Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017 Ran by نبيل (administrator) on 1111 (23-08-2017 14:14:34) Running from C:\Users\نبيل\Desktop Loaded Profiles: نبيل (Available Profiles: نبيل) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: الإنجليزية (الولايات المتحدة)‏ Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Microsoft Corporation) C:\Windows\System32\DFDWiz.exe (Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (IObit) C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe (IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064 2010-03-11] (Synaptics Incorporated) HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-27] (Adobe Systems Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-02-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [879208 2012-02-28] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7680216 2017-08-03] (Piriform Ltd) HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [GoogleChromeAutoLaunch_B4EE23FCB21167FDD2BA3A8B013EDF05] => C:\Program Files\Google\Chrome\Application\chrome.exe [1131864 2017-08-11] (Google Inc.) HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3966064 2016-08-05] (Tonec Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{99153812-337D-4230-A037-B2D4304C8070}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3183927018-2194346283-209393716-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ae/?ocid=iehp BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.) BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-08] (IObit) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-27] (Adobe Systems Incorporated) FireFox: ======== FF DefaultProfile: 2pvjyf2l.default FF ProfilePath: C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default [2017-08-23] FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\نبيل\AppData\Roaming\Mozilla\Firefox\Profiles\2pvjyf2l.default\Extensions\firefox@zenmate.com.xpi [2017-08-22] FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\نبيل\AppData\Roaming\IDM\idmmzcc5 [2017-08-23] [not signed] FF HKU\S-1-5-21-3183927018-2194346283-209393716-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-08-03] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_39.dll [2017-08-22] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-22] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-27] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default [2017-08-23] CHR Extension: (عروض Google التقديمية) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-22] CHR Extension: (محرّر مستندات Google) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-22] CHR Extension: (Google Drive) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-22] CHR Extension: (Youtube) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-22] CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-08-22] CHR Extension: (جداول بيانات Google ) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-22] CHR Extension: (مستندات Google في وضع عدم الاتصال) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-22] CHR Extension: (IDM Integration Module) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-08-22] CHR Extension: (Chrome Web Store Payments) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-22] CHR Extension: (Chrome Media Router) - C:\Users\نبيل\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-22] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-08-05] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-28] (Realsil Microelectronics Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-08] (IObit) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes) R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S2 LDrvSvc; C:\Program Files\OSTotoSoft\DriverTalent\LDrvSvc.dll [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-08-22] (ELAN Microelectronic Corp.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-22] (REALiX(tm)) R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [10861056 2017-08-22] (Intel Corporation) [File not signed] S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [309216 2017-08-22] (Realsil Semiconductor Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-23 14:14 - 2017-08-23 14:14 - 000010588 _____ C:\Users\نبيل\Desktop\FRST.txt 2017-08-23 14:14 - 2017-08-23 14:14 - 000000000 ____D C:\FRST 2017-08-23 14:13 - 2017-08-23 14:13 - 001792512 _____ (Farbar) C:\Users\نبيل\Desktop\FRST.exe 2017-08-23 14:12 - 2017-08-23 14:12 - 009718621 _____ C:\Users\نبيل\Desktop\557151233.mp4 2017-08-23 02:14 - 2017-08-23 02:15 - 030950664 _____ C:\Users\نبيل\Desktop\vlc-2.2.6-win32.exe 2017-08-23 02:03 - 2017-08-23 02:04 - 035772800 _____ (Adlice Software ) C:\Users\نبيل\Desktop\RogueKiller_setup_ref3.exe 2017-08-23 01:51 - 2017-08-23 01:55 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ZHP 2017-08-23 01:51 - 2017-08-23 01:51 - 000000900 _____ C:\Users\نبيل\Desktop\ZHPCleaner.lnk 2017-08-22 23:46 - 2017-08-23 01:35 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IDM 2017-08-22 23:46 - 2017-08-22 23:46 - 000000979 _____ C:\Users\نبيل\Desktop\Internet Download Manager.lnk 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Windows\DMCache 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Video 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\Downloads\Compressed 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\ProgramData\IDM 2017-08-22 23:46 - 2017-08-22 23:46 - 000000000 ____D C:\Program Files\Internet Download Manager 2017-08-22 23:26 - 2017-08-23 01:51 - 000000000 ____D C:\Users\نبيل\AppData\Local\ZHP 2017-08-22 23:10 - 2017-08-22 23:24 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\Mozilla 2017-08-22 23:09 - 2017-08-22 23:14 - 000000000 ____D C:\Users\نبيل\AppData\Local\Mozilla 2017-08-22 23:09 - 2017-08-22 23:10 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Mozilla 2017-08-22 23:06 - 2017-08-23 14:11 - 000085400 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-08-22 23:06 - 2017-08-23 14:11 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-08-22 23:06 - 2017-08-23 14:10 - 000221600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-08-22 23:06 - 2017-08-23 14:10 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-08-22 23:06 - 2017-08-23 01:34 - 000162240 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-08-22 23:06 - 2017-08-22 23:06 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-08-22 23:06 - 2017-08-22 23:06 - 000000000 ____D C:\Program Files\Malwarebytes 2017-08-22 23:06 - 2017-06-27 12:06 - 000059936 _____ C:\Windows\system32\Drivers\mbae.sys 2017-08-22 22:35 - 2017-08-22 22:35 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-22 22:35 - 2017-08-22 22:35 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-08-22 22:34 - 2017-08-23 01:34 - 020239872 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2017-08-22 22:03 - 2017-08-22 22:03 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Adobe 2017-08-22 21:58 - 2017-08-23 02:15 - 000638032 _____ C:\Windows\system32\perfh00C.dat 2017-08-22 21:58 - 2017-08-23 02:15 - 000435188 _____ C:\Windows\system32\perfh001.dat 2017-08-22 21:58 - 2017-08-23 02:15 - 000107856 _____ C:\Windows\system32\perfc00C.dat 2017-08-22 21:58 - 2017-08-23 02:15 - 000076298 _____ C:\Windows\system32\perfc001.dat 2017-08-22 21:58 - 2017-08-22 21:56 - 000344522 _____ C:\Windows\system32\perfi00C.dat 2017-08-22 21:58 - 2017-08-22 21:56 - 000289060 _____ C:\Windows\system32\perfi001.dat 2017-08-22 21:58 - 2017-08-22 21:56 - 000042056 _____ C:\Windows\system32\perfd001.dat 2017-08-22 21:58 - 2017-08-22 21:56 - 000038160 _____ C:\Windows\system32\perfd00C.dat 2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\XPSViewer 2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\fr 2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\ar 2017-08-22 21:57 - 2017-08-22 21:57 - 000000000 ____D C:\Windows\system32\040C 2017-08-22 13:06 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Panther 2017-08-22 12:58 - 2017-08-22 12:58 - 000000000 ____D C:\Windows.old 2017-08-22 12:57 - 2012-06-11 19:00 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2017-08-22 12:56 - 2017-08-22 12:56 - 000000000 ____D C:\Program Files\Common Files\postureAgent 2017-08-22 12:56 - 2009-09-17 22:54 - 000041088 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECI.sys 2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2017-08-22 12:55 - 2017-08-22 12:55 - 000000000 ____D C:\Program Files\Synaptics 2017-08-22 12:54 - 2017-08-22 04:18 - 000000000 ____D C:\Windows\system32\sda 2017-08-22 12:54 - 2017-08-22 04:06 - 000000000 ____D C:\Program Files\Realtek 2017-08-22 12:54 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Intel 2017-08-22 12:54 - 2010-01-07 19:05 - 007367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStoricon.dll 2017-08-22 12:54 - 2010-01-07 19:05 - 000313888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll 2017-08-22 12:54 - 2010-01-07 19:05 - 000182304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys 2017-08-22 12:54 - 2009-11-19 02:03 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll 2017-08-22 12:53 - 2017-08-22 12:53 - 048572928 _____ C:\TOSHIBA Face Recognition.msi 2017-08-22 12:53 - 2017-08-22 12:53 - 000008192 _____ C:\1033.MST 2017-08-22 12:53 - 2017-08-22 12:53 - 000006187 _____ C:\0x0409.ini 2017-08-22 12:53 - 2017-08-22 12:53 - 000001798 _____ C:\Users\Public\Desktop\TOSHIBA Assist.lnk 2017-08-22 12:52 - 2017-08-22 12:58 - 000000000 ____D C:\Program Files\TOSHIBA 2017-08-22 12:52 - 2017-08-22 12:52 - 000057560 _____ C:\Users\نبيل\AppData\Local\GDIPFONTCACHEV1.DAT 2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Toshiba 2017-08-22 12:52 - 2017-08-22 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2017-08-22 12:52 - 2017-08-22 04:06 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\WinRAR 2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-08-22 12:47 - 2017-08-22 12:47 - 000000000 ____D C:\Program Files\WinRAR 2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\ElevatedDiagnostics 2017-08-22 12:37 - 2017-08-22 12:37 - 000000000 ____D C:\KVRT_Data 2017-08-22 12:36 - 2017-08-22 12:36 - 000000000 ____D C:\Windows\pss 2017-08-22 12:24 - 2017-08-22 12:24 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-08-22 12:24 - 2017-08-22 12:24 - 000000000 ____D C:\Program Files\CCleaner 2017-08-22 12:20 - 2017-08-22 12:20 - 000000000 ____D C:\ProgramData\EMCO 2017-08-22 12:19 - 2017-08-22 12:19 - 000001413 _____ C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-08-22 12:19 - 2017-08-22 12:19 - 000000020 ___SH C:\Users\نبيل\ntuser.ini 2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل\AppData\Local\VirtualStore 2017-08-22 12:19 - 2017-08-22 12:19 - 000000000 ____D C:\Users\نبيل 2017-08-22 12:19 - 2010-11-21 03:46 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\Media Center Programs 2017-08-22 12:11 - 2017-08-22 12:11 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2017-08-22 12:10 - 2017-08-22 12:10 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2017-08-22 12:09 - 2017-08-22 12:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 __RHD C:\MSOCache 2017-08-22 04:23 - 2017-08-22 04:23 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2017-08-22 04:23 - 2017-08-22 04:23 - 000002094 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\ProductData 2017-08-22 04:23 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2017-08-22 04:09 - 2012-06-11 19:00 - 000552080 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2017-08-22 04:09 - 2012-06-11 19:00 - 000080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2017-08-22 04:07 - 2017-08-22 04:07 - 000000000 ____D C:\Windows\system32\RTCOM 2017-08-22 04:06 - 2017-08-22 04:07 - 000000000 ___HD C:\Program Files\Temp 2017-08-22 04:06 - 2012-02-28 19:00 - 007783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 007161696 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 003954024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2017-08-22 04:06 - 2012-02-28 19:00 - 003383400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 002729472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2017-08-22 04:06 - 2012-02-28 19:00 - 002401896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 002190400 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001698408 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2017-08-22 04:06 - 2012-02-28 19:00 - 001379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 001099096 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000693592 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000617064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000421744 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000398192 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000351072 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000335216 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000238772 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2017-08-22 04:06 - 2012-02-28 19:00 - 000232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000192104 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000103776 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000088928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000085096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000062304 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll 2017-08-22 04:06 - 2012-02-28 19:00 - 000000852 ____N C:\Windows\system32\Drivers\RTKHDRC0.dat 2017-08-22 04:06 - 2012-02-28 19:00 - 000000712 ____N C:\Windows\system32\Drivers\RTEQEX0.dat 2017-08-22 04:06 - 2012-02-28 19:00 - 000000048 _____ C:\Windows\system32\Drivers\rtkhdaud.dat 2017-08-22 04:06 - 2012-02-28 19:00 - 000000032 ____N C:\Windows\system32\Drivers\RTOBEQ0.dat 2017-08-22 03:56 - 2017-08-22 03:56 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2017-08-22 03:56 - 2017-08-22 03:56 - 000001989 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk 2017-08-22 03:55 - 2017-08-22 03:56 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\ProgramData\Adobe 2017-08-22 03:55 - 2017-08-22 03:55 - 000000000 ____D C:\Program Files\Adobe 2017-08-22 03:54 - 2017-08-23 01:34 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-08-22 03:54 - 2017-08-23 01:34 - 000000000 ____D C:\Windows\system32\Macromed 2017-08-22 03:54 - 2017-08-22 03:55 - 000692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-08-22 03:54 - 2017-08-22 03:55 - 000071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-08-22 03:48 - 2017-08-22 03:48 - 000000000 ____D C:\Program Files\Broadcom 2017-08-22 03:48 - 2017-08-22 03:47 - 003866624 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll 2017-08-22 03:48 - 2017-08-22 03:47 - 003555328 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll 2017-08-22 03:48 - 2017-08-22 03:47 - 002707448 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS 2017-08-22 03:48 - 2017-08-22 03:47 - 000091376 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2017-08-22 03:48 - 2017-08-22 03:47 - 000006656 _____ C:\Windows\system32\bcmwlrc.dll 2017-08-22 03:45 - 2009-07-13 19:00 - 000023512 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZ_O.SYS 2017-08-22 03:41 - 2017-08-22 23:51 - 000000000 ____D C:\Windows\Minidump 2017-08-22 03:37 - 2017-08-22 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent 2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\Users\Public\Thunder Network 2017-08-22 03:27 - 2017-08-22 03:27 - 000000000 ____D C:\ProgramData\Thunder Network 2017-08-22 03:26 - 2017-08-22 21:48 - 000000000 ____D C:\Program Files\OSTotoSoft 2017-08-22 03:26 - 2017-08-22 04:20 - 000000000 ____D C:\ProgramData\DriverTalent 2017-08-22 03:26 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\DriverTalent 2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ C:\ProgramData\serverclasscache.ini 2017-08-22 03:16 - 2017-08-22 03:16 - 000000000 ____D C:\Users\نبيل\AppData\Local\TOSHIBA_Corporation 2017-08-22 03:15 - 2017-08-22 04:13 - 000000000 ____D C:\Intel 2017-08-22 03:15 - 2017-08-22 03:15 - 000048504 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tosrfec.sys 2017-08-22 03:15 - 2017-08-22 03:15 - 000000000 ____D C:\Program Files\Common Files\Intel 2017-08-22 03:14 - 2017-08-22 03:14 - 010861056 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys 2017-08-22 03:14 - 2017-08-22 03:14 - 008196080 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe 2017-08-22 03:14 - 2017-08-22 03:14 - 001921265 _____ C:\Windows\system32\iglhxa32.cpa 2017-08-22 03:14 - 2017-08-22 03:14 - 000867020 _____ C:\Windows\system32\igkrng575.bin 2017-08-22 03:14 - 2017-08-22 03:14 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2017-08-22 03:14 - 2017-08-22 03:14 - 000153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2017-08-22 03:14 - 2017-08-22 03:14 - 000094208 _____ C:\Windows\system32\IccLibDll.dll 2017-08-22 03:14 - 2017-08-22 03:14 - 000081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2993.dll 2017-08-22 03:14 - 2017-08-22 03:14 - 000076472 _____ C:\Windows\system32\iglhxs32.vp 2017-08-22 03:14 - 2017-08-22 03:14 - 000059244 _____ C:\Windows\system32\iglhxc32.vp 2017-08-22 03:14 - 2017-08-22 03:14 - 000059020 _____ C:\Windows\system32\iglhxg32.vp 2017-08-22 03:14 - 2017-08-22 03:14 - 000058683 _____ C:\Windows\system32\iglhxo32.vp 2017-08-22 03:14 - 2017-08-22 03:14 - 000001074 _____ C:\Windows\system32\iglhxa32.vp 2017-08-22 03:13 - 2017-08-22 22:35 - 000000000 ____D C:\Program Files\Google 2017-08-22 03:13 - 2017-08-22 22:34 - 000000000 ____D C:\Users\نبيل\AppData\Local\Deployment 2017-08-22 03:13 - 2017-08-22 03:37 - 000000000 ____D C:\Users\نبيل\AppData\Local\Google 2017-08-22 03:13 - 2017-08-22 03:13 - 000000000 ____D C:\Users\نبيل\AppData\Local\Apps\2.0 2017-08-22 03:12 - 2017-08-22 03:12 - 009890816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsCRIcon.dll 2017-08-22 03:12 - 2017-08-22 03:12 - 000309216 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys 2017-08-22 03:12 - 2017-08-22 03:12 - 000074752 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX.dll 2017-08-22 03:09 - 2017-08-22 03:09 - 000132480 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys 2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf 2017-08-22 03:09 - 2017-08-22 03:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf 2017-08-22 03:09 - 2012-07-26 06:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2017-08-22 03:09 - 2012-07-26 06:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2017-08-22 03:09 - 2012-07-26 05:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2017-08-22 03:09 - 2012-06-02 17:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2017-08-22 03:08 - 2017-08-22 03:08 - 001637784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2017-08-22 03:08 - 2017-08-22 03:08 - 000028744 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys 2017-08-22 03:04 - 2017-08-23 02:02 - 000000000 ____D C:\ProgramData\IObit 2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\LocalLow\IObit 2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\ProgramData\ProductData 2017-08-22 03:04 - 2017-08-22 04:23 - 000000000 ____D C:\Program Files\IObit 2017-08-22 03:04 - 2017-08-22 04:21 - 000002220 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk 2017-08-22 03:04 - 2017-08-22 03:04 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\Windows\IObit 2017-08-22 03:04 - 2017-08-22 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4 2017-08-22 03:03 - 2017-08-22 04:23 - 000000000 ____D C:\Users\نبيل\AppData\Roaming\IObit ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-23 14:10 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-23 02:29 - 2009-07-14 07:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-23 02:15 - 2010-11-21 00:01 - 001948618 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-23 02:15 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf 2017-08-22 21:58 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\rescache 2017-08-22 21:57 - 2010-11-21 03:46 - 000000000 ____D C:\Program Files\Windows Journal 2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\winrm 2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\WCN 2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\slmgr 2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2017-08-22 21:57 - 2010-11-21 03:38 - 000000000 ____D C:\Windows\DigitalLocker 2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Sidebar 2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Windows Defender 2017-08-22 21:57 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\DVD Maker 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\sysprep 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Setup 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\oobe 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\MUI 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\migwiz 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\Dism 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\com 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\servicing 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\IME 2017-08-22 21:57 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\System 2017-08-22 13:06 - 2009-07-14 07:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2017-08-22 12:17 - 2009-07-14 07:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-22 12:11 - 2009-07-14 07:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-08-22 12:07 - 2010-11-21 03:46 - 000000000 ____D C:\Windows\CSC 2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lv-LV 2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\lt-LT 2017-08-22 03:48 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\et-EE ==================== Files in the root of some directories ======= 2017-08-22 03:26 - 2017-08-22 03:26 - 000000027 _____ () C:\ProgramData\serverclasscache.ini Some files in TEMP: ==================== 2017-08-22 03:32 - 2017-06-28 06:05 - 000172200 _____ () C:\Users\نبيل\AppData\Local\Temp\substat.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-08-22 12:07 ==================== End of FRST.txt ============================