Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2017
Ran by lolo (administrator) on LOLO-PC (07-12-2017 02:43:38)
Running from C:\Users\lolo\Desktop
Loaded Profiles: lolo (Available Profiles: lolo)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: الإنجليزية (الولايات المتحدة)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.8.0.50\ns.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.8.0.50\ns.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1493608 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3981368 2016-09-30] (Tonec Inc.)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814600 2017-11-09] (Piriform Ltd)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B023FD77-9236-4925-9CEA-45583415752C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-ae/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon [2017-12-07] [Lagacy]
FF HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lolo\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\lolo\AppData\Roaming\IDM\idmmzcc5 [2017-12-07] [Lagacy] [not signed]
FF HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-09-21] [Lagacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-07] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-07] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default [2017-12-07]
CHR Extension: (العروض التقديمية) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (المستندات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-07]
CHR Extension: (Youtube) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07]
CHR Extension: (جداول البيانات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-07]
CHR Extension: (آدبلوك بلس) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-07]
CHR Extension: (توفير البيانات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2017-12-07]
CHR Extension: (Gmail) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-07]
CHR Profile: C:\Users\lolo\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.8.0.50\Exts\Chrome.crx [2017-12-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-10-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276288 2017-12-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed]
R2 NS; C:\Program Files\Norton Security\Engine\22.8.0.50\NS.exe [289080 2016-09-24] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3365624 2017-12-07] (Qualcomm Atheros Communications, Inc.)
R3 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20171204.003\BHDrvx86.sys [1367704 2017-12-04] (Symantec Corporation)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-12-07] (IVT Corporation.)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [33640 2010-10-18] (Atheros)
R3 ccSet_NS; C:\Windows\system32\drivers\NS\1608000.032\ccSetx86.sys [137456 2016-06-02] (Symantec Corporation)
R3 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [393368 2017-12-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [126616 2017-12-06] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-12-07] (REALiX(tm))
R3 IDSVix86; C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20171205.001\IDSvix86.sys [845976 2017-12-05] (Symantec Corporation)
R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [20368 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [20336 2017-09-28] (IObit.com)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [33616 2011-02-08] (TOSHIBA Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NS\1608000.032\SRTSP.SYS [634096 2016-09-23] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NS\1608000.032\SRTSPX.SYS [43248 2016-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NS\1608000.032\SYMEFASI.SYS [1291992 2016-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [87792 2017-12-07] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NS\1608000.032\Ironx86.SYS [229616 2016-09-23] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NS\1608000.032\SYMNETS.SYS [423640 2016-09-23] (Symantec Corporation)
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53760 2010-04-26] (TOSHIBA Corporation) [File not signed]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171206.008\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171206.008\NAVEX15.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-07 10:24 - 2017-12-06 23:29 - 000000000 ____D C:\Windows\Panther
2017-12-07 02:43 - 2017-12-07 02:43 - 000021597 _____ C:\Users\lolo\Desktop\Addition.txt
2017-12-07 02:42 - 2017-12-07 02:43 - 000012270 _____ C:\Users\lolo\Desktop\FRST.txt
2017-12-07 02:41 - 2017-12-07 02:43 - 000000000 ____D C:\FRST
2017-12-07 02:41 - 2017-12-07 02:41 - 001751040 _____ (Farbar) C:\Users\lolo\Desktop\frst.exe
2017-12-07 02:07 - 2017-12-07 02:07 - 000000791 _____ C:\Users\lolo\Desktop\ZHPCleaner.lnk
2017-12-07 01:56 - 2017-12-07 02:02 - 000000000 ____D C:\AdwCleaner
2017-12-07 01:56 - 2017-12-07 01:56 - 008187336 _____ (Malwarebytes) C:\Users\lolo\Desktop\adwcleaner_7.0.5.0.exe
2017-12-07 01:23 - 2017-12-07 02:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\ZHP
2017-12-07 01:23 - 2017-12-07 02:07 - 000000000 ____D C:\Users\lolo\AppData\Local\ZHP
2017-12-07 01:23 - 2017-12-07 01:23 - 000000781 _____ C:\Users\lolo\Desktop\ZHPDiag.lnk
2017-12-07 01:13 - 2017-12-07 01:13 - 000000000 ___SD C:\Users\lolo\AppData\LocalLow\Temp
2017-12-07 01:10 - 2017-12-07 01:40 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-12-07 01:10 - 2017-12-07 01:20 - 000087792 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2017-12-07 01:10 - 2017-12-07 01:20 - 000008234 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2017-12-07 01:09 - 2017-12-07 01:32 - 000002226 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-12-07 01:07 - 2017-12-07 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-12-07 01:07 - 2017-12-07 01:32 - 000000000 ____D C:\Windows\system32\Drivers\NS
2017-12-07 01:07 - 2017-12-07 01:11 - 000000000 ____D C:\ProgramData\Norton
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\ProgramData\NortonInstaller
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\Program Files\NortonInstaller
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\Program Files\Norton Security
2017-12-07 00:54 - 2017-12-07 00:54 - 000048504 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tosrfec.sys
2017-12-07 00:51 - 2017-12-07 00:51 - 003365624 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2017-12-07 00:47 - 2017-12-07 00:47 - 000807392 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-12-07 00:47 - 2017-12-07 00:47 - 000109024 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 011155968 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 010673152 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 007408128 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-12-07 00:44 - 2017-12-07 00:44 - 006225216 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 003776512 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 001921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-12-07 00:44 - 2017-12-07 00:44 - 000963388 _____ C:\Windows\system32\igcodeckrng600.bin
2017-12-07 00:44 - 2017-12-07 00:44 - 000604160 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000519680 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000448512 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435200 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435200 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000433664 _____ (Intel Corporation) C:\Windows\system32\SET70B8.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000433664 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000430080 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000427008 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000426496 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000330240 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000276288 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2017-12-07 00:44 - 2017-12-07 00:44 - 000269120 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000223233 _____ C:\Windows\system32\Gfxres.th-TH.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000209727 _____ C:\Windows\system32\Gfxres.el-GR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000196928 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000193862 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000188736 _____ (Intel Corporation) C:\Windows\system32\SET49B0.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000180224 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000180032 _____ (Intel Corporation) C:\Windows\system32\SET3CB2.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000174080 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000165865 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000163120 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000158727 _____ C:\Windows\system32\Gfxres.he-IL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000149390 _____ C:\Windows\system32\Gfxres.it-IT.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147759 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147101 _____ C:\Windows\system32\Gfxres.de-DE.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147010 _____ C:\Windows\system32\Gfxres.es-ES.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000145715 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000145211 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000144704 _____ (Intel Corporation) C:\Windows\system32\SET3A51.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000144378 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143976 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143730 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143657 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142990 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142617 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142423 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142008 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000141739 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000141574 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000140779 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000137621 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000137534 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000136873 _____ C:\Windows\system32\Gfxres.da-DK.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000132360 _____ C:\Windows\system32\Gfxres.en-US.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000126035 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000124403 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000120320 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-12-07 00:44 - 2017-12-07 00:44 - 000102400 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2843.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000067580 _____ C:\Windows\system32\iglhxs32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000064512 _____ C:\Windows\system32\igdde32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000059594 _____ C:\Windows\system32\iglhxc32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059384 _____ C:\Windows\system32\iglhxc32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059328 _____ C:\Windows\system32\iglhxg32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059215 _____ C:\Windows\system32\iglhxo32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000058781 _____ C:\Windows\system32\iglhxo32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000058684 _____ C:\Windows\system32\iglhxg32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000025088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000001074 _____ C:\Windows\system32\iglhxa32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000000255 _____ C:\Windows\system32\GfxUI.exe.config
2017-12-07 00:42 - 2017-12-07 00:42 - 000047504 _____ (IVT Corporation.) C:\Windows\system32\Drivers\btcusb.sys
2017-12-07 00:42 - 2017-12-07 00:42 - 000021496 _____ (IVT Corporation.) C:\Windows\system32\btinstall.dll
2017-12-07 00:40 - 2017-12-07 00:43 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-07 00:40 - 2017-12-07 00:42 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-07 00:40 - 2017-12-07 00:42 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-07 00:40 - 2017-12-07 00:40 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-12-07 00:40 - 2017-12-07 00:40 - 000000000 ____D C:\Windows\IObit
2017-12-07 00:40 - 2017-12-07 00:40 - 000000000 ____D C:\ProgramData\Adobe
2017-12-07 00:39 - 2017-12-07 00:58 - 000000000 ____D C:\Program Files\IObit
2017-12-07 00:39 - 2017-12-07 00:57 - 000000000 ____D C:\ProgramData\ProductData
2017-12-07 00:39 - 2017-12-07 00:40 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Adobe
2017-12-07 00:39 - 2017-12-07 00:39 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-12-07 00:39 - 2017-12-07 00:39 - 000002098 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\LocalLow\IObit
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\Local\Adobe
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Common Files\IObit
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Adobe
2017-12-07 00:38 - 2017-12-07 00:40 - 000000000 ____D C:\Users\lolo\AppData\Roaming\IObit
2017-12-07 00:38 - 2017-12-07 00:40 - 000000000 ____D C:\ProgramData\IObit
2017-12-07 00:32 - 2017-12-07 00:33 - 000000000 ____D C:\Program Files\CCleaner
2017-12-07 00:32 - 2017-12-07 00:32 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-12-07 00:32 - 2017-12-07 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-07 00:22 - 2017-12-07 02:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\DMCache
2017-12-07 00:22 - 2017-12-07 00:24 - 000000000 ____D C:\Users\lolo\AppData\Roaming\IDM
2017-12-07 00:22 - 2017-12-07 00:23 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000983 _____ C:\Users\lolo\Desktop\Internet Download Manager.lnk
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\Downloads\Video
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\Downloads\Compressed
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\ProgramData\IDM
2017-12-07 00:17 - 2017-12-07 00:34 - 000629862 _____ C:\Windows\system32\perfh00C.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000435188 _____ C:\Windows\system32\perfh001.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000107722 _____ C:\Windows\system32\perfc00C.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000076298 _____ C:\Windows\system32\perfc001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000344522 _____ C:\Windows\system32\perfi00C.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000289060 _____ C:\Windows\system32\perfi001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000042056 _____ C:\Windows\system32\perfd001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000038160 _____ C:\Windows\system32\perfd00C.dat
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\XPSViewer
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\fr
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\ar
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\040C
2017-12-07 00:14 - 2017-12-07 00:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Google
2017-12-07 00:11 - 2017-12-07 00:11 - 000002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-07 00:11 - 2017-12-07 00:11 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-07 00:10 - 2017-12-07 00:11 - 000000000 ____D C:\Program Files\Google
2017-12-07 00:09 - 2017-12-07 00:37 - 000000000 ____D C:\Users\lolo\AppData\Local\Google
2017-12-07 00:09 - 2017-12-07 00:09 - 000057560 _____ C:\Users\lolo\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-07 00:09 - 2017-12-07 00:09 - 000000000 ____D C:\Users\lolo\AppData\Local\Deployment
2017-12-07 00:09 - 2017-12-07 00:09 - 000000000 ____D C:\Users\lolo\AppData\Local\Apps\2.0
2017-12-07 00:07 - 2017-12-07 00:19 - 000000000 ____D C:\Users\lolo\AppData\Roaming\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\Program Files\WinRAR
2017-12-07 00:01 - 2010-08-04 18:16 - 000000008 _____ C:\Windows\system32\Drivers\rtkhdaud.dat
2017-12-07 00:01 - 2010-07-28 18:23 - 003604584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 003154920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-12-07 00:01 - 2010-07-28 18:23 - 001829992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 001084008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-12-07 00:01 - 2010-07-28 18:23 - 000371816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2017-12-07 00:01 - 2010-07-28 18:23 - 000367208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 000064616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2017-12-07 00:01 - 2010-07-06 11:48 - 001327104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104672 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104672 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104160 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2017-12-07 00:01 - 2010-06-27 17:15 - 000252928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2017-12-07 00:01 - 2010-05-06 16:42 - 001738072 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2017-12-07 00:01 - 2010-04-27 13:50 - 000299424 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-12-07 00:01 - 2010-04-14 17:55 - 000232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 001131280 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000961296 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000427792 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000405776 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000290064 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000900368 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000448272 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000235280 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000223504 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000357576 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000168648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000062664 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-12-07 00:01 - 2009-12-11 09:55 - 000293584 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-12-07 00:01 - 2009-12-11 09:55 - 000293584 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Windows\system32\nn-NO
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Windows\Options
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Program Files\Atheros
2017-12-06 23:59 - 2010-12-20 19:21 - 000400544 _____ (Atheros) C:\Windows\system32\athihvs.dll
2017-12-06 23:59 - 2010-12-20 19:21 - 000064672 _____ (Atheros) C:\Windows\system32\athihvui.dll
2017-12-06 23:58 - 2017-12-06 23:59 - 000000000 ____D C:\ProgramData\Atheros
2017-12-06 23:49 - 2009-06-18 21:32 - 000040832 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\Drivers\TosBtCi.dll
2017-12-06 23:48 - 2011-08-18 06:51 - 000000000 ____D C:\v80012T_20110809_x32
2017-12-06 23:47 - 2011-01-12 17:44 - 000355352 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2017-12-06 23:46 - 2017-12-07 00:04 - 000000000 ___HD C:\Program Files\Temp
2017-12-06 23:46 - 2017-12-07 00:02 - 000000000 ____D C:\Windows\system32\RTCOM
2017-12-06 23:46 - 2011-02-09 15:56 - 001284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 001705816 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000341848 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000096600 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000061784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2017-12-06 23:46 - 2010-11-02 09:31 - 000081240 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000214352 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000068944 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO.dll
2017-12-06 23:46 - 2010-07-22 16:37 - 000175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-12-06 23:46 - 2010-05-06 17:35 - 000252760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2017-12-06 23:46 - 2009-12-04 15:43 - 000132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-12-06 23:46 - 2009-11-18 18:42 - 001938704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-12-06 23:46 - 2009-11-18 18:42 - 001783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-12-06 23:46 - 2009-11-17 18:13 - 000096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-12-06 23:44 - 2017-12-06 23:44 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-12-06 23:44 - 2017-12-06 23:44 - 000000000 ____D C:\Intel
2017-12-06 23:43 - 2010-10-04 13:02 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-12-06 23:42 - 2017-12-07 00:47 - 000112160 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-12-06 23:42 - 2010-06-08 23:33 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\SET9031.tmp
2017-12-06 23:41 - 2017-12-06 23:47 - 000000000 ____D C:\Program Files\Intel
2017-12-06 23:40 - 2017-12-07 00:02 - 000000000 ____D C:\Windows\system32\sda
2017-12-06 23:40 - 2017-12-06 23:40 - 000001868 _____ C:\Users\Public\Desktop\TOSHIBA Media Controller.lnk
2017-12-06 23:39 - 2017-12-07 00:03 - 000000000 ____D C:\Program Files\Realtek
2017-12-06 23:39 - 2010-01-07 09:05 - 000182304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2017-12-06 23:37 - 2011-02-08 19:08 - 000033616 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\PGEffect.sys
2017-12-06 23:35 - 2017-12-06 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-12-06 23:34 - 2017-12-06 23:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-12-06 23:32 - 2017-12-06 23:32 - 000000000 ____D C:\Program Files\TOH Class Filter
2017-12-06 23:31 - 2017-12-06 23:59 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-12-06 23:31 - 2017-12-06 23:55 - 000000000 ____D C:\Program Files\TOSHIBA
2017-12-06 23:31 - 2017-12-06 23:31 - 000000000 ____D C:\Users\lolo\AppData\Roaming\WinBatch
2017-12-06 23:30 - 2017-12-06 23:51 - 000000000 ____D C:\Program Files\UEFI WinFlash
2017-12-06 23:29 - 2017-12-06 23:29 - 000001417 _____ C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-06 23:29 - 2017-12-06 23:29 - 000000020 ___SH C:\Users\lolo\ntuser.ini
2017-12-06 23:29 - 2017-12-06 23:29 - 000000000 ____D C:\Users\lolo\AppData\Local\VirtualStore
2017-12-06 23:29 - 2017-12-06 23:29 - 000000000 ____D C:\Users\lolo
2017-12-06 23:29 - 2010-11-21 03:46 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Media Center Programs
2017-12-06 23:27 - 2017-12-06 23:27 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-12-06 23:27 - 2017-12-06 23:27 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-12-06 23:26 - 2017-12-06 23:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-07 10:23 - 2009-07-14 07:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-12-07 02:15 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-07 02:15 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-07 02:15 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-07 00:54 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2017-12-07 00:44 - 2011-04-04 20:02 - 011038208 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2017-12-07 00:44 - 2011-04-04 19:24 - 000313856 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-12-07 00:44 - 2011-04-04 19:24 - 000059392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-12-07 00:44 - 2011-04-04 19:23 - 009023488 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-12-07 00:44 - 2011-04-04 19:23 - 000096256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-12-07 00:34 - 2010-11-21 00:01 - 001948618 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-07 00:18 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\rescache
2017-12-07 00:16 - 2010-11-21 03:46 - 000000000 ____D C:\Program Files\Windows Journal
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\winrm
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\WCN
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\slmgr
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\DigitalLocker
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\DVD Maker
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\oobe
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\MUI
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\migwiz
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Dism
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\servicing
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\IME
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-12-07 00:15 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-12-07 00:15 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\com
2017-12-06 23:37 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-06 23:27 - 2009-07-14 07:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-06 23:25 - 2010-11-21 03:46 - 000000000 ____D C:\Windows\CSC
2017-12-06 23:25 - 2009-07-14 07:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Ran by lolo (administrator) on LOLO-PC (07-12-2017 02:43:38)
Running from C:\Users\lolo\Desktop
Loaded Profiles: lolo (Available Profiles: lolo)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: الإنجليزية (الولايات المتحدة)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.8.0.50\ns.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.8.0.50\ns.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1493608 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3981368 2016-09-30] (Tonec Inc.)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814600 2017-11-09] (Piriform Ltd)
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B023FD77-9236-4925-9CEA-45583415752C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-ae/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon [2017-12-07] [Lagacy]
FF HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lolo\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\lolo\AppData\Roaming\IDM\idmmzcc5 [2017-12-07] [Lagacy] [not signed]
FF HKU\S-1-5-21-3213584876-3955755137-3540442523-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-09-21] [Lagacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-07] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-07] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default [2017-12-07]
CHR Extension: (العروض التقديمية) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (المستندات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-07]
CHR Extension: (Youtube) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07]
CHR Extension: (جداول البيانات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-07]
CHR Extension: (آدبلوك بلس) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-07]
CHR Extension: (توفير البيانات) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2017-12-07]
CHR Extension: (Gmail) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-07]
CHR Profile: C:\Users\lolo\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.8.0.50\Exts\Chrome.crx [2017-12-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-10-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276288 2017-12-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed]
R2 NS; C:\Program Files\Norton Security\Engine\22.8.0.50\NS.exe [289080 2016-09-24] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3365624 2017-12-07] (Qualcomm Atheros Communications, Inc.)
R3 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20171204.003\BHDrvx86.sys [1367704 2017-12-04] (Symantec Corporation)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-12-07] (IVT Corporation.)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [33640 2010-10-18] (Atheros)
R3 ccSet_NS; C:\Windows\system32\drivers\NS\1608000.032\ccSetx86.sys [137456 2016-06-02] (Symantec Corporation)
R3 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [393368 2017-12-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [126616 2017-12-06] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-12-07] (REALiX(tm))
R3 IDSVix86; C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20171205.001\IDSvix86.sys [845976 2017-12-05] (Symantec Corporation)
R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [20368 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [20336 2017-09-28] (IObit.com)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [33616 2011-02-08] (TOSHIBA Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NS\1608000.032\SRTSP.SYS [634096 2016-09-23] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NS\1608000.032\SRTSPX.SYS [43248 2016-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NS\1608000.032\SYMEFASI.SYS [1291992 2016-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [87792 2017-12-07] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NS\1608000.032\Ironx86.SYS [229616 2016-09-23] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NS\1608000.032\SYMNETS.SYS [423640 2016-09-23] (Symantec Corporation)
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53760 2010-04-26] (TOSHIBA Corporation) [File not signed]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171206.008\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171206.008\NAVEX15.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-07 10:24 - 2017-12-06 23:29 - 000000000 ____D C:\Windows\Panther
2017-12-07 02:43 - 2017-12-07 02:43 - 000021597 _____ C:\Users\lolo\Desktop\Addition.txt
2017-12-07 02:42 - 2017-12-07 02:43 - 000012270 _____ C:\Users\lolo\Desktop\FRST.txt
2017-12-07 02:41 - 2017-12-07 02:43 - 000000000 ____D C:\FRST
2017-12-07 02:41 - 2017-12-07 02:41 - 001751040 _____ (Farbar) C:\Users\lolo\Desktop\frst.exe
2017-12-07 02:07 - 2017-12-07 02:07 - 000000791 _____ C:\Users\lolo\Desktop\ZHPCleaner.lnk
2017-12-07 01:56 - 2017-12-07 02:02 - 000000000 ____D C:\AdwCleaner
2017-12-07 01:56 - 2017-12-07 01:56 - 008187336 _____ (Malwarebytes) C:\Users\lolo\Desktop\adwcleaner_7.0.5.0.exe
2017-12-07 01:23 - 2017-12-07 02:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\ZHP
2017-12-07 01:23 - 2017-12-07 02:07 - 000000000 ____D C:\Users\lolo\AppData\Local\ZHP
2017-12-07 01:23 - 2017-12-07 01:23 - 000000781 _____ C:\Users\lolo\Desktop\ZHPDiag.lnk
2017-12-07 01:13 - 2017-12-07 01:13 - 000000000 ___SD C:\Users\lolo\AppData\LocalLow\Temp
2017-12-07 01:10 - 2017-12-07 01:40 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-12-07 01:10 - 2017-12-07 01:20 - 000087792 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2017-12-07 01:10 - 2017-12-07 01:20 - 000008234 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2017-12-07 01:09 - 2017-12-07 01:32 - 000002226 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-12-07 01:07 - 2017-12-07 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-12-07 01:07 - 2017-12-07 01:32 - 000000000 ____D C:\Windows\system32\Drivers\NS
2017-12-07 01:07 - 2017-12-07 01:11 - 000000000 ____D C:\ProgramData\Norton
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\ProgramData\NortonInstaller
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\Program Files\NortonInstaller
2017-12-07 01:07 - 2017-12-07 01:07 - 000000000 ____D C:\Program Files\Norton Security
2017-12-07 00:54 - 2017-12-07 00:54 - 000048504 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tosrfec.sys
2017-12-07 00:51 - 2017-12-07 00:51 - 003365624 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2017-12-07 00:47 - 2017-12-07 00:47 - 000807392 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-12-07 00:47 - 2017-12-07 00:47 - 000109024 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 011155968 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 010673152 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 007408128 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-12-07 00:44 - 2017-12-07 00:44 - 006225216 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 003776512 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 001921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-12-07 00:44 - 2017-12-07 00:44 - 000963388 _____ C:\Windows\system32\igcodeckrng600.bin
2017-12-07 00:44 - 2017-12-07 00:44 - 000604160 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000519680 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000448512 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436736 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000436224 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435200 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000435200 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000433664 _____ (Intel Corporation) C:\Windows\system32\SET70B8.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000433664 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000430080 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000427008 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000426496 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000330240 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-12-07 00:44 - 2017-12-07 00:44 - 000276288 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2017-12-07 00:44 - 2017-12-07 00:44 - 000269120 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000223233 _____ C:\Windows\system32\Gfxres.th-TH.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000209727 _____ C:\Windows\system32\Gfxres.el-GR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000196928 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-12-07 00:44 - 2017-12-07 00:44 - 000193862 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000188736 _____ (Intel Corporation) C:\Windows\system32\SET49B0.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000180224 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000180032 _____ (Intel Corporation) C:\Windows\system32\SET3CB2.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000174080 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000165865 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000163120 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000158727 _____ C:\Windows\system32\Gfxres.he-IL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000149390 _____ C:\Windows\system32\Gfxres.it-IT.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147759 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147101 _____ C:\Windows\system32\Gfxres.de-DE.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000147010 _____ C:\Windows\system32\Gfxres.es-ES.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000145715 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000145211 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000144704 _____ (Intel Corporation) C:\Windows\system32\SET3A51.tmp
2017-12-07 00:44 - 2017-12-07 00:44 - 000144378 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143976 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143730 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000143657 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142990 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142617 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142423 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000142008 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000141739 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000141574 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000140779 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000137621 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000137534 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000136873 _____ C:\Windows\system32\Gfxres.da-DK.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000132360 _____ C:\Windows\system32\Gfxres.en-US.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000126035 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000124403 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2017-12-07 00:44 - 2017-12-07 00:44 - 000120320 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-12-07 00:44 - 2017-12-07 00:44 - 000102400 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2843.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000067580 _____ C:\Windows\system32\iglhxs32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000064512 _____ C:\Windows\system32\igdde32.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000059594 _____ C:\Windows\system32\iglhxc32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059384 _____ C:\Windows\system32\iglhxc32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059328 _____ C:\Windows\system32\iglhxg32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000059215 _____ C:\Windows\system32\iglhxo32_dev.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000058781 _____ C:\Windows\system32\iglhxo32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000058684 _____ C:\Windows\system32\iglhxg32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000025088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2017-12-07 00:44 - 2017-12-07 00:44 - 000001074 _____ C:\Windows\system32\iglhxa32.vp
2017-12-07 00:44 - 2017-12-07 00:44 - 000000255 _____ C:\Windows\system32\GfxUI.exe.config
2017-12-07 00:42 - 2017-12-07 00:42 - 000047504 _____ (IVT Corporation.) C:\Windows\system32\Drivers\btcusb.sys
2017-12-07 00:42 - 2017-12-07 00:42 - 000021496 _____ (IVT Corporation.) C:\Windows\system32\btinstall.dll
2017-12-07 00:40 - 2017-12-07 00:43 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-07 00:40 - 2017-12-07 00:42 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-07 00:40 - 2017-12-07 00:42 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-07 00:40 - 2017-12-07 00:40 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2017-12-07 00:40 - 2017-12-07 00:40 - 000000000 ____D C:\Windows\IObit
2017-12-07 00:40 - 2017-12-07 00:40 - 000000000 ____D C:\ProgramData\Adobe
2017-12-07 00:39 - 2017-12-07 00:58 - 000000000 ____D C:\Program Files\IObit
2017-12-07 00:39 - 2017-12-07 00:57 - 000000000 ____D C:\ProgramData\ProductData
2017-12-07 00:39 - 2017-12-07 00:40 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Adobe
2017-12-07 00:39 - 2017-12-07 00:39 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-12-07 00:39 - 2017-12-07 00:39 - 000002098 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\LocalLow\IObit
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\lolo\AppData\Local\Adobe
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Common Files\IObit
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-12-07 00:39 - 2017-12-07 00:39 - 000000000 ____D C:\Program Files\Adobe
2017-12-07 00:38 - 2017-12-07 00:40 - 000000000 ____D C:\Users\lolo\AppData\Roaming\IObit
2017-12-07 00:38 - 2017-12-07 00:40 - 000000000 ____D C:\ProgramData\IObit
2017-12-07 00:32 - 2017-12-07 00:33 - 000000000 ____D C:\Program Files\CCleaner
2017-12-07 00:32 - 2017-12-07 00:32 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-12-07 00:32 - 2017-12-07 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-07 00:22 - 2017-12-07 02:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\DMCache
2017-12-07 00:22 - 2017-12-07 00:24 - 000000000 ____D C:\Users\lolo\AppData\Roaming\IDM
2017-12-07 00:22 - 2017-12-07 00:23 - 000000000 ____D C:\Program Files\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000983 _____ C:\Users\lolo\Desktop\Internet Download Manager.lnk
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\Downloads\Video
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\Downloads\Compressed
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-12-07 00:22 - 2017-12-07 00:22 - 000000000 ____D C:\ProgramData\IDM
2017-12-07 00:17 - 2017-12-07 00:34 - 000629862 _____ C:\Windows\system32\perfh00C.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000435188 _____ C:\Windows\system32\perfh001.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000107722 _____ C:\Windows\system32\perfc00C.dat
2017-12-07 00:17 - 2017-12-07 00:34 - 000076298 _____ C:\Windows\system32\perfc001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000344522 _____ C:\Windows\system32\perfi00C.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000289060 _____ C:\Windows\system32\perfi001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000042056 _____ C:\Windows\system32\perfd001.dat
2017-12-07 00:17 - 2017-12-07 00:15 - 000038160 _____ C:\Windows\system32\perfd00C.dat
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\XPSViewer
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\fr
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\ar
2017-12-07 00:16 - 2017-12-07 00:16 - 000000000 ____D C:\Windows\system32\040C
2017-12-07 00:14 - 2017-12-07 00:14 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Google
2017-12-07 00:11 - 2017-12-07 00:11 - 000002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-07 00:11 - 2017-12-07 00:11 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-07 00:10 - 2017-12-07 00:11 - 000000000 ____D C:\Program Files\Google
2017-12-07 00:09 - 2017-12-07 00:37 - 000000000 ____D C:\Users\lolo\AppData\Local\Google
2017-12-07 00:09 - 2017-12-07 00:09 - 000057560 _____ C:\Users\lolo\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-07 00:09 - 2017-12-07 00:09 - 000000000 ____D C:\Users\lolo\AppData\Local\Deployment
2017-12-07 00:09 - 2017-12-07 00:09 - 000000000 ____D C:\Users\lolo\AppData\Local\Apps\2.0
2017-12-07 00:07 - 2017-12-07 00:19 - 000000000 ____D C:\Users\lolo\AppData\Roaming\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-07 00:07 - 2017-12-07 00:07 - 000000000 ____D C:\Program Files\WinRAR
2017-12-07 00:01 - 2010-08-04 18:16 - 000000008 _____ C:\Windows\system32\Drivers\rtkhdaud.dat
2017-12-07 00:01 - 2010-07-28 18:23 - 003604584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 003154920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-12-07 00:01 - 2010-07-28 18:23 - 001829992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 001084008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-12-07 00:01 - 2010-07-28 18:23 - 000371816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2017-12-07 00:01 - 2010-07-28 18:23 - 000367208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-12-07 00:01 - 2010-07-28 18:23 - 000064616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2017-12-07 00:01 - 2010-07-06 11:48 - 001327104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104672 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104672 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2017-12-07 00:01 - 2010-07-01 13:43 - 000104160 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2017-12-07 00:01 - 2010-06-27 17:15 - 000252928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2017-12-07 00:01 - 2010-05-06 16:42 - 001738072 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2017-12-07 00:01 - 2010-04-27 13:50 - 000299424 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-12-07 00:01 - 2010-04-14 17:55 - 000232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 001131280 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000961296 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000427792 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000405776 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2017-12-07 00:01 - 2010-01-05 13:39 - 000290064 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000900368 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000448272 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000235280 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2017-12-07 00:01 - 2010-01-05 13:38 - 000223504 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000357576 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000168648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-12-07 00:01 - 2009-12-15 18:26 - 000062664 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-12-07 00:01 - 2009-12-11 09:55 - 000293584 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-12-07 00:01 - 2009-12-11 09:55 - 000293584 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Windows\system32\nn-NO
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Windows\Options
2017-12-06 23:59 - 2017-12-06 23:59 - 000000000 ____D C:\Program Files\Atheros
2017-12-06 23:59 - 2010-12-20 19:21 - 000400544 _____ (Atheros) C:\Windows\system32\athihvs.dll
2017-12-06 23:59 - 2010-12-20 19:21 - 000064672 _____ (Atheros) C:\Windows\system32\athihvui.dll
2017-12-06 23:58 - 2017-12-06 23:59 - 000000000 ____D C:\ProgramData\Atheros
2017-12-06 23:49 - 2009-06-18 21:32 - 000040832 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\Drivers\TosBtCi.dll
2017-12-06 23:48 - 2011-08-18 06:51 - 000000000 ____D C:\v80012T_20110809_x32
2017-12-06 23:47 - 2011-01-12 17:44 - 000355352 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2017-12-06 23:46 - 2017-12-07 00:04 - 000000000 ___HD C:\Program Files\Temp
2017-12-06 23:46 - 2017-12-07 00:02 - 000000000 ____D C:\Windows\system32\RTCOM
2017-12-06 23:46 - 2011-02-09 15:56 - 001284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 001705816 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000341848 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000096600 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2017-12-06 23:46 - 2010-11-02 09:32 - 000061784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2017-12-06 23:46 - 2010-11-02 09:31 - 000081240 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000214352 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM.dll
2017-12-06 23:46 - 2010-07-22 16:48 - 000068944 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO.dll
2017-12-06 23:46 - 2010-07-22 16:37 - 000175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-12-06 23:46 - 2010-05-06 17:35 - 000252760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2017-12-06 23:46 - 2009-12-04 15:43 - 000132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-12-06 23:46 - 2009-11-24 09:55 - 000140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-12-06 23:46 - 2009-11-18 18:42 - 001938704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-12-06 23:46 - 2009-11-18 18:42 - 001783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-12-06 23:46 - 2009-11-17 18:13 - 000096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-12-06 23:44 - 2017-12-06 23:44 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-12-06 23:44 - 2017-12-06 23:44 - 000000000 ____D C:\Intel
2017-12-06 23:43 - 2010-10-04 13:02 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-12-06 23:42 - 2017-12-07 00:47 - 000112160 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-12-06 23:42 - 2010-06-08 23:33 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\SET9031.tmp
2017-12-06 23:41 - 2017-12-06 23:47 - 000000000 ____D C:\Program Files\Intel
2017-12-06 23:40 - 2017-12-07 00:02 - 000000000 ____D C:\Windows\system32\sda
2017-12-06 23:40 - 2017-12-06 23:40 - 000001868 _____ C:\Users\Public\Desktop\TOSHIBA Media Controller.lnk
2017-12-06 23:39 - 2017-12-07 00:03 - 000000000 ____D C:\Program Files\Realtek
2017-12-06 23:39 - 2010-01-07 09:05 - 000182304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2017-12-06 23:37 - 2011-02-08 19:08 - 000033616 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\PGEffect.sys
2017-12-06 23:35 - 2017-12-06 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-12-06 23:34 - 2017-12-06 23:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-12-06 23:32 - 2017-12-06 23:32 - 000000000 ____D C:\Program Files\TOH Class Filter
2017-12-06 23:31 - 2017-12-06 23:59 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-12-06 23:31 - 2017-12-06 23:55 - 000000000 ____D C:\Program Files\TOSHIBA
2017-12-06 23:31 - 2017-12-06 23:31 - 000000000 ____D C:\Users\lolo\AppData\Roaming\WinBatch
2017-12-06 23:30 - 2017-12-06 23:51 - 000000000 ____D C:\Program Files\UEFI WinFlash
2017-12-06 23:29 - 2017-12-06 23:29 - 000001417 _____ C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-06 23:29 - 2017-12-06 23:29 - 000000020 ___SH C:\Users\lolo\ntuser.ini
2017-12-06 23:29 - 2017-12-06 23:29 - 000000000 ____D C:\Users\lolo\AppData\Local\VirtualStore
2017-12-06 23:29 - 2017-12-06 23:29 - 000000000 ____D C:\Users\lolo
2017-12-06 23:29 - 2010-11-21 03:46 - 000000000 ____D C:\Users\lolo\AppData\Roaming\Media Center Programs
2017-12-06 23:27 - 2017-12-06 23:27 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-12-06 23:27 - 2017-12-06 23:27 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-12-06 23:26 - 2017-12-06 23:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-07 10:23 - 2009-07-14 07:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-12-07 02:15 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-07 02:15 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-07 02:15 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-07 00:54 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2017-12-07 00:44 - 2011-04-04 20:02 - 011038208 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2017-12-07 00:44 - 2011-04-04 19:24 - 000313856 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-12-07 00:44 - 2011-04-04 19:24 - 000059392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-12-07 00:44 - 2011-04-04 19:23 - 009023488 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-12-07 00:44 - 2011-04-04 19:23 - 000096256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-12-07 00:34 - 2010-11-21 00:01 - 001948618 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-07 00:18 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\rescache
2017-12-07 00:16 - 2010-11-21 03:46 - 000000000 ____D C:\Program Files\Windows Journal
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\winrm
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\WCN
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\slmgr
2017-12-07 00:16 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\DigitalLocker
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-07 00:16 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\DVD Maker
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\oobe
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\MUI
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\migwiz
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Dism
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\servicing
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\IME
2017-12-07 00:16 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-12-07 00:15 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-12-07 00:15 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\com
2017-12-06 23:37 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-06 23:27 - 2009-07-14 07:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-06 23:25 - 2010-11-21 03:46 - 000000000 ____D C:\Windows\CSC
2017-12-06 23:25 - 2009-07-14 07:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed