolDiskCleaner.exe [612752]
O38 - TASK: {22DE7BCB-ED07-4416-BDE7-1DDC8E1568E9}[\GoogleUpdateTaskMachineCore] - (.Google Inc. - مثبِّت Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {23C6FCA4-352C-4557-BE51-56D829C5ADBB}[\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) -- C:\Program Files\CCleaner\CCUpdate.exe [498480] =>.Piriform Ltd
O38 - TASK: {2816D135-1994-4148-9FA6-B94487E392AB}[\WinUtilities_DiskDefrag_D81CDF27E9284404] - (.YL Software - WinUtilities DiskDefrag.) -- C:\Program Files\WinUtilities\ToolDiskDefrag.exe [469392]
O38 - TASK: {4298A73A-9A78-48C7-8786-C7B387C21187}[\ASC11_SkipUac_BARAA] - (.IObit - Advanced SystemCare 11.) -- C:\Program Files\IObit\Advanced SystemCare\ASC.exe [8122656] =>.IObit
O38 - TASK: {457156EC-C141-4509-B5FD-A73D02F03B6F}[\DriverPack Notifier] - (.Driver PackSolution - Software and Drivers.) -- C:\Program Files\DriverPack Notifier\DriverPackNotifier.exe [258560] =>.Driver PackSolution
O38 - TASK: {79F886B3-76C9-4AA4-A68E-C40C439E63D7}[\WinUtilities_History_Cleaner_D81CDF27E9284403] - (.YL Software - WinUtilities History Cleaner.) -- C:\Program Files\WinUtilities\ToolHistoryCleaner.exe [403856]
O38 - TASK: {7A27BD58-C74A-4084-B6BF-DB46FE070967}[\CCleanerSkipUAC] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [7814656] =>.Piriform Ltd
O38 - TASK: {7C6DAA6B-E56B-4909-B95A-4D33797A469B}[\GoogleUpdateTaskMachineUA] - (.Google Inc. - مثبِّت Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {84A19B5A-89A7-4BD3-8023-0FBF0864F5BC}[\ASC11_PerformanceMonitor] - (.IObit - Performance Monitor.) -- C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [3012384] =>.IObit
O38 - TASK: {8A051302-9911-4BE7-B9ED-C26E6F601026}[\Auslogics\BoostSpeed\Start BoostSpeed оn BARAA logon] - (.Aus™logics - Boost™Speed.) -- C:\Program Files\Auslogics\BoostSpeed\Main.exe [4324984]
O38 - TASK: {A71CF34E-1672-499E-A84B-2390E949CD5A}[\WinUtilities_Registry_Cleaner_D81CDF27E9284402] - (.YL Software - WinUtilities Registry Cleaner.) -- C:\Program Files\WinUtilities\ToolRegistryCleaner.exe [641424]
O38 - TASK: {CBA71D68-9307-4B2A-AF89-53FCDA203413}[\KMSAutoNet] - (.MSFree Inc. - KMSAuto Net.) -- C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272] =>HackTool.WinActivator
O38 - TASK: {D45CB18F-502E-4B43-88F5-54C8D7249F5B}[\Adobe Flash Player PPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [1332736] =>.Adobe Systems Incorporated
O38 - TASK: {D72698D4-4A4C-4F13-BBD3-CE069AC5946B}[\Adobe Acrobat Update Task] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1171480] =>.Adobe Systems Incorporated
O38 - TASK: {FE299927-C978-4B40-BF9F-9CA772D9BD00}[\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 28.0 r0.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [272384] =>.Adobe Systems Incorporated

---\\ Auto loading programs from Registry and folders (13) - 3s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel(R) pGFX®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp.®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [Advanced SystemCare 11] . (.IObit - Advanced SystemCare Tray.) -- C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe =>.IObit Information Technology®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-3670302237-3725136352-3398788399-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3670302237-3725136352-3398788399-1001\..\Run: [Advanced SystemCare 11] . (.IObit - Advanced SystemCare Tray.) -- C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe =>.IObit Information Technology®
O4 - HKUS\S-1-5-21-3670302237-3725136352-3398788399-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-3670302237-3725136352-3398788399-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.

---\\ Process running (29) - 4s
[MD5.496F63007787F81C87DBB0757D4DD1EA] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [1058080] [PID.1472] =>.IObit Information Technology®
[MD5.24B91DEBF94F19292C32DB76190036C9] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672] [PID.2180] =>.Kaspersky Lab®
[MD5.3B001E4FE29DBA348FDC65A0E9868F16] - (.iFunSoft - Product Updater.) -- C:\Program Files\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2956472] [PID.2208] =>.Qi Wang®
[MD5.900236357482B00944826354EEC6B93F] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe [288848] [PID.1204] =>.Google Inc®
[MD5.4DCE20849E789DC24A867E7D7B15CE5B] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) -- C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672] [PID.1852] =>.Kaspersky Lab®
[MD5.BB153D44D1CBD6F42F724F0780BC32DD] - (.IObit - Performance Monitor.) -- C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [3012384] [PID.5400] =>.IObit Information Technology®
[MD5.549D7A6EB59E4D13AB0A03FA4FF4617D] - (.Aus™logics - Boost™Speed.) -- C:\Program Files\Auslogics\BoostSpeed\Main.exe [4324984] [PID.5460] =>.Auslogics Labs Pty Ltd®
[MD5.BD324F98E45565AF16D04AD2AF6EF7B1] - (.IObit - Real-time Protector.) -- C:\Program Files\IObit\Advanced SystemCare\RealTimeProtector.exe [943392] [PID.4172] =>.IObit Information Technology®
[MD5.11481570F396AF5D196F16E64DF3AAB8] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe [334632] [PID.4144] =>.Kaspersky Lab®
[MD5.D7F11E499F4F6545A06480712AE2F377] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) -- C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe [595752] [PID.828] =>.Kaspersky Lab®
[MD5.64283B8B83B951DF47D5FE5A6A20E332] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x86__kzf8qxf38zg5c\SkypeHost.exe [75264] [PID.6588] =>.Skype Technologies
[MD5.3951DD44D4A19D73E1054FDDB0DACA5B] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [167008] [PID.7024] =>.Intel(R) pGFX®
[MD5.97FE338A6B487FD3424F66825F56ACA8] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [202840] [PID.7032] =>.Intel(R) pGFX®
[MD5.4921CBA06D2AD3B2560C56B6C3F840D1] - (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [16553448] [PID.7116] =>.Realtek Semiconductor Corp.®
[MD5.7503AD97498A70B6786F81D856855693] - (.IObit - Advanced SystemCare Tray.) -- C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [3598624] [PID.7308] =>.IObit Information Technology®
[MD5.044C7B50B9D9C5ED387D08796F3A04EF] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [4091960] [PID.7368] =>.Tonec Inc.
[MD5.CB1B3F1A1C268609344ADD54A0586633] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [7814656] [PID.7472] =>.Piriform Ltd®
[MD5.0B4D5116626C12C8084B54176223F70D] - (.Mega Limited - MEGAsync.) -- C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe [7867808] [PID.7692] =>.Mega Limited®
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [275512] [PID.7788] =>.Tonec Inc.®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.7840] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.7992] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.8072] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.4456] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.4492] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.5644] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.1056] =>.Google Inc®
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.5692] =>.Google Inc®
[MD5.9F35BBE44F663107FBDAFD144BC1B76D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\BARAA\Downloads\Programs\ZHPDiag3.exe [2964864] [PID.6596] =>.Nicolas Coolman
[MD5.CD10AA3AE31F69F64BD6D6F20AFF89DE] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1367384] [PID.7504] =>.Google Inc®

---\\ Google Chrome, Start,Search,Extensions (28) - 2s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://gc.kis.v2.scr.kaspersky-labs.com =>.Kaspersky Labs
G0 - GCSP: Preferences [User Data\Default][HomePage] http://platform.twitter.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://up.1sw1r.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.cjoint.com =>.cjoint.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.startimes.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www11.0zz0.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz =>.Google Inc.
G2 - GCE: Preference [BARAA][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [BARAA][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [BARAA][User Data\Default] [aoplmgafblbhcgmbcgdjlgckefefmpbg]
G2 - GCE: Preference [BARAA][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [BARAA][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [BARAA][User Data\Default] [dfnmcbancbppiomcejccjlififjidlen] Search Web
G2 - GCE: Preference [BARAA][User Data\Default] [eapdjjoelimkafigaplmddmjnlfcddjj] Facebook Ads Remover - Extension
G2 - GCE: Preference [BARAA][User Data\Default] [eeajicmampllnpkmfimkhefbndkfeloo] Group Invite All
G2 - GCE: Preference [BARAA][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [BARAA][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [BARAA][User Data\Default] [gpaljjahalmebddgdojobofkbbgnfhkg] Streamit Search =>.SUP.BrowserExtension
G2 - GCE: Preference [BARAA][User Data\Default] [hfdjhcknamdjafjlbhclfkfphbncdlbm] Srchsafe
G2 - GCE: Preference [BARAA][User Data\Default] [mchjnmdbdlkdbfliogedbnpnanfjnolk] =>.Unknown
G2 - GCE: Preference [BARAA][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [BARAA][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [BARAA][User Data\Default] [npdckfddjppaipfgmgkldaeikjpngaef] netGamer Search
G2 - GCE: Preference [BARAA][User Data\Default] [pekcnopmdcbjdgmpnpkndppflpldnkkp] Hide My IP
G2 - GCE: Preference [BARAA][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [BARAA][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 2s
P2 - EXT FILE: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_28_0_0_137.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - مستعرض الإنترنت.) (11.00.16299.15 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Browser Helper Object (BHO) (5) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} . (.IObit - Plugin_Protection.) -- C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll =>.IObit Information Technology®
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.IObit - Surfing Protection Dynamic Library.) -- C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\ADBlock.dll =>.IObit Information Technology®

---\\ Global shortcuts Startup (127) - 16s
O4 - GS\Desktop [Administrator]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrator]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Desktop [Administrator]: Hein 4.5.2.lnk . (.Hero Hero - Hero Hero.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein.exe =>.Hero Hero
O4 - GS\Desktop [Administrator]: Hein Recovery 1.8.lnk . (.Hero Hero - Hero Family.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein Recovery.exe =>.Hero Hero
O4 - GS\Desktop [Administrator]: Install Kaspersky Internet Security version 16.0.0.614.lnk . (.Kaspersky Lab - Kaspersky Internet Security [16.0.0.614.0.1.) C:\Users\BARAA\Downloads\Programs\kaspersky-internet-security-2016-16-0-0-614-en-win.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Administrator]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Desktop [Administrator]: Windows 10 Update Assistant.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrator]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BARAA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Advanced SystemCare 11.lnk . (.IObit - Advanced SystemCare 11.) C:\Program Files\IObit\Advanced SystemCare\ASC.exe /manual =>.IObit Information Technology®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Startup [Administrator]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Programs [Administrator]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: ‏‏ميزات اختيارية.lnk . (.Microsoft Corporation - ‎‎الميزات على مساعد الطلب.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Desktop [BARAA]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BARAA]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Desktop [BARAA]: Hein 4.5.2.lnk . (.Hero Hero - Hero Hero.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein.exe =>.Hero Hero
O4 - GS\Desktop [BARAA]: Hein Recovery 1.8.lnk . (.Hero Hero - Hero Family.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein Recovery.exe =>.Hero Hero
O4 - GS\Desktop [BARAA]: Install Kaspersky Internet Security version 16.0.0.614.lnk . (.Kaspersky Lab - Kaspersky Internet Security [16.0.0.614.0.1.) C:\Users\BARAA\Downloads\Programs\kaspersky-internet-security-2016-16-0-0-614-en-win.exe =>.Kaspersky Lab®
O4 - GS\Desktop [BARAA]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [BARAA]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Desktop [BARAA]: Windows 10 Update Assistant.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BARAA]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BARAA]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BARAA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [BARAA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [BARAA]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [BARAA]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [BARAA]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [BARAA]: Advanced SystemCare 11.lnk . (.IObit - Advanced SystemCare 11.) C:\Program Files\IObit\Advanced SystemCare\ASC.exe /manual =>.IObit Information Technology®
O4 - GS\TaskBar [BARAA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [BARAA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Startup [BARAA]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Programs [BARAA]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Programs [BARAA]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [BARAA]: ‏‏ميزات اختيارية.lnk . (.Microsoft Corporation - ‎‎الميزات على مساعد الطلب.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Desktop [Guest]: Hein 4.5.2.lnk . (.Hero Hero - Hero Hero.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein.exe =>.Hero Hero
O4 - GS\Desktop [Guest]: Hein Recovery 1.8.lnk . (.Hero Hero - Hero Family.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein Recovery.exe =>.Hero Hero
O4 - GS\Desktop [Guest]: Install Kaspersky Internet Security version 16.0.0.614.lnk . (.Kaspersky Lab - Kaspersky Internet Security [16.0.0.614.0.1.) C:\Users\BARAA\Downloads\Programs\kaspersky-internet-security-2016-16-0-0-614-en-win.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Guest]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Desktop [Guest]: Windows 10 Update Assistant.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BARAA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Advanced SystemCare 11.lnk . (.IObit - Advanced SystemCare 11.) C:\Program Files\IObit\Advanced SystemCare\ASC.exe /manual =>.IObit Information Technology®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Startup [Guest]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Programs [Guest]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: ‏‏ميزات اختيارية.lnk . (.Microsoft Corporation - ‎‎الميزات على مساعد الطلب.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Desktop [WDAGUtilityAccount]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Desktop [WDAGUtilityAccount]: Hein 4.5.2.lnk . (.Hero Hero - Hero Hero.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein.exe =>.Hero Hero
O4 - GS\Desktop [WDAGUtilityAccount]: Hein Recovery 1.8.lnk . (.Hero Hero - Hero Family.) C:\Program Files\Microsoft Silverlight\5.1.50907.0\ar\Hein Recovery.exe =>.Hero Hero
O4 - GS\Desktop [WDAGUtilityAccount]: Install Kaspersky Internet Security version 16.0.0.614.lnk . (.Kaspersky Lab - Kaspersky Internet Security [16.0.0.614.0.1.) C:\Users\BARAA\Downloads\Programs\kaspersky-internet-security-2016-16-0-0-614-en-win.exe =>.Kaspersky Lab®
O4 - GS\Desktop [WDAGUtilityAccount]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [WDAGUtilityAccount]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Desktop [WDAGUtilityAccount]: Windows 10 Update Assistant.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BARAA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: مستلم الفاكس.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: نقل الملفات عبر Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Advanced SystemCare 11.lnk . (.IObit - Advanced SystemCare 11.) C:\Program Files\IObit\Advanced SystemCare\ASC.exe /manual =>.IObit Information Technology®
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [WDAGUtilityAccount]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Startup [WDAGUtilityAccount]: MEGAsync.lnk . (.Mega Limited - MEGAsync.) C:\Users\BARAA\AppData\Local\MEGAsync\MEGAsync.exe =>.Mega Limited®
O4 - GS\Programs [WDAGUtilityAccount]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [WDAGUtilityAccount]: ‏‏ميزات اختيارية.lnk . (.Microsoft Corporation - ‎‎الميزات على مساعد الطلب.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: Advanced SystemCare 11.lnk . (.IObit - Advanced SystemCare 11.) C:\Program Files\IObit\Advanced SystemCare\ASC.exe /manual =>.IObit Information Technology®
O4 - GS\CommonDesktop [Public]: AVG Driver Updater.lnk . (...) C:\WINDOWS\Installer\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}\Icon.exe /byUser
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: Kaspersky Secure Connection.lnk . (.AO Kaspersky Lab - Kaspersky Secure Connection.) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe -navigate ksde://mainwindow =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: WinUtilities.lnk . (.YL Software - WinUtilities.) C:\Program Files\WinUtilities\WinUtil.exe =>.SuiNing Yilong Software Store®
O4 - GS\CommonDesktop [Public]: Wise Folder Hider.lnk . (.WiseCleaner.com - Wise Folder Hider.) C:\Program Files\Wise\Wise Folder Hider\WiseFolderHider.exe =>.WiseCleaner.com
O4 - GS\CommonDesktop [Public]: الخدمات النقدية الآمنة.lnk . (.AO Kaspersky Lab - Kaspersky Anti-Virus.) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe -safebanking =>.Kaspersky Lab®
O4 - GS\Programs [Public]: Foxit Reader.lnk . (.Copyright (C) 2005-2008 Foxit Software Company - Foxit Reader, Best Reader for Everyday Use!.) C:\Program Files\Foxit Reader\Foxit Reader.exe
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: ‏‏ميزات اختيارية.lnk . (.Microsoft Corporation - ‎‎الميزات على مساعد الطلب.) C:\Windows\System32\fodhelper.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - ‎‎المفكرة.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - ‎‎ملحق لوحة إدخال العمليات الرياضية.) C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - ‎‎الرسام.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - ‎‎الاتصال بسطح المكتب البعيد.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - ‎‎أداة القصاصة.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - ‎‎مسجل الخطوات.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - ‎‎Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - ‎‎تطبيق المفكرة لـ Windows.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - ‎‎عارض XPS.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - ‎‎مخطط توزيع الأحرف.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\accicons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (...) C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: OneDrive for Business.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\grv_icons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\joticon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Outlook 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\outicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PowerPoint 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Publisher 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\pubs.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Skype for Business 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\lyncicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows 10 Update Assistant.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - ‎‎Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: ‏‏‎‎‫مساعد تحديث Windows 10.lnk . (.Microsoft Corporation - Windows 10 Update Assistant.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{55f8ee98-c3b7-421a-8e93-e213928a1cfa}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{55f8ee98-c3b7-421a-8e93-e213928a1cfa}: DhcpDomain = domain.name

---\\ Extra protocols (26) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (44) - 14s
O42 - Logiciel: Adobe Flash Player 28 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 28 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.23) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824245926} =>.Adobe Systems Incorporated
O42 - Logiciel: Advanced SystemCare 11 - (.IObit.) [HKLM] -- Advanced SystemCare_is1 =>.IObit Information Technology®
O42 - Logiciel: AVG Driver Updater - (.AVG Netherlands B.V.) [HKLM] -- {BAAB946F-7E00-41F4-BEC7-B8CCF758E012} =>.AVG Netherlands B.V
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: DriverPack Notifier - (.DriverPack Solution.) [HKLM] -- DriverPack Notifier =>.DriverPack Solution
O42 - Logiciel: FMW 1 - (.AVG Technologies.) [HKLM] -- {A2B92392-DC17-416B-88F6-A6A55E053E32} =>.AVG Technologies
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- {5AAE61FF-858E-453E-B8F3-944618149975} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Secure Connection - (.Kaspersky Lab.) [HKLM] -- {F33C0717-8E04-4EB5-90C8-47221287DB4F} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Secure Connection - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F} =>.Kaspersky Lab
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync =>.Mega Limited®
O42 - Logiciel: Microsoft Access MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0015-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0090-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0016-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-00BA-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0044-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU] -- OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Microsoft OneNote MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-00A1-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-001A-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0018-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-0019-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Skype for Business MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-012B-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (Arabic) 2016 - (.Microsoft Corporation.) [HKLM] -- {90160000-001B-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: NirSoft Wireless Network Watcher - (.NirSoft.) [HKLM] -- NirSoft Wireless Network Watcher =>.NirSoft
O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} =>.Microsoft Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.®
O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC
O42 - Logiciel: SHAREit - (.SHAREit Technologies Co.Ltd.) [HKLM] -- www.ushareit.com_is1 =>.SHAREit Technologies Co.Ltd
O42 - Logiciel: Update for Skype for Business 2016 (KB4011623) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2016 (KB4011623) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90160000-012B-0401-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6} =>.Microsoft Corporation®
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 =>.Zbshareware Lab
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows 10 Update Assistant - (.Microsoft Corporation.) [HKLM] -- {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation®
O42 - Logiciel: WinRAR 5.50 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinUtilities Professional Edition 14.5 - (.YL Computing, Inc.) [HKLM] -- {FC274982-5AAD-4C20-848D-4424A5043009}_is1 =>.YL Computing, Inc
O42 - Logiciel: Wise Folder Hider 3.38 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Folder Hider_is1 =>.Lespeed Technology Ltd.®

---\\ HKCU & HKLM Software Keys (73) - 14s
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Auslogics =>.Auslogics
HKLM\SOFTWARE\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\AVG Netherlands BV =>.AVG Software
HKLM\SOFTWARE\Dolby =>.Dolby
HKLM\SOFTWARE\drpsu =>.Driver PackSolution
HKLM\SOFTWARE\Fortemedia =>.Lugert Europe
HKLM\SOFTWARE\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\iFunSoft =>.iFunSoft
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKLM\SOFTWARE\KRT settings
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Nuance =>.Nuance
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\Opera Software =>.Opera Software
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\SHAREit Technologies =>..SUP.SHAREit
HKLM\SOFTWARE\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
HKLM\SOFTWARE\SNC =>.SNC
HKLM\SOFTWARE\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WinChipHead
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\Wondershare =>.Wondershare
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AVG =>.AVG Software
HKCU\SOFTWARE\Dashlane =>.Dashlane
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\DriverRestore =>.SUP.DriverRestore
HKCU\SOFTWARE\drpsu =>.Driver PackSolution
HKCU\SOFTWARE\eSupport.com =>PUP.Optional.eSupport
HKCU\SOFTWARE\Foxit Software =>.Foxit Software
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\IObit =>.IObit
HKCU\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKCU\SOFTWARE\KasperskyLabSetup =>.Kaspersky Labs
HKCU\SOFTWARE\Local AppWizard-Generated Applications =>.ZWCAD
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Mirage =>.Mirage Game
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\VB and VBA Program Settings =>.Microsoft Corporation
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation

---\\ Contents of the Common Files folders (203) - 11s
O43 - CFD: 21/07/2017 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 25/12/2017 - [] D -- C:\Program Files\Auslogics =>.Auslogics
O43 - CFD: 13/01/2018 - [] AD -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 12/09/2017 - [] D -- C:\Program Files\DriverPack Notifier =>.DriverPack Solution
O43 - CFD: 02/07/2017 - [] D -- C:\Program Files\Foxit Reader =>.Foxit Corporation
O43 - CFD: 09/09/2017 - [] D -- C:\Program Files\Foxit Software =>.Foxit Software
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 22/11/2017 - [] D -- C:\Program Files\iFunSoft =>.iFunSoft
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 17/01/2018 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 07/01/2018 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 02/01/2018 - [] D -- C:\Program Files\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 02/07/2017 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] AD -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 16/11/2017 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 11/10/2017 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 20/09/2017 - [] D -- C:\Program Files\NirSoft =>.NirSoft
O43 - CFD: 02/07/2017 - [] AD -- C:\Program Files\PlayReady =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 24/11/2017 - [] AD -- C:\Program Files\Recuva =>.Piriform
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 04/07/2017 - [] D -- C:\Program Files\SHAREit Technologies =>.SHAREit Technologies Co.Ltd®
O43 - CFD: 12/01/2018 - [] AD -- C:\Program Files\TrashReg =>.Alexander Asyabrik
O43 - CFD: 10/07/2015 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] AD -- C:\Program Files\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 02/07/2017 - [] D -- C:\Program Files\VideoLAN =>.VideoLan Team
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\windows nt =>.Microsoft Corporation
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 17/01/2018 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 14/10/2017 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 22/09/2017 - [] AD -- C:\Program Files\WinUtilities =>.YL Computing
O43 - CFD: 02/07/2017 - [] D -- C:\Program Files\Wise =>.Legitimate
O43 - CFD: 14/11/2017 - [] D -- C:\Program Files\Wondershare =>.Wondershare
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare =>.IObit
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater =>.AVG Software
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore =>.SUP.DriverRestore
O43 - CFD: 17/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 15/12/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter =>.IObit
O43 - CFD: 02/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security =>.Kaspersky Lab
O43 - CFD: 02/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection =>.Kaspersky Lab
O43 - CFD: 29/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit =>.Lenovo Group Limited
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities =>.YL Computing
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider =>.WiseCleaner.com
O43 - CFD: 28/12/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\أدوات Microsoft Office 2016 =>.Microsoft Corporation
O43 - CFD: 21/07/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 25/12/2017 - [] D -- C:\ProgramData\Auslogics =>.Auslogics
O43 - CFD: 22/09/2017 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 07/11/2017 - [] HD -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 10/07/2015 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 09/09/2017 - [] D -- C:\ProgramData\Foxit ContentPlatform =>.Foxit Corporation
O43 - CFD: 06/10/2017 - [0] D -- C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 20/07/2017 - [] D -- C:\ProgramData\GlarySoft =>.GlarySoft
O43 - CFD: 06/11/2017 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 22/11/2017 - [] D -- C:\ProgramData\iFunSoft =>.iFunSoft
O43 - CFD: 14/01/2018 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 17/01/2018 - [] D -- C:\ProgramData\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 02/01/2018 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files =>.Kaspersky Lab
O43 - CFD: 17/01/2018 - [] D -- C:\ProgramData\KMSAutoS =>HackTool.WinActivator
O43 - CFD: 04/07/2017 - [0] D -- C:\ProgramData\Lenovo =>.Lenovo
O43 - CFD: 02/09/2017 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 28/12/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 10/01/2018 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 20/12/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 17/01/2018 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 22/09/2017 - [0] D -- C:\ProgramData\SWCUTemp
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 08/09/2017 - [] D -- C:\ProgramData\VS Revo Group =>.VS Revo Group
O43 - CFD: 14/11/2017 - [] D -- C:\ProgramData\wondershare =>.Wondershare
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 15/11/2017 - [] D -- C:\ProgramData\{EBB358F6-C727-49FC-A863-9F03BD8AC976}
O43 - CFD: 16/11/2017 - [] AD -- C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 04/01/2018 - [] D -- C:\Program Files\Common Files\AV =>.Avast
O43 - CFD: 02/07/2017 - [] AD -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files\Common Files\ifunsoft =>.iFunSoft
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Common Files\IObit =>.IObit
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 12/01/2018 - [] D -- C:\Program Files\Common Files\system =>.Microsoft Corporation
O43 - CFD: 21/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 07/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\Appԁata
O43 - CFD: 20/07/2017 - [0] D -- C:\Users\BARAA\AppData\Roaming\DiskDefrag =>.Auslogics
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 12/09/2017 - [] AD -- C:\Users\BARAA\AppData\Roaming\DriverPack Notifier =>.DriverPack Solution
O43 - CFD: 12/09/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\DRPNPS
O43 - CFD: 12/09/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\DRPSu =>.Driver PackSolution
O43 - CFD: 09/09/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Foxit AgentInformation =>.Foxit Corporation
O43 - CFD: 06/10/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 10/08/2017 - [0] D -- C:\Users\BARAA\AppData\Roaming\GlarySoft =>.GlarySoft
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Google =>.Google
O43 - CFD: 14/11/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\HMYGSetting =>Adware.Suspect
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\IDM =>.IDM
O43 - CFD: 15/11/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\iFunSoft =>.iFunSoft
O43 - CFD: 24/11/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\IObit =>.IObit
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 31/12/2017 - [] SD -- C:\Users\BARAA\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\BARAA\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 22/09/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 07/01/2018 - [] SHD -- C:\Users\BARAA\AppData\Roaming\Pr
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Skype =>.Skype
O43 - CFD: 05/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Umeng
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 15/11/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Wondershare =>.Wondershare
O43 - CFD: 03/07/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Zbshareware Lab =>.Zbshareware Lab
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 12/09/2017 - [0] D -- C:\Users\BARAA\AppData\Roaming\{A50538C0-65BC-4645-B3D5-E4614879B75D}
O43 - CFD: 12/09/2017 - [0] D -- C:\Users\BARAA\AppData\Roaming\{EF0D5A0B-C508-4F9B-9373-E573D8936B9D}
O43 - CFD: 13/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\Adobe =>.Adobe
O43 - CFD: 16/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 07/11/2017 - [] D -- C:\Users\BARAA\AppData\Local\AVG Netherlands BV =>.AVG Software
O43 - CFD: 15/08/2017 - [] D -- C:\Users\BARAA\AppData\Local\CEF =>.CEF
O43 - CFD: 08/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 08/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 08/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\DBG =>.DBG
O43 - CFD: 16/10/2017 - [] D -- C:\Users\BARAA\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 22/11/2017 - [] D -- C:\Users\BARAA\AppData\Local\Embratoria =>.Embratoria
O43 - CFD: 22/11/2017 - [] D -- C:\Users\BARAA\AppData\Local\Facebook =>.Facebook
O43 - CFD: 13/10/2017 - [] D -- C:\Users\BARAA\AppData\Local\Foxit Reader =>.Foxit Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Geckofx =>.Geckofx
O43 - CFD: 16/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\Google =>.Google
O43 - CFD: 04/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\Lenovo =>.Lenovo
O43 - CFD: 09/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 19/09/2017 - [] D -- C:\Users\BARAA\AppData\Local\Mega Limited =>.MEGA Limited
O43 - CFD: 10/01/2018 - [] D -- C:\Users\BARAA\AppData\Local\MEGAsync =>.MegaSystems
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\mpress =>.MPress
O43 - CFD: 19/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\MSfree Inc =>HackTool.WinActivator
O43 - CFD: 07/01/2018 - [] D -- C:\Users\BARAA\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 16/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Privax Ltd =>.Privax Ltd
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 03/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\SHAREit =>.Lenovo Group Limited
O43 - CFD: 04/07/2017 - [] D -- C:\Users\BARAA\AppData\Local\SHAREit Technologies
O43 - CFD: 15/11/2017 - [] D -- C:\Users\BARAA\AppData\Local\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\BARAA\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 21/07/2017 - [] D -- C:\Users\BARAA\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 15/11/2017 - [] D -- C:\Users\BARAA\AppData\LocalLow\iFunSoft =>.iFunSoft
O43 - CFD: 15/11/2017 - [] D -- C:\Users\BARAA\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 09/07/2017 - [] SD -- C:\Users\BARAA\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/12/2017 - [] D -- C:\Users\BARAA\Desktop\EmbratoriaG7
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 07/01/2018 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/01/2018 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 29/09/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync =>.MegaSystems
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder =>.SNC
O43 - CFD: 10/01/2018 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\Users\BARAA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/07/2017 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 29/12/2017 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
O43 - CFD: 04/01/2018 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 28/12/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 29/12/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\TokenBroker
O43 - CFD: 28/12/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 28/12/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 28/12/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation

---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 0s
O106 - SIOI:
MEGA (Pending) [
MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI:
MEGA (Synced) [
MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI:
MEGA (Syncing) [
MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation

---\\ Search Context Menu Handlers (SCMH) (35) - 3s
O108 - CMH1: Advanced SystemCare - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll =>.IObit Information Technology®
O108 - CMH1: IObit Malware Fighter - . (.Orphan.)
O108 - CMH1: Kaspersky Anti-Virus 18.0.0 - {FF48AD48-74C7-4260-B385-FAEB80947450} . (.AO Kaspersky Lab - Shell Extension.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll =>.Kaspersky Lab®
O108 - CMH1: MEGA (Context menu) - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O108 - CMH1: ModernSharing - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: SmartDefragExtension - {189F1E63-33A7-404B-B2F6-8C76A452CC54} . (.Orphan.)
O108 - CMH1: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - ملحق Shell "لمجلدات العمل" من Microsoft (C).) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: Advanced SystemCare - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll =>.IObit Information Technology®
O108 - CMH2: OpenContainingFolderMenu - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: CopyAsPathMenu - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: MEGA (Context menu) - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O108 - CMH3: SendTo - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: Advanced SystemCare - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll =>.IObit Information Technology®
O108 - CMH4: Kaspersky Anti-Virus 18.0.0 - {FF48AD48-74C7-4260-B385-FAEB80947450} . (.AO Kaspersky Lab - Shell Extension.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll =>.Kaspersky Lab®
O108 - CMH4: MEGA (Context menu) - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O108 - CMH4: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - ملحق Shell "لمجلدات العمل" من Microsoft (C).) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} . (.Intel Corporation - igfxpph Module.) -- C:\Windows\System32\igfxpph.dll =>.Microsoft Windows Hardware Compatibility Publisher®
O108 - CMH5: New - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - ملحق Shell "لمجلدات العمل" من Microsoft (C).) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: Kaspersky Anti-Virus 18.0.0 - {FF48AD48-74C7-4260-B385-FAEB80947450} . (.AO Kaspersky Lab - Shell Extension.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll =>.Kaspersky Lab®
O108 - CMH6: Library Location - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - ‎‎مكتبة DLL المشتركة لـ Windows Shell.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - محلل التطبيق.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH7: Advanced SystemCare - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll =>.IObit Information Technology®
O108 - CMH7: EnhancedStorageShell - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: Kaspersky Anti-Virus 18.0.0 - {FF48AD48-74C7-4260-B385-FAEB80947450} . (.AO Kaspersky Lab - Shell Extension.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll =>.Kaspersky Lab®
O108 - CMH7: MEGA (Context menu) - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (...) -- C:\Users\BARAA\AppData\Local\MEGAsync\ShellExtX32.dll
O108 - CMH7: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\\ Image File Execution Options (20) - 4s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\FlashPlayerApp.exe - (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) [DisableExceptionChainValidation\\0] =>.Microsoft Windows Third Party Application Component®
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - ‎‎أداة التثبيت المساعدة غير المراقبة لـ IE.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - ‎‎Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\MRT.exe - (.Microsoft Corporation - أداة إزالة البرامج الضارة لـ Microsoft Wind.) [CFGOptions\\1] =>.Microsoft Corporation®
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - ‎‎مضيف تطبيق Microsoft (R) HTML.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - مضيف Windows Presentation Foundation.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - ‎‎عملية مضيفة لخدمات Windows.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - ‎‎عملية مضيفة لخدمات Windows.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation

---\\ System Drivers List (67) - 43s
O58 - SDL:2017/09/29 12:49:09 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [85912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1037344] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [75160] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [215448] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [22936] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [116632] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [8192] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/02/06 06:39:20 A . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\WINDOWS\System32\drivers\CH341SER.SYS [41472] =>.www.winchiphead.com
O58 - SDL:2016/12/26 20:27:10 A . (.AO Kaspersky Lab - Cryptographic Module Driver x86 (56 bit).) -- C:\WINDOWS\System32\drivers\cm_km.sys [176864] =>.Kaspersky Lab®
O58 - SDL:2014/11/24 22:09:08 A . (.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys [30504] =>.eSupport.com, Inc®
O58 - SDL:2017/09/29 12:49:09 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [55840] =>.Microsoft Windows®
O58 - SDL:2017/09/12 16:15:29 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [28672] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [74240] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\WINDOWS\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\WINDOWS\System32\drivers\iaioi2c.sys [57856] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [525208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [333720] =>.Microsoft Windows®
O58 - SDL:2017/12/29 02:47:16 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [149168] =>.Tonec Inc.®
O58 - SDL:2017/07/02 05:57:33 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd32.sys [3787392] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2016/10/01 02:26:00 A . (.AO Kaspersky Lab - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [165296] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:48:13 A . (.AO Kaspersky Lab - Backup Disk Filter [fre_wnet_x86].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [62184] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:48:23 A . (.AO Kaspersky Lab - Backup File Filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [97504] =>.Kaspersky Lab®
O58 - SDL:2016/05/31 23:24:04 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x86].) -- C:\WINDOWS\System32\drivers\kldisk.sys [69000] =>.Kaspersky Lab®
O58 - SDL:2016/10/14 02:44:02 A . (.AO Kaspersky Lab - Early Launch Anti-Malware Filter [fre_win8_.) -- C:\WINDOWS\System32\drivers\klelam.sys [23160] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2018/01/02 13:47:19 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klflt.sys [164568] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:02:47 A . (.AO Kaspersky Lab - klhk [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klhk.sys [436720] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:48:02 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klif.sys [821952] =>.Kaspersky Lab®
O58 - SDL:2016/10/12 12:29:24 A . (.AO Kaspersky Lab - Packet Network Filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klim6.sys [49744] =>.Kaspersky Lab®
O58 - SDL:2016/12/23 09:20:48 A . (.AO Kaspersky Lab - Keyboard Device Filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [50912] =>.Kaspersky Lab®
O58 - SDL:2016/12/07 09:30:50 A . (.AO Kaspersky Lab - Mouse Device Filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [52448] =>.Kaspersky Lab®
O58 - SDL:2017/08/09 14:51:34 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x86].) -- C:\WINDOWS\System32\drivers\klpd.sys [45552] =>.Kaspersky Lab®
O58 - SDL:2017/01/20 13:22:18 A . (.AO Kaspersky Lab - Generic PnP filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klpnpflt.sys [40736] =>.Kaspersky Lab®
O58 - SDL:2016/06/07 01:31:04 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\kltap.sys [48056] =>.AnchorFree Inc®
O58 - SDL:2018/01/02 13:09:51 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Monitor.) -- C:\WINDOWS\System32\drivers\klupd_klif_arkmon.sys [258832] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:09:50 A . (.AO Kaspersky Lab - Kernel heuristics engine.) -- C:\WINDOWS\System32\drivers\klupd_klif_kimul.sys [83880] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:38:57 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit.) -- C:\WINDOWS\System32\drivers\klupd_klif_klark.sys [265088] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:09:51 A . (.AO Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\WINDOWS\System32\drivers\klupd_klif_klbg.sys [91000] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:09:50 A . (.AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Engine.) -- C:\WINDOWS\System32\drivers\klupd_klif_mark.sys [170984] =>.Kaspersky Lab®
O58 - SDL:2016/12/20 17:51:14 A . (.AO Kaspersky Lab - WFP Network Filter [fre_win8_x86].) -- C:\WINDOWS\System32\drivers\klwfp.sys [79584] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:46:51 A . (.AO Kaspersky Lab - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [116448] =>.Kaspersky Lab®
O58 - SDL:2018/01/02 13:48:41 A . (.AO Kaspersky Lab - Network Processor [fre_wnet_x86].) -- C:\WINDOWS\System32\drivers\kneps.sys [165088] =>.Kaspersky Lab®
O58 - SDL:2017/09/22 12:09:53 A . (...) -- C:\WINDOWS\System32\drivers\lpsport.sys [55160] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [93216] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [102808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [84376] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [69528] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [52120] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [56728] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [464792] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [58264] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [119192] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [141344] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [51608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [54680] =>.Microsoft Windows®
O58 - SDL:2018/01/07 18:25:18 A . (.Sysinternals - www.sysinternals.com - Process Explorer.) -- C:\WINDOWS\System32\drivers\PROCEXP152.SYS [29160] =>.Sysinternals®
O58 - SDL:2017/09/29 12:49:10 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 32-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x86.sys [504832] =>.Realtek
O58 - SDL:2017/09/29 12:49:19 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [47616] =>.Realtek
O58 - SDL:2017/09/07 02:48:28 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHDA.sys [4559848] =>.Realtek Semiconductor Corp.®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [41368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [78368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [27032] =>.Microsoft Windows®
O58 - SDL:2017/11/15 07:08:17 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\WINDOWS\System32\drivers\SWDUMon.sys [22728] =>.SUP.SlimWareUtilities
O58 - SDL:2016/03/29 06:01:50 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8.sys [163896] =>.Intel(R) Embedded Subsystems and IP Blocks Group®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [149912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [276000] =>.Microsoft Windows®
O58 - SDL:2015/07/10 13:39:36 A . (.Intel Corporation - Intel(R) Acpi Control Driver.) -- C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [57992] =>.Intel(R) Software®

---\\ Last modified or created user files (5) - 19s
O61 - LFC: 2018/01/17 13:34:18 A . (..) -- C:\Users\BARAA\Downloads\flash-player (1).exe [479240]
O61 - LFC: 2018/01/17 13:34:25 A . (..) -- C:\Users\BARAA\Downloads\flash-player (2).exe [479240]
O61 - LFC: 2018/01/17 13:45:10 A . (..) -- C:\Users\BARAA\Downloads\flash-player (3).exe [479240]
O61 - LFC: 2018/01/17 15:08:35 A . (..) -- C:\Users\BARAA\Downloads\flash-player (4).exe [479240]
O61 - LFC: 2018/01/17 13:33:57 A . (..) -- C:\Users\BARAA\Downloads\flash-player.exe [479240]

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- %1" %*
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

---\\ Search Svchost Services (49) - 3s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [207872] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [1136128] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [732672] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [725504] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [117760] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [116224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [91136] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [695808] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [317440] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [339456] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [79872] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [788992] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [143360] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [187392] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [46592] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - خدمة إعداد الشبكة.) -- C:\Windows\System32\NetSetupSvc.dll [215552] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [331264] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - إعدادات الطيران.) -- C:\Windows\System32\flightsettings.dll [654336] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [516608] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [656896] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [146432] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\Windows\System32\NaturalAuth.dll [297472] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1008640] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [53760] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [917504] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [931328] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\Windows\System32\WpnService.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1652736] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\Windows\System32\irmon.dll [20480] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [92672] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [830976] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [403456] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [533504] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [252928] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [2342400] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1003008] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [565248] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [769536] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [37888] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [936960] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [163840] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [107008] =>.Microsoft Corporation

---\\ Firewall Active Exception List (2) - 5s
O87 - FAEL: "{8AA83E61-A7C0-4888-B07A-E6C58B06CE71}" [In-None-P6-TRUE] .(...) -- C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator
O87 - FAEL: "{DFA85DBA-A573-4CA7-8DE8-94EC66C55327}" [Out-None-P6-TRUE] .(...) -- C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator

---\\ Windows Installer Scan (18) - 29s
[MD5.0A8B4B5F2593A96BEED0392ECB78D0BA] [WIS][2018/01/02 13:02:16] (.Kaspersky Lab - Kaspersky Internet Security.) -- C:\WINDOWS\Installer\51096.msi [11087872] =>.Kaspersky Lab
[MD5.89F06B7B3ADF3C13E40B584E4E74316D] [WIS][2018/01/02 13:02:26] (.Kaspersky Lab - Kaspersky Secure Connection.) -- C:\WINDOWS\Installer\5109d.msi [9449472] =>.Kaspersky Lab
[MD5.A666B14C461CC7207C0C9B3D0D2D28F3] [WIS][2017/11/16 13:17:25] (.Adobe Systems Incorporated - Adobe ARM Installer.) -- C:\WINDOWS\Installer\5cd6a.msi [880128] =>.Adobe Systems Incorporated
[MD5.D7C8F629A87765492DAA8856DE7A9CCC] [WIS][2017/11/07 15:03:48] (.AVG Technologies CZ, s.r.o. - Visual Studio 2012 x86 Redistributables.) -- C:\WINDOWS\Installer\648a9b.msi [40960] =>.AVG Technologies CZ, s.r.o.
[MD5.F7C41C1798D0B2220A458AAECDEBB883] [WIS][2017/11/07 15:04:06] (.AVG Technologies - FMW.) -- C:\WINDOWS\Installer\648a9e.msi [1691648] =>.AVG Technologies
[MD5.37F4DEE80D63928C908A4EE33DD79822] [WIS][2017/11/07 15:09:24] (.AVG Technologies - AVG PC TuneUp.) -- C:\WINDOWS\Installer\648aa4.msi [2195456] =>.AVG Technologies
[MD5.76D9923B0FB82DF1E2A9BF42D0185607] [WIS][2012/09/24 04:47:27] (.Adobe Systems Incorporated.) -- C:\WINDOWS\Installer\6d06c0.msi [2385920] =>.Adobe Systems Incorporated
[MD5.5698730F62E05281C6604FA4C21CB330] [WIS][2017/11/07 16:12:06] (.AVG Netherlands B.V - Looks for updates for your computer's .) -- C:\WINDOWS\Installer\a2dce4.msi [29933568] =>.AVG Netherlands B.V
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2017/12/16 07:59:20] (.Google Inc. - Google Update Helper.) -- C:\WINDOWS\Installer\bddad.msi [40960] =>.Google Inc.
[MD5.834919D74149700138C36FB0483F2753] [WIS][2018/01/02 13:47:01] (.Kaspersky Lab.) -- C:\WINDOWS\Installer\131c3b.msp [65536] =>.Kaspersky Lab
[MD5.82AFCDADE03E0D668CD47E509201967B] [WIS][2018/01/02 13:48:31] (.Kaspersky Lab.) -- C:\WINDOWS\Installer\131c48.msp [13234176] =>.Kaspersky Lab
[MD5.2439AACD5056206D6254F79B0C561EB7] [WIS][2017/07/12 10:19:58] (..) -- C:\WINDOWS\Installer\25b711.msp [3833856]
[MD5.F576FED62705EE752FCA48749A692F9B] [WIS][2017/08/07 09:20:15] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\2afdad.msp [12849152] =>.Adobe Systems, Incorporated
[MD5.DE45821BBC172EDD84DE68648EFF5D0C] [WIS][2017/11/13 05:24:16] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\5ce2e.msp [48394240] =>.Adobe Systems, Incorporated
[MD5.84891AC5487B67A75AEBA6D0454E3734] [WIS][2014/08/05 19:07:02] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\6d06c1.msp [2424832] =>.SUP.Obsolète.Adobe
[MD5.91E56177CC2DD244914D990542411547] [WIS][2014/08/05 19:07:01] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\6d06c2.msp [43950080] =>.SUP.Obsolète.Adobe
[MD5.01E00B02D2BD37746B25A653895FB896] [WIS][2017/04/10 06:33:03] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\750197.msp [48599040] =>.Adobe Systems, Incorporated
[MD5.F7098BCC1E9047565DBABF7F42201A7F] [WIS][2017/08/22 14:42:48] (.Adobe Systems, Incorporated.) -- C:\WINDOWS\Installer\cfe56.msp [4100096] =>.Adobe Systems, Incorporated

---\\ Additional Scan (O88) (16) - 17s
HKLM\SYSTEM\CurrentControlSet\Services\KMS-R@1n =>HackTool.WinActivator
C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator
HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator =>HackTool.WinActivator
C:\ProgramData\KMSAutoS\bin\KMSSS.exe =>HackTool.WinActivator
C:\ProgramData\KMSAutoS\KMSAuto Net.exe =>HackTool.WinActivator
C:\WINDOWS\System32\Tasks\KMSAutoNet =>HackTool.WinActivator
C:\Users\BARAA\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpaljjahalmebddgdojobofkbbgnfhkg =>.SUP.BrowserExtension
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore =>.SUP.DriverRestore
C:\ProgramData\KMSAutoS =>HackTool.WinActivator
C:\Users\BARAA\AppData\Roaming\HMYGSetting =>Adware.Suspect
C:\Users\BARAA\AppData\Local\MSfree Inc =>HackTool.WinActivator
C:\Users\BARAA\AppData\Local\SlimWare Utilities Inc =>.SUP.SlimWareUtilities
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension =>.SUP.Orphan
C:\WINDOWS\Installer\6d06c1.msp =>.SUP.Obsolète.Adobe
C:\WINDOWS\Installer\6d06c2.msp =>.SUP.Obsolète.Adobe

---\\ Summary of the elements found (8) - 0s
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.SUP.SlimWareUtilities
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverRestore
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.eSupport
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolète.Adobe

~ Unselected Options: O82,
~ End of the scan, 26005 items in 04mn16s (1007)(0)