Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by mohamed (18-03-2018 22:58:42)
Running from C:\Users\mohamed\Desktop
Windows 10 Pro Version 1709 16299.309 (X64) (2017-11-01 07:46:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3544706222-1499703263-3937389962-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3544706222-1499703263-3937389962-503 - Limited - Disabled)
Guest (S-1-5-21-3544706222-1499703263-3937389962-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3544706222-1499703263-3937389962-1002 - Limited - Enabled)
moha (S-1-5-21-3544706222-1499703263-3937389962-1005 - Limited - Enabled) => C:\Users\moha.mohamed-PC
mohamed (S-1-5-21-3544706222-1499703263-3937389962-1000 - Administrator - Enabled) => C:\Users\mohamed
WDAGUtilityAccount (S-1-5-21-3544706222-1499703263-3937389962-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: جدار الحماية الشخصي ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.90 - NVIDIA Corporation) Hidden
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Dell System Detect (HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\58d94f3ce2c27db0) (Version: 6.12.0.1 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DigUP Menschen A1.1 (HKLM-x32\...\DigUP Menschen A1.1) (Version: 1.0.0.0 - Hueber)
DriversCloud.com (64 bits) (HKLM\...\{54F822C5-B093-46D2-B52C-E120EF2AE90F}) (Version: 8.0.3.0 - Cybelsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESET Smart Security (HKLM\...\{28CB6932-DA7E-4C69-8155-1CD075475133}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
f.lux (HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\Flux) (Version: - f.lux Software LLC)
FILERECOVERY Professional (HKLM-x32\...\{CB45A1BD-9BEF-4C48-AD52-DEB7E9BB6DF5}_is1) (Version: 5.5.4.6 - LC Technology International, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc‎.‎)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IslamWay Cd Virsion (HKLM-x32\...\{669E7C82-75D7-11D7-B0B9-863E4C908C5A}) (Version: 15.1.4.3 - IslamWay)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Cleaner (HKLM-x32\...\{7DDC11A1-C25C-4090-AC3F-0330955593BA}) (Version: 1.0.1.150 - Kaspersky Lab)
K-Lite Mega Codec Pack 10.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
Malwarebytes Anti-malware (HKLM-x32\...\{FCFE4BF1-61C9-4EE7-8648-6CC9279D927D}) (Version: 2.2.1.1043 - Malwarebytes Anti-malware) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Menschen A1-1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\{61CBBC2C-7716-464F-317E-F2C7ED7FE990}) (Version: 1.0 - Hueber Verlag GmbH & Co KG) Hidden
Menschen A1-1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\de.hueber.menschena11izu) (Version: 1.0 - Hueber Verlag GmbH & Co KG)
Menschen A2-1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\{77B71F24-92E0-6A80-2B32-FB04240808BD}) (Version: 1.0 - Hueber Verlag GmbH & Co KG) Hidden
Menschen A2-1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\de.hueber.menschena21izu) (Version: 1.0 - Hueber Verlag GmbH & Co KG)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 59.0 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0 (x64 en-US)) (Version: 59.0 - Mozilla)
NVIDIA 3D Vision Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Real Alternative 1.60 (HKLM-x32\...\RealAlt_is1) (Version: 1.60 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.403.44552 - Vodafone)
Vodafone Wi-Fi (HKLM-x32\...\{4C897612-87C1-4084-88B3-A9505DC17A77}) (Version: 2.0.1.44883 - Vodafone)
WhatsApp (HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
WizIQ Desktop (HKLM-x32\...\{3B32D391-7B4F-CFE4-2DBE-F810B0B8941F}) (Version: 1.1.7 - authorGEN Technologies Private Limited) Hidden
WizIQ Desktop (HKLM-x32\...\com.wiziq.wiziqdesktop) (Version: 1.1.7 - authorGEN Technologies Private Limited)
Zelio Soft 2 v4.3.0. (HKLM-x32\...\{30ACF8E3-E213-4D85-B720-B45DC87E52B4}) (Version: 4.3.0. - Schneider Electric)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ShellIconOverlayIdentifiers-x32: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ShellIconOverlayIdentifiers-x32: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-25] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-10-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-10-24] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-25] (ESET)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-12-07] ()
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-16] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-09-17] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-25] (ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-10-24] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-10-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068225AC-C909-4B98-9253-66AF7F7622A1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {09BF1781-847D-4BF8-967D-6BA33BF34E80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {19E0A45B-DC30-47E7-8E2F-720E7608C52B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1CECC9CE-952D-4A21-94F6-78B9FDE97577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {1FB46A2D-F992-4384-834C-27154BD9FA5F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-29] (Microsoft Corporation)
Task: {1FE4A6DA-C120-4557-AA96-B34E93B17E06} - System32\Tasks\{42DB7962-04E9-45FD-9929-A8179A2E9736} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.22.64.106/en/abandoninstall?page=tsMain
Task: {2009FF93-CCE2-46ED-B978-6AAE94FC615F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {25552A6A-05FF-4702-996A-DD8DFF66A76A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2B898E16-1604-4CC3-A753-1DA5F98C5FFD} - System32\Tasks\Opera scheduled Autoupdate 1488629860 => C:\Program Files (x86)\Opera\launcher.exe [2018-03-08] (Opera Software)
Task: {2BECFC78-946B-4EE3-87FE-7D1BC9D0A409} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {37D2D8FD-82DE-451C-A4D3-FF9D86C0D185} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-03-14] (Adobe Systems Incorporated)
Task: {3A4D51CE-1C93-4F6F-8A79-DBFEB3193CF8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {3C387A8E-30C6-489F-AB03-279381C74C7F} - System32\Tasks\{017DDE17-8C84-4841-8ED2-FBC17DAA7F3C} => C:\Windows\system32\pcalua.exe -a C:\Users\mohamed\Downloads\Programs\vcredist_x64.exe -d C:\Users\mohamed\AppData\Roaming\IDM
Task: {3E01BCEB-9E5E-490F-BE30-B90228009A47} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {408953D3-9297-4D80-8C58-BDD5D0CCC9B9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40AA78BC-0DAF-4A7F-9DBA-0E86A1440393} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {452B8DE2-076A-4A08-9E85-82D965D18C57} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {46C61F86-66FC-4B02-B21F-13BEADE0BF68} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B16429B-C102-4B4B-8853-69993B7691CB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {58250B29-B0F4-4CB8-B3B9-554AC94EBA2E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {585CF962-ED90-4A3C-8090-27E67C3EF127} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {67E7FDF6-B1F9-4A9A-A1D2-B190D2BC7B7F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3544706222-1499703263-3937389962-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2017-12-07] (Mega Limited)
Task: {6EE22DDE-AAEF-43FF-9343-191F26059F7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {73435EA6-8925-42E6-B116-30FE4B75782C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {75D47FBF-9FF9-45E2-885B-B44CB4AA8D8C} - System32\Tasks\{8D1D4D9D-A815-4E0B-97C2-1E0676A160E6} => C:\Windows\system32\pcalua.exe -a "D:\New folder (3)\ShamelaLibrary348\shamela\bin\viewer.exe" -d C:\Users\mohamed\Downloads\Compressed\9059 -c C:\Users\mohamed\DOWNLO~1\COMPRE~1\9059\81F6~1.BOK
Task: {7ABC8A5A-3919-4D69-83D9-C205D75B08E0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7DF2F139-939E-4C63-A788-037FC9EC83F1} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {7F55B00D-7C81-4D2E-BC1A-EB56F1E30865} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {863BCA54-50D5-408A-AD48-B2E1F77E2636} - System32\Tasks\{762F3ED3-9E11-4910-BF90-6D4B5728F18E} => C:\Windows\system32\pcalua.exe -a "C:\Users\mohamed\Downloads\Compressed\Soundwrite2_2\برنامج تفريغ الأشرطة\setup.exe" -d "C:\Users\mohamed\Downloads\Compressed\Soundwrite2_2\برنامج تفريغ الأشرطة"
Task: {8A28CD2B-5EB5-4F6B-8A40-C34BB8E3601E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9783698C-DBEE-44E6-BAD9-EB86039BC2AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {979004C2-D5AD-45CA-95FB-0F2E0C08F23F} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04] (Realtek Semiconductor)
Task: {9ADC4F4E-F9B6-46B2-BD34-96325EFDD430} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9C98C6EC-F685-4697-AAEB-CCA0FF6166CB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9FD058E3-1958-4D76-A95D-70094D679CC0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA712BA0-E0C7-48DF-9045-8CB16A87CF38} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AAA1D5B2-DD65-4B72-8F1E-9A3B24B387D3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-29] (Microsoft Corporation)
Task: {ABFE486D-2536-4AF1-B730-F8EEAB345D98} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC92FB3F-C999-437A-8B40-B0E38641C386} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF49C919-4E78-437F-8661-65DD544D5284} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE3A21CC-78BB-45FF-9941-8AA8678EB300} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-03-14] (Microsoft Corporation)
Task: {CFA7F1F1-FE57-4F66-BB10-EB8CADD6ED94} - System32\Tasks\{741FBC96-D247-4BE3-AE89-8DE7A1F47F96} => C:\Windows\system32\pcalua.exe -a C:\Users\mohamed\Downloads\Programs\DellSystemDetectLauncher.exe -d C:\Users\mohamed\AppData\Roaming\IDM
Task: {D1F8405C-A821-4807-9857-E04F037E8804} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-29] (Microsoft Corporation)
Task: {D852DCB7-EC37-462A-BE53-EF71F1FBEDDA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D857079F-4320-4EF4-8FF7-33E1B463884F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D950139B-E730-4944-B0B0-52755ACAAFB6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-14] (Adobe Systems Incorporated)
Task: {E166595A-5BD5-40B8-89D0-0E77E2B4A2B3} - System32\Tasks\{5C7AACE6-2CC1-4429-B315-0CA714A028C6} => C:\Windows\system32\pcalua.exe -a "C:\Users\mohamed\Downloads\Compressed\013\برنامج تفريغ الأشرطة\برنامج تفريغ الأشرطة الإصدار الثاني.exe" -d "C:\Users\mohamed\Downloads\Compressed\013\برنامج تفريغ الأشرطة"
Task: {EBF8723A-D866-4DB2-AEE7-CBA1547C8D4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-29] (Microsoft Corporation)
Task: {FA6B4797-77E8-4695-BA9D-8649F517C1D7} - System32\Tasks\{19CE17E5-7E37-48D4-9ECD-7B7ABE71A747} => C:\Windows\system32\pcalua.exe -a C:\Users\mohamed\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {FA75E0DE-6409-4067-8603-16E2BAFEBB19} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-14] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (1).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (10).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (11).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (12).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (2).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (3).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (4).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (5).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (6).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (7).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (8).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0 (9).lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\digUP 2.0.lnk -> C:\Program Files (x86)\Hueber\DigUP Menschen A1.1\chrome-win32\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=dfobbepomoiopcnkbglbpmmepgmehcan
ShortcutWithArgument: C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) ==============

2018-03-16 00:25 - 2012-08-31 15:03 - 000288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2016-09-14 14:41 - 2012-08-31 15:02 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2017-07-26 09:58 - 2017-07-26 09:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-04 00:44 - 2016-09-17 00:54 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-16 00:21 - 2017-02-16 00:21 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-06-30 10:23 - 2017-12-07 10:43 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2018-03-15 16:33 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-15 16:33 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-25 10:14 - 2016-02-24 06:48 - 000062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2017-10-25 10:14 - 2016-02-24 06:47 - 000110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-12-27 18:01 - 2016-06-15 03:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-30 13:24 - 2017-12-07 10:42 - 000570368 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2018-03-18 22:55 - 2018-03-18 22:55 - 000003584 _____ () C:\Users\mohamed\AppData\Local\Temp\dateinj01.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 020758016 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\libcef.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 001094158 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\avcodec-53.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 000117262 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\avutil-51.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 000183822 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\avformat-53.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 000622080 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\libglesv2.dll
2017-10-13 14:45 - 2016-02-08 05:08 - 000111616 _____ () C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Hein Libs\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\Software\Classes\.scr: scrfile => <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\sharepoint.com -> hxxps://stdpharmacuedueg-files.sharepoint.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-07 08:20 - 000000993 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 rosettastone.com
127.0.0.1 launch.rosettastone.com
127.0.0.1 amp.rosettastone.com
127.0.0.1 resources.rosettastone.com
127.0.0.1 updates.rosettastone.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VodafoneMobileWiFi"
HKLM\...\StartupApproved\Run32: => "MobileBroadband"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "VmbNotifier"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\StartupFolder: => "WizIQ Desktop.lnk"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7A6EBF4BA7D929234BE70C030E59A016"
HKU\S-1-5-21-3544706222-1499703263-3937389962-1000\...\StartupApproved\Run: => "f.lux"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{36F10E51-B3EE-4FF4-98C4-B012DE30EA2E}] => (Allow) LPort=50248
FirewallRules: [{FC7503A6-A430-4A53-AB5D-8CF94814FBC2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8141B04-5547-40FE-9C22-B308388D3019}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{B9F5197A-9407-440B-B6B9-3EC94CD511BB}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{958DDC26-59D5-4EDE-B87C-6A17CC9A6138}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{608CDD2C-CD12-44C8-B4D5-C8B87BC3B8A6}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{9B0B523B-BD9C-4D74-BA58-6EE721585539}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{FDA01956-99E5-461D-B956-11D54DFF916F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{7F7D1692-E594-41F6-BF7B-5BC762E8E8F7}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{47E03132-BFE1-4595-B29C-55FFAB33E26B}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{5F82B62E-DEDC-4D42-94C5-E37390E406C1}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{144B64A4-91B2-48E5-AEFB-102588C11B43}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{2ADF99E5-8C58-4104-A370-4FEA0E7D5277}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{248DC939-0809-422F-9BB8-B3866D00DE14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4ADF6C99-18C5-43AF-8A02-7C6D9BC40B7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CF9E95AA-0E3B-40DA-BC27-DE6DE868FE15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F649CD28-1439-43AB-A8E8-326B59026E64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{43598C89-4BEE-4218-892B-487E330BD158}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2D8010F0-54D9-4863-AA2F-97BB92652D0F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9D30E878-193C-4F7B-90C4-9FCEE3BF0B79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F57C7A2A-E5FC-468A-9239-A0DE06CACA17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DFAF5467-D0FE-4E77-9C35-BAD6E49ADB27}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0F3FB022-0D27-4537-8502-48D74B2D702A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{56E6ADF2-EDBD-4621-8A46-E2062A06283A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B80C71DD-0293-43A9-8162-D3F28C7D29C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A55F8D51-5AE7-43E6-A5B6-121476E27621}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3A99B08A-E723-4D2A-AB19-F93C93F09436}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6EC2A35C-426C-40F5-A57E-ACDDD93598CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{62AA9430-A850-4CDC-B596-48A5097CF97B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A66F5539-F297-47B7-A70B-B4608A154F52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8EA8602A-F271-496D-870E-18C8DEB80421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C508C49-1413-4732-85A1-F293F3C7A0A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DCB70D12-D764-4994-B7D6-E8D131D3DF5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0F74630C-25A3-4D2D-9073-9E5F47228A9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DB264AB4-C0C3-4874-9A96-50F074712F30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{36E8D075-D7D6-43B3-A688-78C134424A80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{6E9B2103-1390-40ED-8235-C41E457128B0}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.40\opera.exe
FirewallRules: [{8B89B29F-A8A2-4ED6-9ECF-9A17DE1886AC}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
FirewallRules: [{C8D7E7C0-13A9-46BB-95C8-ABE1828CEE6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-03-2018 17:12:13 Windows Update
12-03-2018 17:13:41 Windows Update
15-03-2018 21:45:53 Windows Update
15-03-2018 21:47:31 Windows Update
18-03-2018 17:17:43 Installé Malwarebytes Anti-malware

==================== Faulty Device Manager Devices =============

Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2018 10:54:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\mohamed\Desktop\Downloads\Programs\esetsmartinstaller_fra_2.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.

Error: (03/18/2018 10:54:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\mohamed\Desktop\Downloads\Programs\esetsmartinstaller_fra.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.

Error: (03/18/2018 10:42:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.16299.15, time stamp: 0x59cda974
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.16299.248, time stamp: 0xc27fa098
Exception code: 0xc000027b
Fault offset: 0x00000000006e80e9
Faulting process id: 0x1b20
Faulting application start time: 0x01d3bef9495ef7f0
Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 6d921fda-f02c-48b5-bb53-dddbdc072034
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

Error: (03/18/2018 10:12:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\mohamed\Desktop\Downloads\Programs\esetsmartinstaller_fra.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.

Error: (03/18/2018 07:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\mohamed\Desktop\Downloads\Programs\esetsmartinstaller_fra.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.

Error: (03/18/2018 07:04:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\mohamed\Desktop\Downloads\Programs\esetsmartinstaller_fra_2.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.

Error: (03/18/2018 05:28:56 PM) (Source: MsiInstaller) (EventID: 11920) (User: MOHAMED-PC)
Description: Produit : Malwarebytes Anti-malware -- Erreur 1920. Échec du démarrage du service AeLookupSvc (AeLookupSvc). Vérifiez que vous disposez de privilèges suffisants pour démarrer les services système.

Error: (03/18/2018 05:22:19 PM) (Source: MsiInstaller) (EventID: 11920) (User: MOHAMED-PC)
Description: Produit : Malwarebytes Anti-malware -- Erreur 1920. Échec du démarrage du service MBAMService (MBAMService). Vérifiez que vous disposez de privilèges suffisants pour démarrer les services système.


System errors:
=============
Error: (03/18/2018 10:55:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
This driver has been blocked from loading

Error: (03/18/2018 10:55:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
This driver has been blocked from loading

Error: (03/18/2018 10:55:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\mbam.sys

Error: (03/18/2018 10:46:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/18/2018 10:46:08 PM) (Source: DCOM) (EventID: 10016) (User: MOHAMED-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user mohamed-PC\mohamed SID (S-1-5-21-3544706222-1499703263-3937389962-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/18/2018 10:43:00 PM) (Source: DCOM) (EventID: 10010) (User: MOHAMED-PC)
Description: The server Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App did not register with DCOM within the required timeout.

Error: (03/18/2018 10:43:00 PM) (Source: DCOM) (EventID: 10010) (User: MOHAMED-PC)
Description: The server Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App did not register with DCOM within the required timeout.

Error: (03/18/2018 10:43:00 PM) (Source: DCOM) (EventID: 10010) (User: MOHAMED-PC)
Description: The server Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2018-03-18 21:19:28.781
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:19:01.385
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:19:00.650
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:18:59.903
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:18:44.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:18:44.580
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:18:38.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-03-18 21:18:37.496
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 30%
Total physical RAM: 8095.83 MB
Available physical RAM: 5651.43 MB
Total Virtual: 16287.83 MB
Available Virtual: 14040.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.14 GB) (Free:41.03 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:390.62 GB) (Free:11.6 GB) NTFS
Drive e: () (Fixed) (Total:394.4 GB) (Free:57.27 GB) NTFS

\\?\Volume{34f105f4-7df3-11e5-ba6c-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 60046E65)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=394.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================