cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.6.30.77 by Nicolas Coolman (2015\06\30)
~ Run by kader (Administrator) (2015/07/01 17:24:55)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\kader\Desktop\ZHPDiag.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)

---\\ Internet Browsers (2) - 0s
MFIE: Mozilla v38.0.5
MSIE: Internet Explorer v11.0.9600.17842

---\\ Windows Product Information (4) - 5s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 2063660
~ System Restore: Activé (Enable)
~ System drive C: has 87 GB free of 136 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: AMAMRA
~ User Name: kader
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 87 GB free of 136 GB (System)
~ Drive D: has 79 GB free of 79 GB
~ Drive F: has 43 GB free of 69 GB

---\\ State of the Windows Security Center (11) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (22) - 0s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2501368]
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [54784]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [145920]
[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2426880]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800]
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [108544]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.1BD3022FD6E450B00DE560265638FD2A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [112640]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [310080]

---\\ Process running (29) - 5s
[MD5.ACD4AF1B9D6E6C0C5BE470E5CF313FE6] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880] [PID.888]
[MD5.039ACFA07F59DB2109BB6A2C0FA2C0D9] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.3.) -- C:\Windows\system32\nvvsvc.exe [937616] [PID.76]
[MD5.D2B4376F9F36C5873A6CF99EF5750724] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768] [PID.388]
[MD5.BC9AD18B635F3EFFF7AB2AED354B1150] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1253192] [PID.540]
[MD5.039ACFA07F59DB2109BB6A2C0FA2C0D9] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.3.) -- C:\Windows\system32\nvvsvc.exe [937616] [PID.432]
[MD5.FB51E8E39E3FDB6757874653B743BE72] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576] [PID.1840]
[MD5.55FC14B287C6FF306C32B42628CE0D8C] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656] [PID.1928]
[MD5.DFF1EDB65851EEB7A4A83BF0E68EF44B] - (.IObit - Product Updater.) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376] [PID.1984]
[MD5.22544393B0C597DED7686D4E8F851A23] - (.IObit - Performance Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [1773856] [PID.1684]
[MD5.2D4278AACADDE4A5CCE979C227E3648C] - (.IObit - Smart Defrag v4.) -- C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [4459808] [PID.2012]
[MD5.6DD50F7ABA4443A4032E3893D36A14C2] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2823496] [PID.1540]
[MD5.DCAA93D28D6FC75A4D80AE410008BA90] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008] [PID.2524]
[MD5.A9D14EDD8255B3B2E4918440F7B314C3] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376] [PID.2640]
[MD5.CC465ECBC1700B2D91E152ED9165994A] - (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608] [PID.2956]
[MD5.493BB6A50ECD60399EF4602E0EB45896] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [7902864] [PID.3300]
[MD5.A9D14EDD8255B3B2E4918440F7B314C3] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376] [PID.3316]
[MD5.0F9B415B6348F5669B860994DC18604A] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2448200] [PID.3540]
[MD5.958E956E119EB7B9ABA142AFED1B5FF4] - (...) -- C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760] [PID.3996]
[MD5.D9133D4157664B1E2ACFC2CD56CCB599] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704] [PID.3024]
[MD5.B892C7289661D8A7CC6B4D7C45B760AA] - (.Zemana Ltd. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12235120] [PID.3932]
[MD5.C6CF3BBD590309E9C01FAA79C1B8A1E2] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848] [PID.4728]
[MD5.F346EA26FA420B44720D56C33EE338C7] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13877464] [PID.4756]
[MD5.B892C7289661D8A7CC6B4D7C45B760AA] - (.Zemana Ltd. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12235120] [PID.4392]
[MD5.82B7818E65417E0F1C8BE93CD15E12CA] - (.IObit - .) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [1089312] [PID.1692]
[MD5.07782C388EDDB13CB0A1040F7E1DDCDC] - (.CopyRight© 2005-2014 - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe [1106720] [PID.5456]
[MD5.3AE97CB476F6DF4DFA0B4378E9DD9A81] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3898960] [PID.6088]
[MD5.422963B9386FD4052AA766A6575ED8DE] - (.IObit - Advanced SystemCare 8.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728] [PID.5448]
[MD5.4738DC864215B00B886E27A8D18CC326] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.5848]
[MD5.6241810294275CEA59EBA9733080E5EE] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.3868]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (13) - 1s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@photodex.com/PhotodexPresenter] - (.Photodex Corporation.) -- C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (32)

---\\ Browser Helper Object (BHO) (O2) (1) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

---\\ Auto loading programs from Registry and folders (O4) (4) - 0s
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Advanced SystemCare 8] . (.IObit - Advanced SystemCare 8.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
O4 - HKUS\S-1-5-21-3235100897-2807536538-590896914-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3235100897-2807536538-590896914-1001\..\Run: [Advanced SystemCare 8] . (.IObit - Advanced SystemCare 8.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

---\\ Lop.com/Domain Hijackers (O17) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (19) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.3.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: ScsiAccess (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: ZAM Controller Service (ZAMSvc) . (.Zemana Ltd. - ZAM.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service: ({0CBD4F48-3751-475D-BE88-4F271385B672}) . (.SHADOWDEFENDER.COM - Shadow Defender Service Application.) - C:\Program Files\Shadow Defender\Service.exe

---\\ Task Planned Automatically (O39) (18) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\ASC8_SkipUac_kader.job [256]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3235100897-2807536538-590896914-1001Core.job [1040]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3235100897-2807536538-590896914-1001UA.job [1092]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Uninstaller_SkipUac_kader.job [292]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-amamra-kader [3498]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\ASC8_PerformanceMonitor [3180]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\ASC8_SkipUac_kader [2356]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3235100897-2807536538-590896914-1001Core [3658]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3235100897-2807536538-590896914-1001UA [4038]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SmartDefrag4_Startup [3180]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SmartDefrag4_Update [3178]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_kader [2392]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{031E9FF0-C1ED-4311-A129-3C8A6E2C81B8} [3918]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{D8BFCC35-8767-4770-86AE-7DFB8EC2C8F7} [3120]

---\\ Software installed (O42) (42) - 2s
O42 - Logiciel: Malwarebytes Anti-Exploit version 1.06.1.1019 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Exploit_is1
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinRAR 5.10 beta 3 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {14CA0978-667E-4AC7-8E14-57B4DC1EDF12}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {27DEA29A-222C-45F8-B70D-0A7B303FC71B}
O42 - Logiciel: ESET Smart Security - (.ESET, spol s r. o..) [HKLM][64Bits] -- {293ADC3B-DCF3-44C2-9CE8-19DD2B4F7646}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Shadow Defender - (.ShadowDefender.com.) [HKLM][64Bits] -- {93A07A0D-454E-43d1-86A9-5DE9C5F4411A}
O42 - Logiciel: NVIDIA 3D Vision Driver 353.30 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Graphics Driver 353.30 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.4.5.44 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA 3D Vision Controller Driver 352.65 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA PhysX System Software 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.34.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: MegaDownloader 0.83 - (.Andres_age.) [HKLM][64Bits] -- {C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Advanced SystemCare 8 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare 8_is1
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM][64Bits] -- IObit Surfing Protection_is1
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Photodex Presenter - (.Photodex Corporation.) [HKLM][64Bits] -- Photodex Presenter
O42 - Logiciel: ProShow Producer - (.Photodex Corporation.) [HKLM][64Bits] -- ProShow Producer
O42 - Logiciel: Smart Defrag 4 - (.IObit.) [HKLM][64Bits] -- Smart Defrag 4_is1
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPFix_is1
O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09}
O42 - Logiciel: Rosetta Stone Ltd Services - (.Rosetta Stone Ltd..) [HKLM][64Bits] -- {3165E4A6-D5DE-46B0-8597-D55E2B826B84}
O42 - Logiciel: Rosetta Stone TOTALe - (.Rosetta Stone, Ltd.) [HKLM][64Bits] -- {6B6BC189-D606-4BC7-9758-E6C364F76A55}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM][64Bits] -- {8F0CD7D1-42F3-4195-95CD-833578D45057}_is1
O42 - Logiciel: Bigasoft Total Video Converter 4.6.0.5589 - (.Bigasoft Corporation.) [HKLM][64Bits] -- {A72CE741-1F32-4D79-BFFB-A714375C678D}_is1
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824144531}
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

---\\ HKCU & HKLM Software Keys (60) - 2s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AVG
HKLM\SOFTWARE\Wow6432Node\Bigasoft
HKLM\SOFTWARE\Wow6432Node\CyberGhost
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Photodex Media Sources
HKLM\SOFTWARE\Wow6432Node\Photodex Presenter
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\Zemana
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Karlis Blumentals
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Photodex
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Tencent =>Adware.TencentAddressBar
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VideoLAN
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zemana
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (O43) (172) - 5s
O43 - CFD: 2015/06/27 - 16:27:50 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/05/16 - 11:52:19 - [0] D -- C:\Program Files (x86)\AVG
O43 - CFD: 2015/04/29 - 19:07:08 - [] D -- C:\Program Files (x86)\Bigasoft
O43 - CFD: 2015/06/22 - 17:11:35 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/06/10 - 21:43:13 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/05/25 - 18:44:59 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/04/21 - 13:11:47 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/06/14 - 22:59:55 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/05/16 - 11:53:07 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 2015/05/23 - 11:21:35 - [] D -- C:\Program Files (x86)\KeyCryptSDK
O43 - CFD: 2015/04/30 - 19:49:19 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
O43 - CFD: 2015/07/01 - 16:28:06 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/04/10 - 19:36:33 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/04/10 - 19:36:31 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2015/04/10 - 19:33:17 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2015/04/10 - 19:36:54 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2015/04/10 - 19:36:03 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/06/03 - 19:23:38 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/03 - 19:23:38 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/04/10 - 19:36:41 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/04/13 - 21:24:10 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/04/12 - 14:31:15 - [] D -- C:\Program Files (x86)\Photodex
O43 - CFD: 2015/04/12 - 14:32:24 - [] D -- C:\Program Files (x86)\Photodex Presenter
O43 - CFD: 2015/05/25 - 18:45:01 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/04/10 - 17:34:58 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/06/21 - 11:54:53 - [] D -- C:\Program Files (x86)\Rosetta Stone
O43 - CFD: 2015/06/21 - 11:54:26 - [] D -- C:\Program Files (x86)\RosettaStoneLtdServices
O43 - CFD: 2015/05/27 - 19:44:28 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/05/25 - 18:47:04 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/04/12 - 15:36:59 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/04/21 - 20:36:15 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/04/21 - 20:36:14 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/04/21 - 20:36:14 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 - 16:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/04/21 - 20:36:14 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/04/21 - 20:36:14 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 - 16:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/05/05 - 21:16:41 - [0] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 2015/07/01 - 17:13:14 - [] D -- C:\Program Files (x86)\Zemana AntiMalware
O43 - CFD: 2015/07/01 - 17:21:36 - [] D -- C:\Program Files (x86)\ZHPFix
O43 - CFD: 2015/04/21 - 20:40:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/04/21 - 20:40:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/14 - 22:59:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/05/16 - 11:53:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
O43 - CFD: 2015/05/22 - 12:55:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2015/05/25 - 18:03:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/04/21 - 13:10:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/05/06 - 14:41:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 2015/05/25 - 17:46:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 2013/08/22 - 16:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/28 - 23:13:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
O43 - CFD: 2015/07/01 - 16:28:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/19 - 12:44:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
O43 - CFD: 2015/04/10 - 19:37:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/06/22 - 20:56:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2015/04/12 - 14:32:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
O43 - CFD: 2015/06/21 - 11:54:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
O43 - CFD: 2015/06/12 - 10:11:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Defender
O43 - CFD: 2015/04/24 - 12:35:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/06/13 - 11:18:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
O43 - CFD: 2013/08/22 - 16:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/04/21 - 20:40:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/08/22 - 20:11:27 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/24 - 13:01:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/05/03 - 13:15:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/01 - 15:18:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
O43 - CFD: 2015/07/01 - 17:21:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
O43 - CFD: 2015/06/28 - 02:00:04 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/08/22 - 15:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/05/13 - 16:51:43 - [] D -- C:\ProgramData\AVG
O43 - CFD: 2015/06/11 - 22:14:32 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/06/22 - 20:07:03 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2015/05/13 - 16:46:13 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/04/13 - 16:29:33 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2013/08/22 - 15:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 - 15:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/05/22 - 12:55:16 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2015/06/20 - 14:01:24 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/04/10 - 15:59:53 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2015/05/25 - 18:03:24 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/04/11 - 10:57:09 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2015/05/25 - 17:46:32 - [] D -- C:\ProgramData\ma-config.com
O43 - CFD: 2015/04/10 - 19:34:32 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/07/01 - 13:29:39 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 2015/05/03 - 16:00:22 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/04/10 - 19:37:34 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/04/14 - 10:10:38 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/07/01 - 17:13:30 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2015/06/22 - 20:56:56 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/04/12 - 14:31:45 - [] D -- C:\ProgramData\Photodex
O43 - CFD: 2015/06/29 - 23:23:48 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 2015/06/27 - 16:33:46 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/04/21 - 20:36:11 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/06/20 - 13:57:58 - [] D -- C:\ProgramData\Rosetta Stone
O43 - CFD: 2015/06/20 - 13:57:58 - [] D -- C:\ProgramData\Rosetta Stone Backups
O43 - CFD: 2015/06/21 - 11:54:23 - [] D -- C:\ProgramData\RosettaStoneLtdServices
O43 - CFD: 2015/04/16 - 12:18:09 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 2015/06/09 - 21:24:22 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 - 15:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/08/22 - 15:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/06/27 - 16:27:27 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/04/10 - 19:36:30 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/05/25 - 18:05:03 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2015/04/11 - 10:57:08 - [] D -- C:\Program Files (x86)\Common Files\IObit
O43 - CFD: 2015/06/20 - 14:01:22 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 2015/06/27 - 16:24:41 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2013/08/22 - 16:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/04/24 - 12:35:14 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/04/21 - 20:36:11 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/05/05 - 18:51:47 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 2015/05/05 - 18:54:22 - [] D -- C:\Users\kader\AppData\Roaming\ABBYY
O43 - CFD: 2015/06/27 - 17:56:26 - [] D -- C:\Users\kader\AppData\Roaming\Adobe
O43 - CFD: 2015/04/11 - 10:57:19 - [] D -- C:\Users\kader\AppData\Roaming\Apple Computer
O43 - CFD: 2015/05/13 - 16:49:04 - [] D -- C:\Users\kader\AppData\Roaming\AVG
O43 - CFD: 2015/04/29 - 19:07:28 - [] D -- C:\Users\kader\AppData\Roaming\Bigasoft Total Video Converter 4
O43 - CFD: 2015/07/01 - 17:24:22 - [] D -- C:\Users\kader\AppData\Roaming\DMCache
O43 - CFD: 2015/05/22 - 13:00:10 - [] D -- C:\Users\kader\AppData\Roaming\ESET
O43 - CFD: 2015/04/21 - 21:07:45 - [] D -- C:\Users\kader\AppData\Roaming\Identities
O43 - CFD: 2015/07/01 - 17:19:04 - [] D -- C:\Users\kader\AppData\Roaming\IDM
O43 - CFD: 2015/05/25 - 18:04:00 - [] D -- C:\Users\kader\AppData\Roaming\Intel Corporation
O43 - CFD: 2015/04/21 - 16:15:36 - [] D -- C:\Users\kader\AppData\Roaming\IObit
O43 - CFD: 2015/04/10 - 15:47:15 - [] D -- C:\Users\kader\AppData\Roaming\Macromedia
O43 - CFD: 2015/06/28 - 13:02:26 - [] SD -- C:\Users\kader\AppData\Roaming\Microsoft
O43 - CFD: 2015/04/14 - 10:11:25 - [] D -- C:\Users\kader\AppData\Roaming\Mozilla
O43 - CFD: 2015/04/12 - 14:32:23 - [] D -- C:\Users\kader\AppData\Roaming\Netscape
O43 - CFD: 2015/05/16 - 15:34:53 - [] D -- C:\Users\kader\AppData\Roaming\notepad
O43 - CFD: 2015/06/27 - 16:33:30 - [] D -- C:\Users\kader\AppData\Roaming\NVIDIA
O43 - CFD: 2015/04/12 - 14:30:37 - [] D -- C:\Users\kader\AppData\Roaming\Photodex
O43 - CFD: 2015/04/10 - 17:39:22 - [] D -- C:\Users\kader\AppData\Roaming\ProductData
O43 - CFD: 2015/07/01 - 11:38:02 - [] D -- C:\Users\kader\AppData\Roaming\Skype
O43 - CFD: 2015/07/01 - 12:41:28 - [] D -- C:\Users\kader\AppData\Roaming\vlc
O43 - CFD: 2015/04/10 - 18:07:38 - [] D -- C:\Users\kader\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/01 - 17:25:11 - [] D -- C:\Users\kader\AppData\Roaming\ZHP
O43 - CFD: 2015/05/05 - 18:54:22 - [] D -- C:\Users\kader\AppData\Local\ABBYY
O43 - CFD: 2015/07/01 - 02:00:09 - [] D -- C:\Users\kader\AppData\Local\Adobe
O43 - CFD: 2015/04/10 - 20:15:08 - [0] D -- C:\Users\kader\AppData\Local\AntiLogger Free
O43 - CFD: 2015/04/10 - 15:35:35 - [0] SHD -- C:\Users\kader\AppData\Local\Application Data
O43 - CFD: 2015/05/13 - 16:46:48 - [] D -- C:\Users\kader\AppData\Local\Avg
O43 - CFD: 2015/06/14 - 12:19:45 - [0] D -- C:\Users\kader\AppData\Local\Diagnostics
O43 - CFD: 2015/06/20 - 18:14:26 - [] D -- C:\Users\kader\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/06/27 - 17:57:22 - [0] SHD -- C:\Users\kader\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/27 - 17:57:22 - [0] SHD -- C:\Users\kader\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/27 - 17:57:22 - [0] SHD -- C:\Users\kader\AppData\Local\EmieUserList
O43 - CFD: 2015/05/22 - 13:00:10 - [] D -- C:\Users\kader\AppData\Local\ESET
O43 - CFD: 2015/06/12 - 22:28:30 - [] D -- C:\Users\kader\AppData\Local\Google
O43 - CFD: 2015/06/02 - 10:23:55 - [] D -- C:\Users\kader\AppData\Local\GWX
O43 - CFD: 2015/04/10 - 15:35:36 - [0] SHD -- C:\Users\kader\AppData\Local\History
O43 - CFD: 2015/05/24 - 15:51:46 - [] D -- C:\Users\kader\AppData\Local\Macromedia
O43 - CFD: 2015/06/13 - 14:20:21 - [] D -- C:\Users\kader\AppData\Local\MegaDownloader
O43 - CFD: 2015/05/12 - 20:59:49 - [] D -- C:\Users\kader\AppData\Local\Microsoft
O43 - CFD: 2015/05/14 - 17:57:03 - [] D -- C:\Users\kader\AppData\Local\Microsoft Help
O43 - CFD: 2015/04/14 - 10:11:26 - [] D -- C:\Users\kader\AppData\Local\Mozilla
O43 - CFD: 2015/04/10 - 19:16:49 - [] D -- C:\Users\kader\AppData\Local\NVIDIA
O43 - CFD: 2015/04/10 - 19:16:24 - [] D -- C:\Users\kader\AppData\Local\NVIDIA Corporation
O43 - CFD: 2015/04/10 - 15:37:28 - [] D -- C:\Users\kader\AppData\Local\Packages
O43 - CFD: 2015/04/10 - 17:36:44 - [] D -- C:\Users\kader\AppData\Local\Programs
O43 - CFD: 2015/04/10 - 22:09:42 - [] D -- C:\Users\kader\AppData\Local\Skype
O43 - CFD: 2015/07/01 - 17:24:47 - [] D -- C:\Users\kader\AppData\Local\Temp
O43 - CFD: 2015/04/10 - 15:35:36 - [0] SHD -- C:\Users\kader\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/06/11 - 22:50:47 - [] D -- C:\Users\kader\AppData\Local\VirtualStore
O43 - CFD: 2015/06/12 - 10:02:38 - [] D -- C:\Users\kader\AppData\Local\WiFi Guard
O43 - CFD: 2015/05/05 - 18:51:50 - [] D -- C:\Users\kader\AppData\Local\Wondershare
O43 - CFD: 2015/05/06 - 10:02:02 - [] D -- C:\Users\kader\AppData\Local\Zemana
O43 - CFD: 2013/08/22 - 16:36:32 - [] RD -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 - 16:36:32 - [] RD -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/04/12 - 14:09:03 - [] RD -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/04/29 - 19:07:10 - [] D -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
O43 - CFD: 2015/04/21 - 13:10:56 - [] D -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2013/08/22 - 16:36:32 - [] D -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/05/16 - 15:48:44 - [] RD -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/08/22 - 16:36:32 - [] RD -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/05/03 - 13:15:06 - [] D -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ System Drivers List (SDL) (O58) (59) - 6s
O58 - SDL:2015/04/21 21:08:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\0B906B86.sys [136408]
O58 - SDL:2015/04/15 15:36:11 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\0DDA3E60.sys [136408]
O58 - SDL:2013/08/22 13:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896]
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176]
O58 - SDL:2013/08/22 13:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200]
O58 - SDL:2013/08/22 13:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424]
O58 - SDL:2013/08/22 13:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952]
O58 - SDL:2015/04/23 16:40:23 A . (.Zemana Ltd. - Zemana AntiLogger Driver.) -- C:\Windows\System32\drivers\AntiLog64.sys [49752]
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016]
O58 - SDL:2013/08/13 00:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2013/08/22 13:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296]
O58 - SDL:2015/01/01 11:35:21 A . (.SHADOWDEFENDER.COM - Shadow Defender Filter Driver.) -- C:\Windows\System32\drivers\diskpt.sys [423096]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [246000]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Devmon monitor.) -- C:\Windows\System32\drivers\edevmon.sys [241880]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [169792]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [222280]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44632]
O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [64208]
O58 - SDL:2013/08/22 13:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024]
O58 - SDL:2010/10/19 23:34:26 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344]
O58 - SDL:2013/08/22 13:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352]
O58 - SDL:2013/07/30 19:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:2013/07/25 20:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:2013/11/21 08:31:28 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [632168]
O58 - SDL:2013/08/10 01:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248]
O58 - SDL:2013/08/22 13:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000]
O58 - SDL:2015/04/18 02:06:24 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [195056]
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536]
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/07/01 17:14:09 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840]
O58 - SDL:2013/08/22 13:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840]
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64216]
O58 - SDL:2015/06/17 10:10:27 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda64v.sys [204648]
O58 - SDL:2015/06/17 10:10:27 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [11011216]
O58 - SDL:2013/08/22 13:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368]
O58 - SDL:2013/08/22 13:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288]
O58 - SDL:2015/04/03 14:21:00 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [38032]
O58 - SDL:2015/01/15 07:42:42 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [881368]
O58 - SDL:2015/05/15 18:23:06 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4464344]
O58 - SDL:2013/08/22 16:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2013/08/22 13:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896]
O58 - SDL:2013/08/22 13:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760]
O58 - SDL:2014/06/04 15:17:30 A . (.IObit - SmartDefrag Driver.) -- C:\Windows\System32\drivers\SmartDefragDriver.sys [21184]
O58 - SDL:2012/02/16 00:24:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [99384]
O58 - SDL:2012/02/16 00:24:40 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [203320]
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\Windows\System32\drivers\ssudserd.sys [206080]
O58 - SDL:2013/08/22 13:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072]
O58 - SDL:2013/08/22 13:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504]
O58 - SDL:2015/07/01 15:18:54 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zam64.sys [108920]
O58 - SDL:2015/07/01 15:18:19 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zamguard64.sys [108920]

---\\ Last modified or created user files (O61) (22) - 15s
O61 - LFC: 2015/06/25 19:50:12 A . (..) -- C:\Users\kader\Downloads\programs\SuperHideIP-3.3.5.2.Setup.exe [2483538]
O61 - LFC: 2015/06/24 13:00:27 A . (..) -- C:\Users\kader\Downloads\programs\vlc-2.2.1-win64.exe [29833438]
O61 - LFC: 2015/07/01 14:57:56 A . (..) -- C:\Users\kader\AppData\Roaming\NVIDIA\GLCache\d8713429c720cceb85ab6e6658e3c16d\03bf2aa65fd7d97a\2ad2147cf33d62a7.bin [202062]
O61 - LFC: 2015/07/01 14:02:52 A . (..) -- C:\Users\kader\AppData\Roaming\NVIDIA\GLCache\d8713429c720cceb85ab6e6658e3c16d\03bf2aa65fd7d97a\f325a1b2bc51eece.bin [9368]
O61 - LFC: 2015/07/01 17:15:21 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824]
O61 - LFC: 2015/07/01 17:15:21 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824]
O61 - LFC: 2015/07/01 17:15:22 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216]
O61 - LFC: 2015/07/01 17:15:22 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512]
O61 - LFC: 2015/07/01 17:15:21 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648]
O61 - LFC: 2015/07/01 17:15:21 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768]
O61 - LFC: 2015/07/01 17:15:20 A . (.Tonec Inc..) -- C:\Users\kader\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216]
O61 - LFC: 2015/07/01 15:18:15 A . (..) -- C:\Users\kader\AppData\Local\Zemana\Zemana AntiMalware\update_cef92a0f_16.exe [5060264]
O61 - LFC: 2015/06/30 13:02:40 A . (..) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [4438960]
O61 - LFC: 2015/06/30 20:25:37 A . (..) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\Packages\00007984\CoProc update.19722912.exe [455224]
O61 - LFC: 2015/06/30 20:26:08 A . (..) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\Packages\0000797f\DAO.19722780.exe [5871232]
O61 - LFC: 2015/06/23 20:12:26 A . (..) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\Packages\0000789c\DRS update.19697862.exe [350008]
O61 - LFC: 2015/06/30 11:54:32 A . (.NVIDIA Corporation.) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [628664]
O61 - LFC: 2015/06/30 11:54:28 A . (.NVIDIA Corporation.) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe [172984]
O61 - LFC: 2015/06/30 11:54:26 A . (.NVIDIA Corporation.) -- C:\Users\kader\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll [1357240]
O61 - LFC: 2015/06/28 12:02:36 A . (..) -- C:\Users\kader\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation\Drs\nvdrssel.bin [1]
O61 - LFC: 2015/07/01 12:23:40 A . (..) -- C:\Users\kader\AppData\Local\Microsoft\Windows\INetCache\IE\T0PXC2UB\urlblockindex[1].bin [16]
O61 - LFC: 2015/07/01 10:49:31 A . (..) -- C:\Users\kader\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [115979]

---\\ File Associations Shell Spawning (O67) (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (1) - 4s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Additional Scan (O88) (1) - 0s
HKCU\SOFTWARE\Tencent =>Adware.TencentAddressBar

---\\ Summary of the detections found on your workstation (1) - 0s
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>Adware.TencentAddressBar

~ End of the scan, 15175 items in 53 seconds (565)(0)()

Publicité


Signaler le contenu de ce document

Publicité