Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Ran by نبيل (administrator) on 1111 (23-08-2017 14:14:34)
Running from C:\Users\نبيل\Desktop
Loaded Profiles: نبيل (Available Profiles: نبيل)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: الإنجليزية (الولايات المتحدة)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\DFDWiz.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-02-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [879208 2012-02-28] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7680216 2017-08-03] (Piriform Ltd)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [GoogleChromeAutoLaunch_B4EE23FCB21167FDD2BA3A8B013EDF05] => C:\Program Files\Google\Chrome\Application\chrome.exe [1131864 2017-08-11] (Google Inc.)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3966064 2016-08-05] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99153812-337D-4230-A037-B2D4304C8070}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ae/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-08] (IObit)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-27] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: 2pvjyf2l.default
FF ProfilePath: C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default [2017-08-23]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default\Extensions\firefox@zenmate.com.xpi [2017-08-22]
FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5 [2017-08-23] [not signed]
FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-08-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_39.dll [2017-08-22] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-27] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default [2017-08-23]
CHR Extension: (عروض Google التقديمية) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-22]
CHR Extension: (محرّر مستندات Google) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-22]
CHR Extension: (Google Drive) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-22]
CHR Extension: (Youtube) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-22]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-22]
CHR Extension: (جداول بيانات Google ) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-22]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-22]
CHR Extension: (IDM Integration Module) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-22]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-08-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-28] (Realsil Microelectronics Inc.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-08] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 LDrvSvc; C:\Program Files\OSTotoSoft\DriverTalent\LDrvSvc.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-08-22] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-22] (REALiX(tm))
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [10861056 2017-08-22] (Intel Corporation) [File not signed]
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [309216 2017-08-22] (Realsil Semiconductor Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-23 14:14 - 2017-08-23 14:14 - 000010588 _____ C:\Users\نبيل\Desktop\FRST.txt
2017-08-23 14:14 - 2017-08-23 14:14 - 000000000 ____D C:\FRST
2017-08-23 14:13 - 2017-08-23 14:13 - 001792512 _____ (Farbar) C:\Users\نبيل\Desktop\FRST.exe
2017-08-23 14:12 - 2017-08-23 14:12 - 009718621 _____ C:\Users\نبيل\Desktop\557151233.mp4
2017-08-23 02:14 - 2017-08-23 02:15 - 030950664 _____ C:\Users\نبيل\Desktop\vlc-2.2.6-win32.exe
2017-08-23 02:03 - 2017-08-23 02:04 - 035772800 _____ (Adlice Software ) C:\Users\نبيل\Desktop\RogueKiller_setup_ref3.exe
2017-08-23 01:51 - 2017-08-23 01:55 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ZHP
2017-08-23 01:51 - 2017-08-23 01:51 - 000000900 _____ C:\Users\نبيل\Desktop\ZHPCleaner.lnk
2017-08-22 23:46 - 2017-08-23 01:35 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IDM
2017-08-22 23:46 - 2017-08-22 23:46 - 000000979 _____ C:\Users\نبيل\Desktop\Internet Download Manager.lnk
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Windows\DMCache
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Video
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Compressed
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\IDM
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-08-22 23:26 - 2017-08-23 01:51 - 000000000 ____D C:\Users\نبيل\AppData\Local\ZHP
2017-08-22 23:10 - 2017-08-22 23:24 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\Mozilla
2017-08-22 23:09 - 2017-08-22 23:14 - 000000000 ____D C:\Users\نبيل\AppData\Local\Mozilla
2017-08-22 23:09 - 2017-08-22 23:10 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Mozilla
2017-08-22 23:06 - 2017-08-23 14:11 - 000085400 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-08-22 23:06 - 2017-08-23 14:11 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-08-22 23:06 - 2017-08-23 14:10 - 000221600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-22 23:06 - 2017-08-23 14:10 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-08-22 23:06 - 2017-08-23 01:34 - 000162240 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-08-22 23:06 - 2017-08-22 23:06 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-22 23:06 - 2017-06-27 12:06 - 000059936 _____ C:\Windows\system32\Drivers\mbae.sys
2017-08-22 22:35 - 2017-08-22 22:35 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-22 22:35 - 2017-08-22 22:35 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-22 22:34 - 2017-08-23 01:34 - 020239872 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-08-22 22:03 - 2017-08-22 22:03 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Adobe
2017-08-22 21:58 - 2017-08-23 02:15 - 000638032 _____ C:\Windows\system32\perfh00C.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000435188 _____ C:\Windows\system32\perfh001.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000107856 _____ C:\Windows\system32\perfc00C.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000076298 _____ C:\Windows\system32\perfc001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000344522 _____ C:\Windows\system32\perfi00C.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000289060 _____ C:\Windows\system32\perfi001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000042056 _____ C:\Windows\system32\perfd001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000038160 _____ C:\Windows\system32\perfd00C.dat
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\XPSViewer
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\fr
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\ar
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\040C
2017-08-22 13:06 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Panther
2017-08-22 12:58 - 2017-08-22 12:58 - 000000000 ____D C:\Windows.old
2017-08-22 12:57 - 2012-06-11 19:00 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-08-22 12:56 - 2017-08-22 12:56 - 000000000 ____D C:\Program Files\Common Files\postureAgent
2017-08-22 12:56 - 2009-09-17 22:54 - 000041088 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECI.sys
2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____D C:\Program Files\Synaptics
2017-08-22 12:54 - 2017-08-22 04:18 - 000000000 ____D C:\Windows\system32\sda
2017-08-22 12:54 - 2017-08-22 04:06 - 000000000 ____D C:\Program Files\Realtek
2017-08-22 12:54 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Intel
2017-08-22 12:54 - 2010-01-07 19:05 - 007367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStoricon.dll
2017-08-22 12:54 - 2010-01-07 19:05 - 000313888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2017-08-22 12:54 - 2010-01-07 19:05 - 000182304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2017-08-22 12:54 - 2009-11-19 02:03 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-08-22 12:53 - 2017-08-22 12:53 - 048572928 _____ C:\TOSHIBA Face Recognition.msi
2017-08-22 12:53 - 2017-08-22 12:53 - 000008192 _____ C:\1033.MST
2017-08-22 12:53 - 2017-08-22 12:53 - 000006187 _____ C:\0x0409.ini
2017-08-22 12:53 - 2017-08-22 12:53 - 000001798 _____ C:\Users\Public\Desktop\TOSHIBA Assist.lnk
2017-08-22 12:52 - 2017-08-22 12:58 - 000000000 ____D C:\Program Files\TOSHIBA
2017-08-22 12:52 - 2017-08-22 12:52 - 000057560 _____ C:\Users\نبيل\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Toshiba
2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-08-22 12:52 - 2017-08-22 04:06 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Program Files\WinRAR
2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\ElevatedDiagnostics
2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\KVRT_Data
2017-08-22 12:36 - 2017-08-22 12:36 - 000000000 ____D C:\Windows\pss
2017-08-22 12:24 - 2017-08-22 12:24 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\Program Files\CCleaner
2017-08-22 12:20 - 2017-08-22 12:20 - 000000000 ____D C:\ProgramData\EMCO
2017-08-22 12:19 - 2017-08-22 12:19 - 000001413 _____ C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-08-22 12:19 - 2017-08-22 12:19 - 000000020 ___SH C:\Users\نبيل\ntuser.ini
2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل\AppData\Local\VirtualStore
2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل
2017-08-22 12:19 - 2010-11-21 03:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Media Center Programs
2017-08-22 12:11 - 2017-08-22 12:11 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-08-22 12:10 - 2017-08-22 12:10 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-08-22 12:09 - 2017-08-22 12:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 __RHD C:\MSOCache
2017-08-22 04:23 - 2017-08-22 04:23 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-08-22 04:23 - 2017-08-22 04:23 - 000002094 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ProductData
2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-08-22 04:09 - 2012-06-11 19:00 - 000552080 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-08-22 04:09 - 2012-06-11 19:00 - 000080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-08-22 04:07 - 2017-08-22 04:07 - 000000000 ____D C:\Windows\system32\RTCOM
2017-08-22 04:06 - 2017-08-22 04:07 - 000000000 ___HD C:\Program Files\Temp
2017-08-22 04:06 - 2012-02-28 19:00 - 007783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 007161696 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 003954024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-08-22 04:06 - 2012-02-28 19:00 - 003383400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 002729472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 002401896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 002190400 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001698408 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-08-22 04:06 - 2012-02-28 19:00 - 001379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001099096 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000693592 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000617064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000421744 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000398192 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000351072 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000335216 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000238772 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-08-22 04:06 - 2012-02-28 19:00 - 000232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000192104 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000103776 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000088928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000085096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000062304 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000000852 ____N C:\Windows\system32\Drivers\RTKHDRC0.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000712 ____N C:\Windows\system32\Drivers\RTEQEX0.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000048 _____ C:\Windows\system32\Drivers\rtkhdaud.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000032 ____N C:\Windows\system32\Drivers\RTOBEQ0.dat
2017-08-22 03:56 - 2017-08-22 03:56 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2017-08-22 03:56 - 2017-08-22 03:56 - 000001989 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2017-08-22 03:55 - 2017-08-22 03:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\ProgramData\Adobe
2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\Program Files\Adobe
2017-08-22 03:54 - 2017-08-23 01:34 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-08-22 03:54 - 2017-08-23 01:34 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-22 03:54 - 2017-08-22 03:55 - 000692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-08-22 03:54 - 2017-08-22 03:55 - 000071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-08-22 03:48 - 2017-08-22 03:48 - 000000000 ____D C:\Program Files\Broadcom
2017-08-22 03:48 - 2017-08-22 03:47 - 003866624 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 003555328 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 002707448 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS
2017-08-22 03:48 - 2017-08-22 03:47 - 000091376 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 000006656 _____ C:\Windows\system32\bcmwlrc.dll
2017-08-22 03:45 - 2009-07-13 19:00 - 000023512 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZ_O.SYS
2017-08-22 03:41 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Minidump
2017-08-22 03:37 - 2017-08-22 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent
2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\Users\Public\Thunder Network
2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\ProgramData\Thunder Network
2017-08-22 03:26 - 2017-08-22 21:48 - 000000000 ____D C:\Program Files\OSTotoSoft
2017-08-22 03:26 - 2017-08-22 04:20 - 000000000 ____D C:\ProgramData\DriverTalent
2017-08-22 03:26 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\DriverTalent
2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ C:\ProgramData\serverclasscache.ini
2017-08-22 03:16 - 2017-08-22 03:16 - 000000000 ____D C:\Users\نبيل\AppData\Local\TOSHIBA_Corporation
2017-08-22 03:15 - 2017-08-22 04:13 - 000000000 ____D C:\Intel
2017-08-22 03:15 - 2017-08-22 03:15 - 000048504 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tosrfec.sys
2017-08-22 03:15 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-08-22 03:14 - 2017-08-22 03:14 - 010861056 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-08-22 03:14 - 2017-08-22 03:14 - 008196080 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-08-22 03:14 - 2017-08-22 03:14 - 001921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-08-22 03:14 - 2017-08-22 03:14 - 000867020 _____ C:\Windows\system32\igkrng575.bin
2017-08-22 03:14 - 2017-08-22 03:14 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-08-22 03:14 - 2017-08-22 03:14 - 000094208 _____ C:\Windows\system32\IccLibDll.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2993.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000076472 _____ C:\Windows\system32\iglhxs32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000059244 _____ C:\Windows\system32\iglhxc32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000059020 _____ C:\Windows\system32\iglhxg32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000058683 _____ C:\Windows\system32\iglhxo32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000001074 _____ C:\Windows\system32\iglhxa32.vp
2017-08-22 03:13 - 2017-08-22 22:35 - 000000000 ____D C:\Program Files\Google
2017-08-22 03:13 - 2017-08-22 22:34 - 000000000 ____D C:\Users\نبيل\AppData\Local\Deployment
2017-08-22 03:13 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\Google
2017-08-22 03:13 - 2017-08-22 03:13 - 000000000 ____D C:\Users\نبيل\AppData\Local\Apps\2.0
2017-08-22 03:12 - 2017-08-22 03:12 - 009890816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsCRIcon.dll
2017-08-22 03:12 - 2017-08-22 03:12 - 000309216 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2017-08-22 03:12 - 2017-08-22 03:12 - 000074752 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX.dll
2017-08-22 03:09 - 2017-08-22 03:09 - 000132480 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-08-22 03:09 - 2012-07-26 06:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-08-22 03:09 - 2012-07-26 06:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-08-22 03:09 - 2012-07-26 05:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2017-08-22 03:09 - 2012-06-02 17:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-08-22 03:08 - 2017-08-22 03:08 - 001637784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-08-22 03:08 - 2017-08-22 03:08 - 000028744 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2017-08-22 03:04 - 2017-08-23 02:02 - 000000000 ____D C:\ProgramData\IObit
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\IObit
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\ProductData
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Program Files\IObit
2017-08-22 03:04 - 2017-08-22 04:21 - 000002220 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-08-22 03:04 - 2017-08-22 03:04 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\Windows\IObit
2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-08-22 03:03 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IObit
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-23 14:10 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-23 02:15 - 2010-11-21 00:01 - 001948618 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-23 02:15 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2017-08-22 21:58 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\rescache
2017-08-22 21:57 - 2010-11-21 03:46 - 000000000 ____D C:\Program Files\Windows Journal
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\winrm
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\WCN
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\slmgr
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\DigitalLocker
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Defender
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\DVD Maker
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Setup
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\oobe
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\MUI
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\migwiz
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Dism
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\com
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\servicing
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\IME
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-22 13:06 - 2009-07-14 07:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-08-22 12:17 - 2009-07-14 07:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-22 12:11 - 2009-07-14 07:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-08-22 12:07 - 2010-11-21 03:46 - 000000000 ____D C:\Windows\CSC
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lv-LV
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lt-LT
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\et-EE
==================== Files in the root of some directories =======
2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ () C:\ProgramData\serverclasscache.ini
Some files in TEMP:
====================
2017-08-22 03:32 - 2017-06-28 06:05 - 000172200 _____ () C:\Users\نبيل\AppData\Local\Temp\substat.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-22 12:07
==================== End of FRST.txt ============================
Ran by نبيل (administrator) on 1111 (23-08-2017 14:14:34)
Running from C:\Users\نبيل\Desktop
Loaded Profiles: نبيل (Available Profiles: نبيل)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: الإنجليزية (الولايات المتحدة)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\DFDWiz.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-02-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [879208 2012-02-28] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7680216 2017-08-03] (Piriform Ltd)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [GoogleChromeAutoLaunch_B4EE23FCB21167FDD2BA3A8B013EDF05] => C:\Program Files\Google\Chrome\Application\chrome.exe [1131864 2017-08-11] (Google Inc.)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3966064 2016-08-05] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99153812-337D-4230-A037-B2D4304C8070}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ae/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-08] (IObit)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-27] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: 2pvjyf2l.default
FF ProfilePath: C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default [2017-08-23]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default\Extensions\firefox@zenmate.com.xpi [2017-08-22]
FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5 [2017-08-23] [not signed]
FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-08-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_39.dll [2017-08-22] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-27] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default [2017-08-23]
CHR Extension: (عروض Google التقديمية) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-22]
CHR Extension: (محرّر مستندات Google) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-22]
CHR Extension: (Google Drive) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-22]
CHR Extension: (Youtube) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-22]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-22]
CHR Extension: (جداول بيانات Google ) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-22]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-22]
CHR Extension: (IDM Integration Module) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-22]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-08-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-28] (Realsil Microelectronics Inc.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-08] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 LDrvSvc; C:\Program Files\OSTotoSoft\DriverTalent\LDrvSvc.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-08-22] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-22] (REALiX(tm))
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [10861056 2017-08-22] (Intel Corporation) [File not signed]
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [309216 2017-08-22] (Realsil Semiconductor Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-23 14:14 - 2017-08-23 14:14 - 000010588 _____ C:\Users\نبيل\Desktop\FRST.txt
2017-08-23 14:14 - 2017-08-23 14:14 - 000000000 ____D C:\FRST
2017-08-23 14:13 - 2017-08-23 14:13 - 001792512 _____ (Farbar) C:\Users\نبيل\Desktop\FRST.exe
2017-08-23 14:12 - 2017-08-23 14:12 - 009718621 _____ C:\Users\نبيل\Desktop\557151233.mp4
2017-08-23 02:14 - 2017-08-23 02:15 - 030950664 _____ C:\Users\نبيل\Desktop\vlc-2.2.6-win32.exe
2017-08-23 02:03 - 2017-08-23 02:04 - 035772800 _____ (Adlice Software ) C:\Users\نبيل\Desktop\RogueKiller_setup_ref3.exe
2017-08-23 01:51 - 2017-08-23 01:55 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ZHP
2017-08-23 01:51 - 2017-08-23 01:51 - 000000900 _____ C:\Users\نبيل\Desktop\ZHPCleaner.lnk
2017-08-22 23:46 - 2017-08-23 01:35 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IDM
2017-08-22 23:46 - 2017-08-22 23:46 - 000000979 _____ C:\Users\نبيل\Desktop\Internet Download Manager.lnk
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Windows\DMCache
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Video
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Compressed
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\IDM
2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-08-22 23:26 - 2017-08-23 01:51 - 000000000 ____D C:\Users\نبيل\AppData\Local\ZHP
2017-08-22 23:10 - 2017-08-22 23:24 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\Mozilla
2017-08-22 23:09 - 2017-08-22 23:14 - 000000000 ____D C:\Users\نبيل\AppData\Local\Mozilla
2017-08-22 23:09 - 2017-08-22 23:10 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Mozilla
2017-08-22 23:06 - 2017-08-23 14:11 - 000085400 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-08-22 23:06 - 2017-08-23 14:11 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-08-22 23:06 - 2017-08-23 14:10 - 000221600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-22 23:06 - 2017-08-23 14:10 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-08-22 23:06 - 2017-08-23 01:34 - 000162240 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-08-22 23:06 - 2017-08-22 23:06 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-22 23:06 - 2017-06-27 12:06 - 000059936 _____ C:\Windows\system32\Drivers\mbae.sys
2017-08-22 22:35 - 2017-08-22 22:35 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-22 22:35 - 2017-08-22 22:35 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-22 22:34 - 2017-08-23 01:34 - 020239872 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-08-22 22:03 - 2017-08-22 22:03 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Adobe
2017-08-22 21:58 - 2017-08-23 02:15 - 000638032 _____ C:\Windows\system32\perfh00C.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000435188 _____ C:\Windows\system32\perfh001.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000107856 _____ C:\Windows\system32\perfc00C.dat
2017-08-22 21:58 - 2017-08-23 02:15 - 000076298 _____ C:\Windows\system32\perfc001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000344522 _____ C:\Windows\system32\perfi00C.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000289060 _____ C:\Windows\system32\perfi001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000042056 _____ C:\Windows\system32\perfd001.dat
2017-08-22 21:58 - 2017-08-22 21:56 - 000038160 _____ C:\Windows\system32\perfd00C.dat
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\XPSViewer
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\fr
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\ar
2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\040C
2017-08-22 13:06 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Panther
2017-08-22 12:58 - 2017-08-22 12:58 - 000000000 ____D C:\Windows.old
2017-08-22 12:57 - 2012-06-11 19:00 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-08-22 12:56 - 2017-08-22 12:56 - 000000000 ____D C:\Program Files\Common Files\postureAgent
2017-08-22 12:56 - 2009-09-17 22:54 - 000041088 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECI.sys
2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____D C:\Program Files\Synaptics
2017-08-22 12:54 - 2017-08-22 04:18 - 000000000 ____D C:\Windows\system32\sda
2017-08-22 12:54 - 2017-08-22 04:06 - 000000000 ____D C:\Program Files\Realtek
2017-08-22 12:54 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Intel
2017-08-22 12:54 - 2010-01-07 19:05 - 007367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStoricon.dll
2017-08-22 12:54 - 2010-01-07 19:05 - 000313888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2017-08-22 12:54 - 2010-01-07 19:05 - 000182304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2017-08-22 12:54 - 2009-11-19 02:03 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-08-22 12:53 - 2017-08-22 12:53 - 048572928 _____ C:\TOSHIBA Face Recognition.msi
2017-08-22 12:53 - 2017-08-22 12:53 - 000008192 _____ C:\1033.MST
2017-08-22 12:53 - 2017-08-22 12:53 - 000006187 _____ C:\0x0409.ini
2017-08-22 12:53 - 2017-08-22 12:53 - 000001798 _____ C:\Users\Public\Desktop\TOSHIBA Assist.lnk
2017-08-22 12:52 - 2017-08-22 12:58 - 000000000 ____D C:\Program Files\TOSHIBA
2017-08-22 12:52 - 2017-08-22 12:52 - 000057560 _____ C:\Users\نبيل\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Toshiba
2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-08-22 12:52 - 2017-08-22 04:06 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Program Files\WinRAR
2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\ElevatedDiagnostics
2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\KVRT_Data
2017-08-22 12:36 - 2017-08-22 12:36 - 000000000 ____D C:\Windows\pss
2017-08-22 12:24 - 2017-08-22 12:24 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\Program Files\CCleaner
2017-08-22 12:20 - 2017-08-22 12:20 - 000000000 ____D C:\ProgramData\EMCO
2017-08-22 12:19 - 2017-08-22 12:19 - 000001413 _____ C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-08-22 12:19 - 2017-08-22 12:19 - 000000020 ___SH C:\Users\نبيل\ntuser.ini
2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل\AppData\Local\VirtualStore
2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل
2017-08-22 12:19 - 2010-11-21 03:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Media Center Programs
2017-08-22 12:11 - 2017-08-22 12:11 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-08-22 12:10 - 2017-08-22 12:10 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-08-22 12:09 - 2017-08-22 12:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 __RHD C:\MSOCache
2017-08-22 04:23 - 2017-08-22 04:23 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-08-22 04:23 - 2017-08-22 04:23 - 000002094 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ProductData
2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-08-22 04:09 - 2012-06-11 19:00 - 000552080 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-08-22 04:09 - 2012-06-11 19:00 - 000080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-08-22 04:07 - 2017-08-22 04:07 - 000000000 ____D C:\Windows\system32\RTCOM
2017-08-22 04:06 - 2017-08-22 04:07 - 000000000 ___HD C:\Program Files\Temp
2017-08-22 04:06 - 2012-02-28 19:00 - 007783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 007161696 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 003954024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-08-22 04:06 - 2012-02-28 19:00 - 003383400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 002729472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 002401896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 002190400 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001698408 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-08-22 04:06 - 2012-02-28 19:00 - 001379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 001099096 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000693592 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000617064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000421744 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000398192 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000351072 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000335216 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000238772 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-08-22 04:06 - 2012-02-28 19:00 - 000232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000192104 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000103776 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000088928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000085096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000062304 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2017-08-22 04:06 - 2012-02-28 19:00 - 000000852 ____N C:\Windows\system32\Drivers\RTKHDRC0.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000712 ____N C:\Windows\system32\Drivers\RTEQEX0.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000048 _____ C:\Windows\system32\Drivers\rtkhdaud.dat
2017-08-22 04:06 - 2012-02-28 19:00 - 000000032 ____N C:\Windows\system32\Drivers\RTOBEQ0.dat
2017-08-22 03:56 - 2017-08-22 03:56 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2017-08-22 03:56 - 2017-08-22 03:56 - 000001989 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2017-08-22 03:55 - 2017-08-22 03:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\ProgramData\Adobe
2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\Program Files\Adobe
2017-08-22 03:54 - 2017-08-23 01:34 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-08-22 03:54 - 2017-08-23 01:34 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-22 03:54 - 2017-08-22 03:55 - 000692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-08-22 03:54 - 2017-08-22 03:55 - 000071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-08-22 03:48 - 2017-08-22 03:48 - 000000000 ____D C:\Program Files\Broadcom
2017-08-22 03:48 - 2017-08-22 03:47 - 003866624 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 003555328 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 002707448 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS
2017-08-22 03:48 - 2017-08-22 03:47 - 000091376 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2017-08-22 03:48 - 2017-08-22 03:47 - 000006656 _____ C:\Windows\system32\bcmwlrc.dll
2017-08-22 03:45 - 2009-07-13 19:00 - 000023512 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZ_O.SYS
2017-08-22 03:41 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Minidump
2017-08-22 03:37 - 2017-08-22 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent
2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\Users\Public\Thunder Network
2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\ProgramData\Thunder Network
2017-08-22 03:26 - 2017-08-22 21:48 - 000000000 ____D C:\Program Files\OSTotoSoft
2017-08-22 03:26 - 2017-08-22 04:20 - 000000000 ____D C:\ProgramData\DriverTalent
2017-08-22 03:26 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\DriverTalent
2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ C:\ProgramData\serverclasscache.ini
2017-08-22 03:16 - 2017-08-22 03:16 - 000000000 ____D C:\Users\نبيل\AppData\Local\TOSHIBA_Corporation
2017-08-22 03:15 - 2017-08-22 04:13 - 000000000 ____D C:\Intel
2017-08-22 03:15 - 2017-08-22 03:15 - 000048504 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tosrfec.sys
2017-08-22 03:15 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-08-22 03:14 - 2017-08-22 03:14 - 010861056 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-08-22 03:14 - 2017-08-22 03:14 - 008196080 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-08-22 03:14 - 2017-08-22 03:14 - 001921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-08-22 03:14 - 2017-08-22 03:14 - 000867020 _____ C:\Windows\system32\igkrng575.bin
2017-08-22 03:14 - 2017-08-22 03:14 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-08-22 03:14 - 2017-08-22 03:14 - 000094208 _____ C:\Windows\system32\IccLibDll.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2993.dll
2017-08-22 03:14 - 2017-08-22 03:14 - 000076472 _____ C:\Windows\system32\iglhxs32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000059244 _____ C:\Windows\system32\iglhxc32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000059020 _____ C:\Windows\system32\iglhxg32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000058683 _____ C:\Windows\system32\iglhxo32.vp
2017-08-22 03:14 - 2017-08-22 03:14 - 000001074 _____ C:\Windows\system32\iglhxa32.vp
2017-08-22 03:13 - 2017-08-22 22:35 - 000000000 ____D C:\Program Files\Google
2017-08-22 03:13 - 2017-08-22 22:34 - 000000000 ____D C:\Users\نبيل\AppData\Local\Deployment
2017-08-22 03:13 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\Google
2017-08-22 03:13 - 2017-08-22 03:13 - 000000000 ____D C:\Users\نبيل\AppData\Local\Apps\2.0
2017-08-22 03:12 - 2017-08-22 03:12 - 009890816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsCRIcon.dll
2017-08-22 03:12 - 2017-08-22 03:12 - 000309216 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2017-08-22 03:12 - 2017-08-22 03:12 - 000074752 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX.dll
2017-08-22 03:09 - 2017-08-22 03:09 - 000132480 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-08-22 03:09 - 2012-07-26 06:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-08-22 03:09 - 2012-07-26 06:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-08-22 03:09 - 2012-07-26 05:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2017-08-22 03:09 - 2012-06-02 17:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-08-22 03:08 - 2017-08-22 03:08 - 001637784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-08-22 03:08 - 2017-08-22 03:08 - 000028744 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2017-08-22 03:04 - 2017-08-23 02:02 - 000000000 ____D C:\ProgramData\IObit
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\IObit
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\ProductData
2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Program Files\IObit
2017-08-22 03:04 - 2017-08-22 04:21 - 000002220 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-08-22 03:04 - 2017-08-22 03:04 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\Windows\IObit
2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-08-22 03:03 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IObit
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-23 14:10 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-23 02:15 - 2010-11-21 00:01 - 001948618 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-23 02:15 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2017-08-22 21:58 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\rescache
2017-08-22 21:57 - 2010-11-21 03:46 - 000000000 ____D C:\Program Files\Windows Journal
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\winrm
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\WCN
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\slmgr
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\DigitalLocker
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Defender
2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\DVD Maker
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Setup
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\oobe
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\MUI
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\migwiz
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Dism
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\com
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\servicing
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\IME
2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-22 13:06 - 2009-07-14 07:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-08-22 12:17 - 2009-07-14 07:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-22 12:11 - 2009-07-14 07:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-08-22 12:07 - 2010-11-21 03:46 - 000000000 ____D C:\Windows\CSC
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lv-LV
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lt-LT
2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\et-EE
==================== Files in the root of some directories =======
2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ () C:\ProgramData\serverclasscache.ini
Some files in TEMP:
====================
2017-08-22 03:32 - 2017-06-28 06:05 - 000172200 _____ () C:\Users\نبيل\AppData\Local\Temp\substat.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-22 12:07
==================== End of FRST.txt ============================