Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2017
Ran by hassan (administrator) on HASSAN-PC (27-05-2017 09:40:53)
Running from C:\Users\hassan\Desktop
Loaded Profiles: hassan (Available Profiles: hassan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: العربية (السعودية)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4027504 2017-05-02] (Tonec Inc.)
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7456984 2017-04-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{2F941FA0-4A3F-4FC4-8262-37D175800866}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2F941FA0-4A3F-4FC4-8262-37D175800866}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1796275782-4292205373-2313263118-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope value is missing
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
FireFox:
========
FF DefaultProfile: itxjrcal.default
FF ProfilePath: C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default [2017-05-27]
FF Extension: (Adblock Plus) - C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-25]
FF Extension: (TLS 1.3 A/B Test Experiment) - C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default\features\{83874ae9-f89e-4cf6-8490-d0f9f7be7cef}\tls13-comparison-all-v1@mozilla.org.xpi [2017-05-25]
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hassan\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\hassan\AppData\Roaming\IDM\idmmzcc5 [2017-05-20] [not signed]
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR Profile: C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-05-27] <==== ATTENTION
CHR Extension: (عروض Google التقديمية) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-17]
CHR Extension: (محرّر مستندات Google) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-17]
CHR Extension: (Youtube) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-17]
CHR Extension: (آدبلوك بلس) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-20]
CHR Extension: (جداول بيانات Google ) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-17]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-18]
CHR Extension: (IDM Integration Module) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-17]
CHR Extension: (Gmail) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-04-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2069424 2017-03-09] (ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [113032 2017-03-09] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [90656 2017-03-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139384 2017-03-09] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43920 2017-03-09] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [69304 2017-03-09] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-03-09] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [86504 2017-03-09] (ESET)
R3 es1969; C:\Windows\System32\drivers\ES1969.sys [96896 2006-08-15] (ESS Technology, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59904 2017-05-09] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-05-11] (REALiX(tm))
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [161720 2017-05-26] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [97208 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-05-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [220088 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-05-27] (Malwarebytes)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [124304 2017-02-02] (Power Software Ltd)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 09:40 - 2017-05-27 09:41 - 00009119 _____ C:\Users\hassan\Desktop\FRST.txt
2017-05-27 09:40 - 2017-05-27 09:40 - 00000000 ____D C:\FRST
2017-05-27 09:36 - 2017-05-27 09:39 - 01770496 _____ (Farbar) C:\Users\hassan\Desktop\FRST.exe
2017-05-25 23:46 - 2017-05-25 23:48 - 00000000 ____D C:\Users\hassan\Desktop\gmer
2017-05-25 23:46 - 2016-03-11 14:53 - 00380928 _____ C:\Users\hassan\Desktop\gmer.exe
2017-05-25 23:42 - 2017-05-25 23:44 - 00371282 _____ C:\Users\hassan\Desktop\gmer.zip
2017-05-25 23:30 - 2017-05-25 23:30 - 00266928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-25 15:13 - 2017-05-25 15:13 - 00075745 _____ C:\Users\hassan\Desktop\ZHPDiag.txt
2017-05-25 14:54 - 2017-05-25 14:56 - 02732032 _____ C:\Users\hassan\Desktop\ZHPDiag3.exe
2017-05-24 23:22 - 2017-05-24 23:22 - 00001799 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-05-24 23:22 - 2017-05-24 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-05-24 23:18 - 2017-05-24 23:20 - 03521617 _____ (Nicolas Coolman ) C:\Users\hassan\Desktop\ZHPFix.exe
2017-05-23 13:09 - 2017-05-23 13:09 - 00000590 _____ C:\Users\hassan\Desktop\ESET Online Scanner.txt
2017-05-22 20:36 - 2017-05-23 14:44 - 00000000 ____D C:\Windows\Minidump
2017-05-22 17:50 - 2017-05-22 17:49 - 02870984 _____ (ESET) C:\Users\hassan\Desktop\esetsmartinstaller_fra.exe
2017-05-22 12:49 - 2017-05-22 13:00 - 00001307 _____ C:\DelFix.txt
2017-05-21 13:50 - 2017-05-21 13:50 - 00000074 _____ C:\Users\hassan\Downloads\Eset Smart Security 10.1.204 License key 05.05.2018.txt
2017-05-20 13:14 - 2017-05-20 13:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-05-20 06:47 - 2017-05-25 15:05 - 00000000 ____D C:\Users\hassan\AppData\Roaming\ZHP
2017-05-18 21:15 - 2017-05-26 22:47 - 00161720 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-18 21:14 - 2017-05-27 09:38 - 00065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-18 21:14 - 2017-05-27 09:23 - 00097208 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-18 21:13 - 2017-05-27 09:23 - 00220088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 21:13 - 2017-05-27 09:23 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-18 21:13 - 2017-05-19 00:26 - 00002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-18 21:13 - 2017-05-19 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-18 21:13 - 2017-05-09 16:37 - 00059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-05-18 21:12 - 2017-05-18 21:12 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-18 21:10 - 2017-05-18 21:11 - 00000000 ____D C:\Users\hassan\Desktop\Malwarebytes Premium 3.1.2.1733
2017-05-18 20:48 - 2017-05-18 20:48 - 00430046 _____ C:\Users\hassan\Downloads\idmmzcc.xpi
2017-05-18 20:48 - 2017-05-18 20:48 - 00430046 _____ C:\Users\hassan\Downloads\idmmzcc (1).xpi
2017-05-18 12:56 - 2017-05-25 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-18 12:56 - 2017-05-22 15:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-18 12:56 - 2017-05-18 12:56 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Mozilla
2017-05-17 23:18 - 2017-05-17 23:18 - 00001037 _____ C:\Users\Public\Desktop\FastStone Capture.lnk
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Users\hassan\AppData\Roaming\FastStone
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Users\hassan\AppData\Local\FastStone
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Program Files\FastStone Capture
2017-05-17 23:17 - 2017-05-17 23:17 - 00000000 ____D C:\Users\hassan\Desktop\FSCaptureSetup85
2017-05-16 23:44 - 2017-05-24 23:22 - 00000000 ____D C:\Program Files\ZHPFix
2017-05-15 23:12 - 2017-05-15 23:11 - 02727424 _____ C:\Users\hassan\ZHPDiag3.exe
2017-05-14 13:23 - 2017-05-18 20:54 - 00000000 ____D C:\Users\hassan\Desktop\RegistryFinder
2017-05-14 12:51 - 2017-05-14 12:51 - 00458234 _____ C:\Malwarebytes Anti-Malware.txt
2017-05-13 14:06 - 2017-05-13 14:06 - 00001118 _____ C:\الي.txt
2017-05-13 13:26 - 2017-05-18 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-13 13:26 - 2017-05-18 12:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-05-13 11:24 - 2017-05-13 12:25 - 00000000 ____D C:\Windows\erdnt
2017-05-12 23:15 - 2017-05-25 15:02 - 00000000 ____D C:\Users\hassan\AppData\Local\ZHP
2017-05-12 22:57 - 2017-05-12 22:57 - 00000000 ____D C:\Users\hassan\Desktop\public_dns
2017-05-12 22:55 - 2017-05-12 22:55 - 00000000 ____D C:\Users\hassan\AppData\Roaming\ESET
2017-05-12 22:55 - 2017-05-12 22:55 - 00000000 ____D C:\Users\hassan\AppData\Local\ESET
2017-05-12 22:31 - 2017-05-12 22:32 - 00000132 _____ C:\ProgramData\log.binb
2017-05-12 12:41 - 2017-05-12 12:41 - 00001985 _____ C:\Users\Public\Desktop\حماية الدفع المصرفي.lnk
2017-05-12 12:40 - 2017-05-22 17:52 - 00000000 ____D C:\Program Files\ESET
2017-05-12 12:40 - 2017-05-12 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-05-12 12:40 - 2017-05-12 12:40 - 00000000 ____D C:\ProgramData\ESET
2017-05-12 12:34 - 2017-05-12 22:31 - 00000128 _____ C:\ProgramData\log.ewbb
2017-05-12 09:30 - 2017-05-12 09:30 - 00000138 _____ C:\AiOLog.txt
2017-05-12 06:51 - 2017-05-13 14:17 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-12 06:51 - 2017-05-13 14:05 - 00000000 ____D C:\Program Files\CCleaner
2017-05-12 06:51 - 2017-05-12 06:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-12 06:30 - 2017-05-12 06:31 - 00000000 ____D C:\Users\hassan\AppData\Local\navi
2017-05-11 23:26 - 2017-05-11 23:26 - 00000000 ____D C:\Users\hassan\Desktop\205937
2017-05-11 23:26 - 2006-08-15 16:46 - 00096896 _____ (ESS Technology, Inc.) C:\Windows\system32\Drivers\ES1969.sys
2017-05-11 23:23 - 2017-05-11 23:23 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-11 23:22 - 2017-05-11 23:22 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 23:16 - 2017-05-13 22:26 - 00000000 ____D C:\Windows\system32\appmgmt
2017-05-11 23:15 - 2017-05-12 06:28 - 00000000 ____D C:\Program Files\BitTorrent
2017-05-11 23:11 - 2017-05-11 23:11 - 00070800 _____ C:\Users\hassan\AppData\Local\Config.xml
2017-05-11 23:11 - 2017-05-11 23:11 - 00005568 _____ C:\Users\hassan\AppData\Local\md.xml
2017-05-11 23:08 - 2017-05-11 23:08 - 00000000 _____ C:\Windows\system32\3333333
2017-05-11 23:07 - 2017-05-11 23:07 - 00000000 _____ C:\Windows\system32\1111111
2017-05-11 23:06 - 2017-05-11 23:07 - 00019008 _____ C:\Users\hassan\AppData\Local\InstallationConfiguration.xml
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\22
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\11
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\00
2017-05-11 23:05 - 2017-05-11 23:05 - 00000000 _____ C:\Windows\system32\1111
2017-05-11 22:20 - 2017-05-11 22:20 - 00000000 __RSH C:\MSDOS.SYS
2017-05-11 22:20 - 2017-05-11 22:20 - 00000000 __RSH C:\IO.SYS
2017-05-11 22:04 - 2017-05-11 22:04 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-05-11 22:00 - 2017-05-12 06:27 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Stamerpy
2017-05-11 22:00 - 2017-05-12 00:13 - 00000000 ____D C:\Users\hassan\AppData\Local\Grotationreabent
2017-05-11 13:59 - 2014-09-10 17:14 - 00163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 01070232 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00444328 _____ (Microsoft Corporation) C:\Windows\system32\MShflxgd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2017-05-11 13:59 - 2013-11-25 14:27 - 00127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00108696 _____ (Microsoft Corporation) C:\Windows\system32\MSSTKPRP.DLL
2017-05-11 13:59 - 2013-11-25 14:27 - 00104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2017-05-11 13:59 - 2011-01-12 20:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\MFC71u.dll
2017-05-11 13:59 - 2011-01-12 20:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\MFC71DEU.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ITA.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71FRA.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ESP.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ENU.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\MFC71KOR.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\MFC71JPN.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\MFC71CHT.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\MFC71CHS.DLL
2017-05-11 13:59 - 2011-01-12 20:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2017-05-11 13:59 - 2011-01-12 19:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2017-05-11 13:59 - 2008-04-15 13:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2017-05-11 13:59 - 2007-02-01 17:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2017-05-11 13:59 - 2007-02-01 14:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2017-05-11 13:59 - 2007-01-30 17:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2017-05-11 13:59 - 2006-08-25 21:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ita.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70fra.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70esp.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70deu.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70enu.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70kor.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70jpn.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70cht.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70chs.dll
2017-05-11 13:59 - 2006-08-25 21:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2017-05-11 13:59 - 2006-08-25 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2017-05-11 13:59 - 2005-01-20 16:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll
2017-05-11 13:59 - 2002-01-05 02:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP70.DLL
2017-05-11 13:59 - 1996-01-12 01:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\Vb40016.dll
2017-05-11 13:59 - 1996-01-12 01:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\system32\Vb40032.dll
2017-05-11 13:59 - 1994-11-17 22:00 - 00210944 _____ C:\Windows\system32\msvcrt10.dll
2017-05-11 13:59 - 1993-05-11 18:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\Vbrun300.dll
2017-05-11 13:59 - 1992-10-20 23:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2017-05-11 13:59 - 1991-05-10 00:00 - 00271264 _____ C:\Windows\system\vbrun100.dll
2017-05-11 13:58 - 2017-05-11 13:58 - 00000000 ____D C:\Program Files\Intel
2017-05-11 13:58 - 2017-05-11 13:58 - 00000000 ____D C:\Intel
2017-05-11 13:37 - 2017-05-11 13:37 - 00000000 ____D C:\Program Files\PlayReady
2017-05-11 13:35 - 2017-05-11 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-05-11 13:35 - 2017-05-11 13:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-05-11 12:40 - 2017-05-11 12:40 - 01130328 _____ (Google Inc.) C:\Users\hassan\Downloads\ChromeSetup.exe
2017-05-11 12:30 - 2017-05-11 12:30 - 00000000 ____D C:\Users\hassan\Desktop\EmbratoriaG7
2017-05-11 12:28 - 2017-05-27 09:40 - 00001430 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-11 12:28 - 2017-05-27 09:40 - 00001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-11 12:18 - 2017-05-11 12:18 - 00000000 ____D C:\Windows\system32\Adobe
2017-05-11 11:39 - 2017-05-11 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-05-11 11:33 - 2017-05-11 11:33 - 00000000 ____D C:\Users\hassan\AppData\Roaming\PowerISO
2017-05-11 11:30 - 2017-05-13 14:17 - 00000969 _____ C:\Users\Public\Desktop\PowerISO.lnk
2017-05-11 11:30 - 2017-05-11 21:41 - 00000000 ____D C:\Program Files\PowerISO
2017-05-11 10:56 - 2017-05-23 14:44 - 00000000 ____D C:\Users\hassan\AppData\Roaming\IDM
2017-05-11 10:56 - 2017-05-17 23:29 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-05-11 10:56 - 2017-05-13 14:17 - 00001069 _____ C:\Users\Public\Desktop\Internet Download Manager.lnk
2017-05-11 10:56 - 2017-05-11 10:56 - 00000000 ____D C:\Users\hassan\Desktop\Internet_Download_Manager_6.28.9_Final
2017-05-11 10:11 - 2017-05-11 10:11 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 10:11 - 2011-12-13 10:01 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-05-11 09:48 - 2017-05-11 09:48 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-05-11 09:48 - 2017-05-11 09:48 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-05-11 09:20 - 2017-05-11 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-05-11 09:00 - 2017-05-11 09:00 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2017-05-11 09:00 - 2017-05-11 09:00 - 00000000 ____D C:\Users\hassan\AppData\Local\FluxSoftware
2017-05-11 08:59 - 2017-05-11 08:59 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-11 08:59 - 2017-05-11 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-11 01:06 - 2017-05-12 06:59 - 00000000 ____D C:\Windows\Panther
2017-05-10 23:03 - 2017-05-10 23:07 - 31125683 _____ C:\Users\hassan\Downloads\6303_Vista_Win7_PG537.zip
2017-05-10 22:13 - 2017-05-13 12:37 - 00000000 ____D C:\Users\hassan\AppData\Local\Google
2017-05-10 22:12 - 2017-05-10 22:12 - 00000000 ____D C:\Users\hassan\AppData\Roaming\DRPNPS
2017-05-10 22:11 - 2017-05-11 12:28 - 00000000 ____D C:\Program Files\Google
2017-05-10 22:08 - 2017-05-11 12:16 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\ProgramData\Adobe
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\Program Files\Adobe
2017-05-10 22:00 - 2017-05-10 22:08 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Adobe
2017-05-10 22:00 - 2017-05-10 22:00 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Macromedia
2017-05-10 22:00 - 2017-05-10 22:00 - 00000000 ____D C:\Users\hassan\AppData\Local\Macromedia
2017-05-10 21:59 - 2017-05-11 09:48 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-10 21:56 - 2017-05-11 09:45 - 00000000 ____D C:\Users\hassan\AppData\Local\Adobe
2017-05-10 21:54 - 2017-05-25 14:57 - 00000000 ____D C:\Users\hassan\AppData\LocalLow\Mozilla
2017-05-10 21:54 - 2017-05-10 22:02 - 00000000 ____D C:\Users\hassan\AppData\Local\Mozilla
2017-05-10 19:18 - 2017-05-26 23:35 - 00000000 ____D C:\Users\hassan\AppData\Roaming\DMCache
2017-05-10 19:16 - 2017-05-23 12:59 - 00000000 ____D C:\Users\hassan\Downloads\Compressed
2017-05-10 19:16 - 2017-05-10 19:16 - 00000000 ____D C:\Users\hassan\Downloads\Video
2017-05-10 19:14 - 2017-05-11 08:59 - 00000000 ____D C:\Program Files\WinRAR
2017-05-10 19:14 - 2017-05-10 19:14 - 00000000 ____D C:\Users\hassan\AppData\Roaming\WinRAR
2017-05-10 19:14 - 2017-05-10 19:14 - 00000000 ____D C:\ProgramData\IDM
2017-05-10 18:54 - 2017-05-10 19:00 - 16502180 _____ C:\Users\hassan\Downloads\Internet_Download_Manager_6.28.9_Final.rar
2017-05-10 18:49 - 2017-05-10 18:49 - 00000000 ___SD C:\Users\hassan\AppData\LocalLow\Temp
2017-05-10 15:15 - 2017-05-20 17:06 - 00000000 ____D C:\Users\hassan
2017-05-10 15:15 - 2017-05-10 15:15 - 00000020 ___SH C:\Users\hassan\ntuser.ini
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\My Documents
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Videos
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Pictures
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Music
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\Default\قائمة ابدأ
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\البرامج
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 ____D C:\Users\hassan\AppData\Local\VirtualStore
2017-05-10 15:15 - 2010-11-21 01:46 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Media Center Programs
2017-05-10 15:11 - 2017-05-13 14:18 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-05-10 15:11 - 2017-05-13 14:18 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-04-27 18:39 - 2014-01-23 10:16 - 00051928 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\Rtnicxp.sys
2017-04-27 18:39 - 2013-10-31 03:24 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-04-27 18:39 - 2013-10-31 03:24 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-04-27 14:11 - 2012-11-14 00:43 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-04-27 14:11 - 2012-11-14 00:43 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-04-27 14:11 - 2012-11-14 00:43 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00115200 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-04-27 14:11 - 2012-11-14 00:43 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00110211 _____ C:\Windows\system32\Gfxres.en-US.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00060254 _____ C:\Windows\system32\iglhxg32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00060226 _____ C:\Windows\system32\iglhxc32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00060015 _____ C:\Windows\system32\iglhxo32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00051652 _____ C:\Windows\system32\iglhxs32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00000259 _____ C:\Windows\system32\GfxUI.exe.config
2017-04-27 14:10 - 2012-11-14 00:43 - 00828928 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00571904 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00208896 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00147456 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00057856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2017-04-27 14:09 - 2012-11-17 01:54 - 08195640 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00268856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00180280 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00173624 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00138808 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2017-04-27 14:09 - 2012-11-17 01:53 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2017-04-27 14:09 - 2012-11-17 01:53 - 00172088 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2017-04-27 14:09 - 2012-11-14 00:43 - 11405824 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00982240 _____ C:\Windows\system32\igkrng500.bin
2017-04-27 14:09 - 2012-11-14 00:43 - 00439308 _____ C:\Windows\system32\igcompkrng500.bin
2017-04-27 14:09 - 2012-11-14 00:43 - 00120320 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00095232 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00092356 _____ C:\Windows\system32\igfcg500m.bin
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 09:30 - 2009-07-14 05:34 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-27 09:30 - 2009-07-14 05:34 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-27 09:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-25 16:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-05-22 12:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-05-20 14:49 - 2011-02-07 13:31 - 00744976 _____ C:\Windows\system32\perfh00C.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00470204 _____ C:\Windows\system32\perfh001.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00148908 _____ C:\Windows\system32\perfc00C.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00094026 _____ C:\Windows\system32\perfc001.dat
2017-05-20 14:49 - 2010-11-20 22:01 - 02229580 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-20 14:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Web
2017-05-14 16:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2017-05-13 14:18 - 2009-07-14 05:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2017-05-13 14:17 - 2009-07-14 05:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2017-05-13 14:17 - 2009-07-14 05:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2017-05-13 12:24 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-05-13 12:16 - 2009-07-14 03:03 - 31457280 _____ C:\Windows\system32\config\SOFTWARE.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 11010048 _____ C:\Windows\system32\config\SYSTEM.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2017-05-12 00:19 - 2009-07-14 05:53 - 00018108 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-11 13:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2017-05-11 01:05 - 2009-07-14 05:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-05-11 01:05 - 2009-07-14 05:34 - 00000000 ____D C:\Windows\Setup
2017-05-10 23:30 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-10 23:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2017-05-10 15:15 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-10 15:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2017-05-10 15:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\oobe
2017-05-10 15:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sysprep
2017-05-10 15:07 - 2010-11-21 01:46 - 00000000 ____D C:\Windows\CSC
==================== Files in the root of some directories =======
2017-05-11 23:11 - 2017-05-11 23:11 - 0070800 _____ () C:\Users\hassan\AppData\Local\Config.xml
2017-05-11 23:06 - 2017-05-11 23:07 - 0019008 _____ () C:\Users\hassan\AppData\Local\InstallationConfiguration.xml
2017-05-11 23:11 - 2017-05-11 23:11 - 0005568 _____ () C:\Users\hassan\AppData\Local\md.xml
2017-05-12 22:31 - 2017-05-12 22:32 - 0000132 _____ () C:\ProgramData\log.binb
2017-05-12 12:34 - 2017-05-12 22:31 - 0000128 _____ () C:\ProgramData\log.ewbb
Files to move or delete:
====================
C:\Users\hassan\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-16 13:41
==================== End of FRST.txt ============================
Ran by hassan (administrator) on HASSAN-PC (27-05-2017 09:40:53)
Running from C:\Users\hassan\Desktop
Loaded Profiles: hassan (Available Profiles: hassan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: العربية (السعودية)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4027504 2017-05-02] (Tonec Inc.)
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7456984 2017-04-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{2F941FA0-4A3F-4FC4-8262-37D175800866}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2F941FA0-4A3F-4FC4-8262-37D175800866}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1796275782-4292205373-2313263118-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope value is missing
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
FireFox:
========
FF DefaultProfile: itxjrcal.default
FF ProfilePath: C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default [2017-05-27]
FF Extension: (Adblock Plus) - C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-25]
FF Extension: (TLS 1.3 A/B Test Experiment) - C:\Users\hassan\AppData\Roaming\Mozilla\Firefox\Profiles\itxjrcal.default\features\{83874ae9-f89e-4cf6-8490-d0f9f7be7cef}\tls13-comparison-all-v1@mozilla.org.xpi [2017-05-25]
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hassan\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\hassan\AppData\Roaming\IDM\idmmzcc5 [2017-05-20] [not signed]
FF HKU\S-1-5-21-1796275782-4292205373-2313263118-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR Profile: C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-05-27] <==== ATTENTION
CHR Extension: (عروض Google التقديمية) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-17]
CHR Extension: (محرّر مستندات Google) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-17]
CHR Extension: (Youtube) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-17]
CHR Extension: (آدبلوك بلس) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-20]
CHR Extension: (جداول بيانات Google ) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-17]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-18]
CHR Extension: (IDM Integration Module) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-17]
CHR Extension: (Gmail) - C:\Users\hassan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2017-04-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2069424 2017-03-09] (ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [113032 2017-03-09] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [90656 2017-03-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139384 2017-03-09] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43920 2017-03-09] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [69304 2017-03-09] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-03-09] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [86504 2017-03-09] (ESET)
R3 es1969; C:\Windows\System32\drivers\ES1969.sys [96896 2006-08-15] (ESS Technology, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59904 2017-05-09] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-05-11] (REALiX(tm))
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [161720 2017-05-26] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [97208 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-05-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [220088 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-05-27] (Malwarebytes)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [124304 2017-02-02] (Power Software Ltd)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 09:40 - 2017-05-27 09:41 - 00009119 _____ C:\Users\hassan\Desktop\FRST.txt
2017-05-27 09:40 - 2017-05-27 09:40 - 00000000 ____D C:\FRST
2017-05-27 09:36 - 2017-05-27 09:39 - 01770496 _____ (Farbar) C:\Users\hassan\Desktop\FRST.exe
2017-05-25 23:46 - 2017-05-25 23:48 - 00000000 ____D C:\Users\hassan\Desktop\gmer
2017-05-25 23:46 - 2016-03-11 14:53 - 00380928 _____ C:\Users\hassan\Desktop\gmer.exe
2017-05-25 23:42 - 2017-05-25 23:44 - 00371282 _____ C:\Users\hassan\Desktop\gmer.zip
2017-05-25 23:30 - 2017-05-25 23:30 - 00266928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-25 15:13 - 2017-05-25 15:13 - 00075745 _____ C:\Users\hassan\Desktop\ZHPDiag.txt
2017-05-25 14:54 - 2017-05-25 14:56 - 02732032 _____ C:\Users\hassan\Desktop\ZHPDiag3.exe
2017-05-24 23:22 - 2017-05-24 23:22 - 00001799 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-05-24 23:22 - 2017-05-24 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-05-24 23:18 - 2017-05-24 23:20 - 03521617 _____ (Nicolas Coolman ) C:\Users\hassan\Desktop\ZHPFix.exe
2017-05-23 13:09 - 2017-05-23 13:09 - 00000590 _____ C:\Users\hassan\Desktop\ESET Online Scanner.txt
2017-05-22 20:36 - 2017-05-23 14:44 - 00000000 ____D C:\Windows\Minidump
2017-05-22 17:50 - 2017-05-22 17:49 - 02870984 _____ (ESET) C:\Users\hassan\Desktop\esetsmartinstaller_fra.exe
2017-05-22 12:49 - 2017-05-22 13:00 - 00001307 _____ C:\DelFix.txt
2017-05-21 13:50 - 2017-05-21 13:50 - 00000074 _____ C:\Users\hassan\Downloads\Eset Smart Security 10.1.204 License key 05.05.2018.txt
2017-05-20 13:14 - 2017-05-20 13:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-05-20 06:47 - 2017-05-25 15:05 - 00000000 ____D C:\Users\hassan\AppData\Roaming\ZHP
2017-05-18 21:15 - 2017-05-26 22:47 - 00161720 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-18 21:14 - 2017-05-27 09:38 - 00065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-18 21:14 - 2017-05-27 09:23 - 00097208 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-18 21:13 - 2017-05-27 09:23 - 00220088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 21:13 - 2017-05-27 09:23 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-18 21:13 - 2017-05-19 00:26 - 00002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-18 21:13 - 2017-05-19 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-18 21:13 - 2017-05-09 16:37 - 00059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-05-18 21:12 - 2017-05-18 21:12 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-18 21:10 - 2017-05-18 21:11 - 00000000 ____D C:\Users\hassan\Desktop\Malwarebytes Premium 3.1.2.1733
2017-05-18 20:48 - 2017-05-18 20:48 - 00430046 _____ C:\Users\hassan\Downloads\idmmzcc.xpi
2017-05-18 20:48 - 2017-05-18 20:48 - 00430046 _____ C:\Users\hassan\Downloads\idmmzcc (1).xpi
2017-05-18 12:56 - 2017-05-25 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-18 12:56 - 2017-05-22 15:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-18 12:56 - 2017-05-18 12:56 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Mozilla
2017-05-17 23:18 - 2017-05-17 23:18 - 00001037 _____ C:\Users\Public\Desktop\FastStone Capture.lnk
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Users\hassan\AppData\Roaming\FastStone
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Users\hassan\AppData\Local\FastStone
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2017-05-17 23:18 - 2017-05-17 23:18 - 00000000 ____D C:\Program Files\FastStone Capture
2017-05-17 23:17 - 2017-05-17 23:17 - 00000000 ____D C:\Users\hassan\Desktop\FSCaptureSetup85
2017-05-16 23:44 - 2017-05-24 23:22 - 00000000 ____D C:\Program Files\ZHPFix
2017-05-15 23:12 - 2017-05-15 23:11 - 02727424 _____ C:\Users\hassan\ZHPDiag3.exe
2017-05-14 13:23 - 2017-05-18 20:54 - 00000000 ____D C:\Users\hassan\Desktop\RegistryFinder
2017-05-14 12:51 - 2017-05-14 12:51 - 00458234 _____ C:\Malwarebytes Anti-Malware.txt
2017-05-13 14:06 - 2017-05-13 14:06 - 00001118 _____ C:\الي.txt
2017-05-13 13:26 - 2017-05-18 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-13 13:26 - 2017-05-18 12:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-05-13 11:24 - 2017-05-13 12:25 - 00000000 ____D C:\Windows\erdnt
2017-05-12 23:15 - 2017-05-25 15:02 - 00000000 ____D C:\Users\hassan\AppData\Local\ZHP
2017-05-12 22:57 - 2017-05-12 22:57 - 00000000 ____D C:\Users\hassan\Desktop\public_dns
2017-05-12 22:55 - 2017-05-12 22:55 - 00000000 ____D C:\Users\hassan\AppData\Roaming\ESET
2017-05-12 22:55 - 2017-05-12 22:55 - 00000000 ____D C:\Users\hassan\AppData\Local\ESET
2017-05-12 22:31 - 2017-05-12 22:32 - 00000132 _____ C:\ProgramData\log.binb
2017-05-12 12:41 - 2017-05-12 12:41 - 00001985 _____ C:\Users\Public\Desktop\حماية الدفع المصرفي.lnk
2017-05-12 12:40 - 2017-05-22 17:52 - 00000000 ____D C:\Program Files\ESET
2017-05-12 12:40 - 2017-05-12 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-05-12 12:40 - 2017-05-12 12:40 - 00000000 ____D C:\ProgramData\ESET
2017-05-12 12:34 - 2017-05-12 22:31 - 00000128 _____ C:\ProgramData\log.ewbb
2017-05-12 09:30 - 2017-05-12 09:30 - 00000138 _____ C:\AiOLog.txt
2017-05-12 06:51 - 2017-05-13 14:17 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-12 06:51 - 2017-05-13 14:05 - 00000000 ____D C:\Program Files\CCleaner
2017-05-12 06:51 - 2017-05-12 06:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-12 06:30 - 2017-05-12 06:31 - 00000000 ____D C:\Users\hassan\AppData\Local\navi
2017-05-11 23:26 - 2017-05-11 23:26 - 00000000 ____D C:\Users\hassan\Desktop\205937
2017-05-11 23:26 - 2006-08-15 16:46 - 00096896 _____ (ESS Technology, Inc.) C:\Windows\system32\Drivers\ES1969.sys
2017-05-11 23:23 - 2017-05-11 23:23 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-11 23:22 - 2017-05-11 23:22 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 23:16 - 2017-05-13 22:26 - 00000000 ____D C:\Windows\system32\appmgmt
2017-05-11 23:15 - 2017-05-12 06:28 - 00000000 ____D C:\Program Files\BitTorrent
2017-05-11 23:11 - 2017-05-11 23:11 - 00070800 _____ C:\Users\hassan\AppData\Local\Config.xml
2017-05-11 23:11 - 2017-05-11 23:11 - 00005568 _____ C:\Users\hassan\AppData\Local\md.xml
2017-05-11 23:08 - 2017-05-11 23:08 - 00000000 _____ C:\Windows\system32\3333333
2017-05-11 23:07 - 2017-05-11 23:07 - 00000000 _____ C:\Windows\system32\1111111
2017-05-11 23:06 - 2017-05-11 23:07 - 00019008 _____ C:\Users\hassan\AppData\Local\InstallationConfiguration.xml
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\22
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\11
2017-05-11 23:06 - 2017-05-11 23:06 - 00000000 _____ C:\Windows\system32\00
2017-05-11 23:05 - 2017-05-11 23:05 - 00000000 _____ C:\Windows\system32\1111
2017-05-11 22:20 - 2017-05-11 22:20 - 00000000 __RSH C:\MSDOS.SYS
2017-05-11 22:20 - 2017-05-11 22:20 - 00000000 __RSH C:\IO.SYS
2017-05-11 22:04 - 2017-05-11 22:04 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-05-11 22:00 - 2017-05-12 06:27 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Stamerpy
2017-05-11 22:00 - 2017-05-12 00:13 - 00000000 ____D C:\Users\hassan\AppData\Local\Grotationreabent
2017-05-11 13:59 - 2014-09-10 17:14 - 00163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 01070232 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00444328 _____ (Microsoft Corporation) C:\Windows\system32\MShflxgd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2017-05-11 13:59 - 2013-11-25 14:27 - 00127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00108696 _____ (Microsoft Corporation) C:\Windows\system32\MSSTKPRP.DLL
2017-05-11 13:59 - 2013-11-25 14:27 - 00104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2017-05-11 13:59 - 2013-11-25 14:27 - 00084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2017-05-11 13:59 - 2011-01-12 20:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\MFC71u.dll
2017-05-11 13:59 - 2011-01-12 20:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\MFC71DEU.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ITA.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71FRA.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ESP.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MFC71ENU.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\MFC71KOR.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\MFC71JPN.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\MFC71CHT.DLL
2017-05-11 13:59 - 2011-01-12 20:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\MFC71CHS.DLL
2017-05-11 13:59 - 2011-01-12 20:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2017-05-11 13:59 - 2011-01-12 19:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2017-05-11 13:59 - 2008-04-15 13:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2017-05-11 13:59 - 2007-02-01 17:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2017-05-11 13:59 - 2007-02-01 14:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2017-05-11 13:59 - 2007-01-30 17:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2017-05-11 13:59 - 2006-08-25 21:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ita.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70fra.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70esp.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70deu.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70enu.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70kor.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70jpn.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70cht.dll
2017-05-11 13:59 - 2006-08-25 21:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70chs.dll
2017-05-11 13:59 - 2006-08-25 21:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2017-05-11 13:59 - 2006-08-25 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2017-05-11 13:59 - 2005-01-20 16:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll
2017-05-11 13:59 - 2002-01-05 02:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP70.DLL
2017-05-11 13:59 - 1996-01-12 01:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\Vb40016.dll
2017-05-11 13:59 - 1996-01-12 01:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\system32\Vb40032.dll
2017-05-11 13:59 - 1994-11-17 22:00 - 00210944 _____ C:\Windows\system32\msvcrt10.dll
2017-05-11 13:59 - 1993-05-11 18:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\Vbrun300.dll
2017-05-11 13:59 - 1992-10-20 23:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2017-05-11 13:59 - 1991-05-10 00:00 - 00271264 _____ C:\Windows\system\vbrun100.dll
2017-05-11 13:58 - 2017-05-11 13:58 - 00000000 ____D C:\Program Files\Intel
2017-05-11 13:58 - 2017-05-11 13:58 - 00000000 ____D C:\Intel
2017-05-11 13:37 - 2017-05-11 13:37 - 00000000 ____D C:\Program Files\PlayReady
2017-05-11 13:35 - 2017-05-11 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-05-11 13:35 - 2017-05-11 13:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-05-11 12:40 - 2017-05-11 12:40 - 01130328 _____ (Google Inc.) C:\Users\hassan\Downloads\ChromeSetup.exe
2017-05-11 12:30 - 2017-05-11 12:30 - 00000000 ____D C:\Users\hassan\Desktop\EmbratoriaG7
2017-05-11 12:28 - 2017-05-27 09:40 - 00001430 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-11 12:28 - 2017-05-27 09:40 - 00001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-11 12:18 - 2017-05-11 12:18 - 00000000 ____D C:\Windows\system32\Adobe
2017-05-11 11:39 - 2017-05-11 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-05-11 11:33 - 2017-05-11 11:33 - 00000000 ____D C:\Users\hassan\AppData\Roaming\PowerISO
2017-05-11 11:30 - 2017-05-13 14:17 - 00000969 _____ C:\Users\Public\Desktop\PowerISO.lnk
2017-05-11 11:30 - 2017-05-11 21:41 - 00000000 ____D C:\Program Files\PowerISO
2017-05-11 10:56 - 2017-05-23 14:44 - 00000000 ____D C:\Users\hassan\AppData\Roaming\IDM
2017-05-11 10:56 - 2017-05-17 23:29 - 00000000 ____D C:\Program Files\Internet Download Manager
2017-05-11 10:56 - 2017-05-13 14:17 - 00001069 _____ C:\Users\Public\Desktop\Internet Download Manager.lnk
2017-05-11 10:56 - 2017-05-11 10:56 - 00000000 ____D C:\Users\hassan\Desktop\Internet_Download_Manager_6.28.9_Final
2017-05-11 10:11 - 2017-05-11 10:11 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 10:11 - 2011-12-13 10:01 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-05-11 09:48 - 2017-05-11 09:48 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-05-11 09:48 - 2017-05-11 09:48 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-05-11 09:20 - 2017-05-11 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-05-11 09:00 - 2017-05-11 09:00 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2017-05-11 09:00 - 2017-05-11 09:00 - 00000000 ____D C:\Users\hassan\AppData\Local\FluxSoftware
2017-05-11 08:59 - 2017-05-11 08:59 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-11 08:59 - 2017-05-11 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-11 01:06 - 2017-05-12 06:59 - 00000000 ____D C:\Windows\Panther
2017-05-10 23:03 - 2017-05-10 23:07 - 31125683 _____ C:\Users\hassan\Downloads\6303_Vista_Win7_PG537.zip
2017-05-10 22:13 - 2017-05-13 12:37 - 00000000 ____D C:\Users\hassan\AppData\Local\Google
2017-05-10 22:12 - 2017-05-10 22:12 - 00000000 ____D C:\Users\hassan\AppData\Roaming\DRPNPS
2017-05-10 22:11 - 2017-05-11 12:28 - 00000000 ____D C:\Program Files\Google
2017-05-10 22:08 - 2017-05-11 12:16 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\ProgramData\Adobe
2017-05-10 22:08 - 2017-05-10 22:08 - 00000000 ____D C:\Program Files\Adobe
2017-05-10 22:00 - 2017-05-10 22:08 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Adobe
2017-05-10 22:00 - 2017-05-10 22:00 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Macromedia
2017-05-10 22:00 - 2017-05-10 22:00 - 00000000 ____D C:\Users\hassan\AppData\Local\Macromedia
2017-05-10 21:59 - 2017-05-11 09:48 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-10 21:56 - 2017-05-11 09:45 - 00000000 ____D C:\Users\hassan\AppData\Local\Adobe
2017-05-10 21:54 - 2017-05-25 14:57 - 00000000 ____D C:\Users\hassan\AppData\LocalLow\Mozilla
2017-05-10 21:54 - 2017-05-10 22:02 - 00000000 ____D C:\Users\hassan\AppData\Local\Mozilla
2017-05-10 19:18 - 2017-05-26 23:35 - 00000000 ____D C:\Users\hassan\AppData\Roaming\DMCache
2017-05-10 19:16 - 2017-05-23 12:59 - 00000000 ____D C:\Users\hassan\Downloads\Compressed
2017-05-10 19:16 - 2017-05-10 19:16 - 00000000 ____D C:\Users\hassan\Downloads\Video
2017-05-10 19:14 - 2017-05-11 08:59 - 00000000 ____D C:\Program Files\WinRAR
2017-05-10 19:14 - 2017-05-10 19:14 - 00000000 ____D C:\Users\hassan\AppData\Roaming\WinRAR
2017-05-10 19:14 - 2017-05-10 19:14 - 00000000 ____D C:\ProgramData\IDM
2017-05-10 18:54 - 2017-05-10 19:00 - 16502180 _____ C:\Users\hassan\Downloads\Internet_Download_Manager_6.28.9_Final.rar
2017-05-10 18:49 - 2017-05-10 18:49 - 00000000 ___SD C:\Users\hassan\AppData\LocalLow\Temp
2017-05-10 15:15 - 2017-05-20 17:06 - 00000000 ____D C:\Users\hassan
2017-05-10 15:15 - 2017-05-10 15:15 - 00000020 ___SH C:\Users\hassan\ntuser.ini
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\My Documents
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Videos
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Pictures
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\hassan\Documents\My Music
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\Default\قائمة ابدأ
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\البرامج
2017-05-10 15:15 - 2017-05-10 15:15 - 00000000 ____D C:\Users\hassan\AppData\Local\VirtualStore
2017-05-10 15:15 - 2010-11-21 01:46 - 00000000 ____D C:\Users\hassan\AppData\Roaming\Media Center Programs
2017-05-10 15:11 - 2017-05-13 14:18 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-05-10 15:11 - 2017-05-13 14:18 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-04-27 18:39 - 2014-01-23 10:16 - 00051928 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\Rtnicxp.sys
2017-04-27 18:39 - 2013-10-31 03:24 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-04-27 18:39 - 2013-10-31 03:24 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-04-27 14:11 - 2012-11-14 00:43 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-04-27 14:11 - 2012-11-14 00:43 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-04-27 14:11 - 2012-11-14 00:43 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00115200 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-04-27 14:11 - 2012-11-14 00:43 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00110211 _____ C:\Windows\system32\Gfxres.en-US.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-04-27 14:11 - 2012-11-14 00:43 - 00060254 _____ C:\Windows\system32\iglhxg32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00060226 _____ C:\Windows\system32\iglhxc32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00060015 _____ C:\Windows\system32\iglhxo32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00051652 _____ C:\Windows\system32\iglhxs32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2017-04-27 14:11 - 2012-11-14 00:43 - 00000259 _____ C:\Windows\system32\GfxUI.exe.config
2017-04-27 14:10 - 2012-11-14 00:43 - 00828928 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00571904 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00208896 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00147456 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00057856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-04-27 14:10 - 2012-11-14 00:43 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2017-04-27 14:09 - 2012-11-17 01:54 - 08195640 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00268856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00180280 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00173624 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2017-04-27 14:09 - 2012-11-17 01:54 - 00138808 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2017-04-27 14:09 - 2012-11-17 01:53 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2017-04-27 14:09 - 2012-11-17 01:53 - 00172088 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2017-04-27 14:09 - 2012-11-14 00:43 - 11405824 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00982240 _____ C:\Windows\system32\igkrng500.bin
2017-04-27 14:09 - 2012-11-14 00:43 - 00439308 _____ C:\Windows\system32\igcompkrng500.bin
2017-04-27 14:09 - 2012-11-14 00:43 - 00120320 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00095232 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-04-27 14:09 - 2012-11-14 00:43 - 00092356 _____ C:\Windows\system32\igfcg500m.bin
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-27 09:30 - 2009-07-14 05:34 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-27 09:30 - 2009-07-14 05:34 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-27 09:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-25 16:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-05-22 12:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2017-05-20 14:49 - 2011-02-07 13:31 - 00744976 _____ C:\Windows\system32\perfh00C.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00470204 _____ C:\Windows\system32\perfh001.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00148908 _____ C:\Windows\system32\perfc00C.dat
2017-05-20 14:49 - 2011-02-07 13:31 - 00094026 _____ C:\Windows\system32\perfc001.dat
2017-05-20 14:49 - 2010-11-20 22:01 - 02229580 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-20 14:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Web
2017-05-14 16:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2017-05-13 14:18 - 2009-07-14 05:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2017-05-13 14:18 - 2009-07-14 05:42 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2017-05-13 14:17 - 2009-07-14 05:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2017-05-13 14:17 - 2009-07-14 05:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2017-05-13 12:24 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-05-13 12:16 - 2009-07-14 03:03 - 31457280 _____ C:\Windows\system32\config\SOFTWARE.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 11010048 _____ C:\Windows\system32\config\SYSTEM.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2017-05-13 12:16 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2017-05-12 00:19 - 2009-07-14 05:53 - 00018108 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-05-11 13:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2017-05-11 01:05 - 2009-07-14 05:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-05-11 01:05 - 2009-07-14 05:34 - 00000000 ____D C:\Windows\Setup
2017-05-10 23:30 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-10 23:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2017-05-10 15:15 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-10 15:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2017-05-10 15:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\oobe
2017-05-10 15:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sysprep
2017-05-10 15:07 - 2010-11-21 01:46 - 00000000 ____D C:\Windows\CSC
==================== Files in the root of some directories =======
2017-05-11 23:11 - 2017-05-11 23:11 - 0070800 _____ () C:\Users\hassan\AppData\Local\Config.xml
2017-05-11 23:06 - 2017-05-11 23:07 - 0019008 _____ () C:\Users\hassan\AppData\Local\InstallationConfiguration.xml
2017-05-11 23:11 - 2017-05-11 23:11 - 0005568 _____ () C:\Users\hassan\AppData\Local\md.xml
2017-05-12 22:31 - 2017-05-12 22:32 - 0000132 _____ () C:\ProgramData\log.binb
2017-05-12 12:34 - 2017-05-12 22:31 - 0000128 _____ () C:\ProgramData\log.ewbb
Files to move or delete:
====================
C:\Users\hassan\ZHPDiag3.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-16 13:41
==================== End of FRST.txt ============================