Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015 Ran by Bilal (administrator) on PAK-BILAL on 07-07-2015 14:03:06 Running from C:\Users\Bilal\Downloads Loaded Profiles: Bilal (Available Profiles: Bilal) Platform: Windows 8.1 (X64) OS Language: Français (France) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-18] () HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard) HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Run: [GoogleChromeAutoLaunch_67DEBAD8C6D90901D7D3E662054FAEB3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.) HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\MountPoints2: {86570f7c-3761-11e4-be84-8434978ccda5} - "F:\DPFMate.exe" HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\MountPoints2: {de65c016-3a9e-11e4-be86-8434978ccda5} - "F:\DPFMate.exe" Startup: C:\Users\Bilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iptv99.rar.lnk [2015-03-22] ShortcutTarget: iptv99.rar.lnk -> C:\ProgramData\{548ffd4f-f2f9-f074-548f-ffd4ff2ff53f}\iptv99.rar.exe (No File) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-578134203-3297583026-2780488463-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.fr.msn.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-578134203-3297583026-2780488463-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = Toolbar: HKU\S-1-5-21-578134203-3297583026-2780488463-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 172.21.0.1 Tcpip\..\Interfaces\{6F8C8BEB-CEDF-4E2B-B320-A0CF96997E7E}: [DhcpNameServer] 172.21.0.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Bilal\AppData\Roaming\Mozilla\Firefox\Profiles\9tv6tdlv.default-1409342946107 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Learn French - Très Bien) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeifanonhefcaphaeeknpklkfnjjmpec [2014-08-22] CHR Extension: (Google Docs) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-22] CHR Extension: (Google Drive) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22] CHR Extension: (YouTube) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-22] CHR Extension: (Adblock Plus) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-22] CHR Extension: (TypingWeb Typing Tutor) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk [2014-08-22] CHR Extension: (Google Search) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-22] CHR Extension: (AirDroid) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-11-03] CHR Extension: (Typing Test - KeyHero) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-08-22] CHR Extension: (Mailorama App) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggkbalhdfhjalmmicijhgeoialfhjia [2014-08-22] CHR Extension: (Google Wallet) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-22] CHR Extension: (ТВ онлайн) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2014-09-21] CHR Extension: (Gmail) - C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-22] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-06-18] (Freemake) [File not signed] R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed] R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-06-24] (CybelSoft) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-08-28] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-06-18] () S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-07 14:01 - 2015-07-07 14:02 - 00037509 _____ C:\Users\Bilal\Downloads\Addition.txt 2015-07-07 13:58 - 2015-07-07 14:03 - 00016818 _____ C:\Users\Bilal\Downloads\FRST.txt 2015-07-07 13:58 - 2015-07-07 14:03 - 00000000 ___DC C:\FRST 2015-07-07 13:56 - 2015-07-07 13:56 - 02112512 _____ (Farbar) C:\Users\Bilal\Downloads\FRST64.exe 2015-07-06 15:29 - 2015-07-06 15:29 - 00007597 _____ C:\Users\Bilal\AppData\Local\Resmon.ResmonCfg 2015-07-06 12:49 - 2015-07-06 12:50 - 94637971 _____ C:\Users\Bilal\Downloads\Khufia Operation, 12 April 2015 Samaa Tv.mp4 2015-07-06 12:47 - 2015-07-06 12:48 - 100925634 _____ C:\Users\Bilal\Downloads\Khufia Operation, 05 April 2015 Samaa Tv.mp4 2015-07-03 17:10 - 2015-07-03 17:10 - 00000000 ____D C:\Users\Bilal\AppData\Roaming\IDT 2015-07-03 17:01 - 2015-07-03 17:01 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2015-07-03 17:01 - 2012-08-19 21:45 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2015-07-03 17:01 - 2012-08-19 21:45 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl 2015-07-03 17:01 - 2012-08-19 21:45 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe 2015-07-03 17:01 - 2011-05-02 14:27 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll 2015-07-03 17:01 - 2011-05-02 14:27 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll 2015-07-03 17:01 - 2011-05-02 14:27 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll 2015-07-03 17:01 - 2011-05-02 14:27 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll 2015-07-03 16:59 - 2012-08-19 21:45 - 02188800 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll 2015-07-03 16:59 - 2012-08-19 21:45 - 00671744 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll 2015-07-03 16:59 - 2012-08-19 21:45 - 00542208 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys 2015-07-03 16:59 - 2012-08-19 21:45 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll 2015-07-03 16:59 - 2012-08-19 21:45 - 00255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646425.dll 2015-07-03 16:52 - 2015-07-03 17:13 - 00319488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\HideWin.exe 2015-07-02 20:04 - 2015-07-02 20:04 - 00001068 _____ C:\WINDOWS\PFRO.log 2015-06-29 17:19 - 2015-06-29 17:20 - 219463426 _____ C:\Users\Bilal\Downloads\-épisode 10- l'histoire du prophète -YOUSSEF-.mp4 2015-06-29 17:18 - 2015-06-29 17:19 - 69838239 _____ C:\Users\Bilal\Downloads\-épisode 9- l'histoire du prophète -CHU3AYB-.mp4 2015-06-29 17:17 - 2015-06-29 17:17 - 75196815 _____ C:\Users\Bilal\Downloads\-épisode 8- l'histoire du prophète -LOT-.mp4 2015-06-29 17:16 - 2015-06-29 17:17 - 223842275 _____ C:\Users\Bilal\Downloads\-épisode 7- l'histoire du prophète -Ibrahim-.mp4 2015-06-29 17:15 - 2015-06-29 17:15 - 53181421 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E06 [Salih] vostfr.mp4 2015-06-29 17:14 - 2015-06-29 17:15 - 55919105 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E05 [Houd] vostfr.mp4 2015-06-29 16:30 - 2015-06-29 16:30 - 62012731 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E04 [Noé-2-] vostfr.mp4 2015-06-29 16:28 - 2015-06-29 16:28 - 57465890 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E03 [Noé-1-] vostfr.mp4 2015-06-29 16:27 - 2015-06-29 16:27 - 65450940 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E02 [Adam-2-] vostfr (1).mp4 2015-06-29 16:26 - 2015-06-29 16:27 - 65450940 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E02 [Adam-2-] vostfr.mp4 2015-06-29 16:26 - 2015-06-29 16:26 - 61945325 _____ C:\Users\Bilal\Downloads\ISLAM Les Histoires des Prophètes E01 [Adam-1-] vostfr.mp4 2015-06-29 16:18 - 2015-06-29 16:25 - 1468860050 _____ C:\Users\Bilal\Downloads\Samba.2014.FRENCH.DVDRip.XviD.AC3.avi 2015-06-29 14:07 - 2015-06-29 15:08 - 1413006382 _____ C:\Users\Bilal\Downloads\Memento.2000.REMASTERED.FRENCH.SUBFORCED.BRRip.x264.AC3-FUNKY.zone-telechargement.com.mkv 2015-06-25 15:25 - 2015-06-25 15:25 - 00003080 _____ C:\WINDOWS\System32\Tasks\{8824CDDB-E7DB-4AAF-8D15-5592B7F8BFCE} 2015-06-25 14:16 - 2015-06-25 14:16 - 00000000 ____D C:\Users\Bilal\AppData\Local\FreemakeVideoConverter 2015-06-25 14:15 - 2015-06-25 14:16 - 00000000 ____D C:\Users\Bilal\Documents\Freemake 2015-06-25 14:15 - 2015-06-25 14:15 - 00001336 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk 2015-06-25 14:15 - 2015-06-25 14:15 - 00000000 ____D C:\Users\Bilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2015-06-25 14:15 - 2015-06-25 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2015-06-25 14:15 - 2015-06-25 14:15 - 00000000 ____D C:\ProgramData\Freemake 2015-06-25 14:14 - 2015-06-25 14:15 - 00000000 ___DC C:\Program Files (x86)\Freemake 2015-06-25 14:14 - 2015-06-25 14:14 - 00000000 ____D C:\Users\Bilal\AppData\Roaming\RPEng 2015-06-24 19:28 - 2015-06-26 18:16 - 00000000 ____D C:\Users\Bilal\Desktop\islam1 2015-06-23 15:03 - 2015-06-23 15:03 - 02244096 _____ C:\Users\Bilal\Downloads\AdwCleaner.exe 2015-06-22 17:11 - 2015-06-22 17:11 - 00000000 ___DC C:\Program Files (x86)\RealtimeBoard Extension 2015-06-22 17:06 - 2015-07-05 17:06 - 00000374 _____ C:\WINDOWS\Tasks\IceApps.job 2015-06-20 20:02 - 2015-07-07 13:38 - 00003198 _____ C:\WINDOWS\setupact.log 2015-06-20 20:02 - 2015-06-20 20:02 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-06-18 17:33 - 2015-06-18 17:33 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2015-06-18 17:32 - 2015-06-18 17:32 - 00000000 ___DC C:\Program Files\Enigma Software Group 2015-06-18 17:26 - 2015-07-06 17:15 - 00000024 _____ C:\Users\Bilal\AppData\Roaming\appdataFr25.bin 2015-06-18 17:23 - 2015-07-05 17:23 - 00000374 _____ C:\WINDOWS\Tasks\EasyUpgrade.job 2015-06-18 17:23 - 2015-06-18 17:23 - 00003260 _____ C:\WINDOWS\System32\Tasks\EasyUpgrade 2015-06-16 17:23 - 2015-07-05 17:23 - 00000374 _____ C:\WINDOWS\Tasks\PasswordMumbo.job 2015-06-16 17:23 - 2015-06-16 17:23 - 00003260 _____ C:\WINDOWS\System32\Tasks\PasswordMumbo 2015-06-14 21:34 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-06-14 21:34 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-06-14 21:34 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-06-14 16:40 - 2015-06-05 15:16 - 726113852 _____ C:\Users\Bilal\Downloads\World4uFRee.cc_iskdari7pd.avi 2015-06-13 15:20 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-06-13 15:20 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-06-13 15:20 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-06-13 15:20 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-06-13 15:20 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-06-13 15:20 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-06-13 15:20 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-13 15:20 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-13 15:20 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-06-13 15:20 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-06-13 15:20 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-13 15:20 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-06-13 15:20 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-06-13 15:20 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-13 15:20 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-06-13 15:20 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-06-13 15:20 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-13 15:19 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-06-13 15:19 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-06-13 15:19 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-06-13 15:19 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-06-13 15:19 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-06-13 15:19 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-06-13 15:19 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-06-13 15:19 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-06-13 15:19 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-13 15:19 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-06-13 15:19 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-13 15:19 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-13 15:19 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-10 22:03 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-10 22:03 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-10 22:03 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-10 22:03 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-10 22:03 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-10 22:03 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-10 22:03 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-10 22:03 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-10 22:03 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-10 22:03 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-10 22:03 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-10 22:03 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-06-10 22:03 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-10 22:03 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-10 22:03 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-10 22:03 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-10 22:03 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-10 22:03 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-10 22:03 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-10 22:03 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-10 22:03 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-10 22:03 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-10 22:03 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-10 22:03 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-10 22:03 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-06-10 22:03 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-10 22:03 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-10 22:03 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-06-10 22:03 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-06-10 22:03 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-10 22:03 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-06-10 22:03 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-06-10 22:03 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-06-10 22:03 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-06-10 22:03 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-10 22:03 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-10 22:03 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-10 22:03 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-06-10 22:03 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-10 22:03 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-06-10 22:03 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-10 22:03 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-10 22:01 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-07 14:02 - 2015-05-21 18:09 - 01831379 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-07 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-07-07 13:41 - 2014-08-28 23:21 - 00000000 ___DO C:\Users\Bilal\OneDrive 2015-07-07 13:38 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-07 13:37 - 2014-08-29 17:31 - 00000000 ___DC C:\AdwCleaner 2015-07-07 13:37 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-07-07 13:07 - 2014-09-03 22:25 - 00003940 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3208E63A-5061-401C-B804-CBAE23070767} 2015-07-07 13:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-07-06 13:25 - 2014-08-25 00:22 - 01642496 ___SH C:\Users\Bilal\Downloads\Thumbs.db 2015-07-05 17:06 - 2015-05-25 17:06 - 00000382 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job 2015-07-05 14:44 - 2014-08-22 15:34 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-578134203-3297583026-2780488463-1002 2015-07-05 12:08 - 2014-10-09 21:51 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-07-03 17:21 - 2014-08-22 12:55 - 00000000 ___DC C:\Program Files\IDT 2015-07-03 17:21 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup 2015-07-03 16:47 - 2014-12-26 18:43 - 00000000 __SHD C:\Users\Bilal\AppData\Local\EmieBrowserModeList 2015-07-03 16:47 - 2014-09-03 22:25 - 00000000 __SHD C:\Users\Bilal\AppData\Local\EmieUserList 2015-07-03 16:47 - 2014-09-03 22:25 - 00000000 __SHD C:\Users\Bilal\AppData\Local\EmieSiteList 2015-06-30 12:49 - 2014-08-22 15:27 - 00000000 ____D C:\Users\Bilal\AppData\Local\Packages 2015-06-26 18:09 - 2014-03-18 12:02 - 02025010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-06-26 18:09 - 2014-03-18 11:26 - 00886220 _____ C:\WINDOWS\system32\perfh00C.dat 2015-06-26 18:09 - 2014-03-18 11:26 - 00191910 _____ C:\WINDOWS\system32\perfc00C.dat 2015-06-25 15:16 - 2014-08-24 20:26 - 00000000 ____D C:\Users\Bilal\AppData\Roaming\vlc 2015-06-25 14:26 - 2015-01-15 16:36 - 00001334 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-25 12:58 - 2014-08-25 00:21 - 00000000 ___DC C:\FFOutput 2015-06-25 01:08 - 2014-08-24 21:36 - 00000000 ____D C:\Users\Bilal\AppData\Local\CrashDumps 2015-06-24 17:17 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-24 16:56 - 2015-05-17 20:25 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-06-23 15:11 - 2015-06-03 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-23 15:11 - 2015-01-15 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-23 15:11 - 2014-12-29 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid 2015-06-23 15:11 - 2014-08-24 21:09 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-06-23 15:11 - 2014-08-24 21:09 - 00001061 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-06-23 15:11 - 2014-08-22 15:28 - 00001015 _____ C:\Users\Bilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-22 15:10 - 2014-08-29 17:52 - 00000000 ____D C:\Users\Bilal\Desktop\IslamBook 2015-06-20 20:05 - 2014-08-26 23:49 - 00052131 ____H C:\Users\Bilal\Desktop\~WRL0005.tmp 2015-06-20 05:02 - 2015-03-13 17:07 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-20 05:02 - 2015-03-13 17:07 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-17 12:50 - 2014-08-24 19:12 - 00000000 ____D C:\Users\Bilal\Documents\Bilal 2015-06-17 12:43 - 2015-05-21 19:51 - 00000000 ____D C:\Users\Bilal\Documents\Pref 2015-06-16 17:29 - 2015-04-16 12:43 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-06-16 17:29 - 2014-08-25 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-06-16 17:29 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-06-15 18:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-06-15 17:02 - 2015-01-01 15:47 - 00000000 ____D C:\Users\Bilal\AppData\Roaming\Kodi 2015-06-14 13:46 - 2014-08-22 22:13 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-13 16:34 - 2014-08-22 22:12 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-11 21:28 - 2015-03-18 23:36 - 00000000 ____D C:\Users\Bilal\AppData\Local\Popcorn-Time 2015-06-11 17:29 - 2014-08-24 21:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-11 17:28 - 2014-08-25 00:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-06-11 10:44 - 2013-08-22 16:44 - 05111160 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-11 10:42 - 2014-08-24 21:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-10 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-06-10 23:49 - 2012-07-26 07:26 - 00000269 _____ C:\WINDOWS\win.ini 2015-06-07 16:12 - 2014-08-24 21:13 - 00000000 ____D C:\Users\Bilal\Desktop\Jawiria ==================== Files in the root of some directories ======= 2015-06-18 17:26 - 2015-07-06 17:15 - 0000024 _____ () C:\Users\Bilal\AppData\Roaming\appdataFr25.bin 2015-03-23 22:21 - 2015-03-23 22:21 - 0000036 _____ () C:\Users\Bilal\AppData\Roaming\SuYZkvrV.tmp 2015-01-27 18:05 - 2015-01-27 19:18 - 0001456 _____ () C:\Users\Bilal\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2014-08-22 17:40 - 2014-08-22 17:40 - 0631560 _____ (ClickMeIn Limited) C:\Users\Bilal\AppData\Local\nsa9DE8.tmp 2015-07-06 15:29 - 2015-07-06 15:29 - 0007597 _____ () C:\Users\Bilal\AppData\Local\Resmon.ResmonCfg 2015-03-23 16:14 - 2015-03-23 16:15 - 0011674 _____ () C:\Users\Bilal\AppData\Local\Temp-log.txt 2014-08-29 00:37 - 2014-08-29 00:38 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Some files in TEMP: ==================== C:\Users\Bilal\AppData\Local\Temp\EsgInstallerx64Stub.exe C:\Users\Bilal\AppData\Local\Temp\FreemakeVideoConverterFull.exe C:\Users\Bilal\AppData\Local\Temp\Quarantine.exe C:\Users\Bilal\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-24 17:08 ==================== End of log ============================