Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Report of ZHPDiag v2015.6.16.57 - Nicolas Coolman (6/16/2015)
~ Launched by Rovasoa Niriniaina (6/17/2015 6:22:14 ROVASOA)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://www.forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Activate by user
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.5 (Defaut)
---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
---\\ System protection software
Avast Internet Security v10.2.2218
Ad-Aware Web Companion v1.1.980.2014
Windows Defender W8 (Deactivate)
---\\ System optimization software
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 11 ActiveX & Plugin 64-bit
Adobe Flash Player 9 ActiveX
Adobe Reader 9.3 - Français
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3991.4 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 81 GB (40%) free of 201 GB
---\\ Connection to the system mode
~ Computer Name: ROVASOA
~ User Name: Rovasoa Niriniaina
~ All Users Names: Rovasoa Niriniaina, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\
~ %Desktop% : C:\Users\Rovasoa Niriniaina\Desktop\
~ %Favorites% : C:\Users\Rovasoa Niriniaina\Favorites\
~ %LocalAppData% : C:\Users\Rovasoa Niriniaina\AppData\Local\
~ %StartMenu% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 81 Go of 201 Go)
D: Hard drive, Flash drive, Thumb drive (Free 28 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 46 Scanned in VAmn OAs
---\\ Search Generic System Files
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.1/28/2015 - 12:47:12 ROVASOA.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.10/29/2014 - 2:25:54 ROVASOA.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.4/21/2015 - 4:27:25 ROVASOA.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.10/29/2014 - 2:22:52 ROVASOA.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.12/21/2013 - 9:54:07 ROVASOA.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.5/30/2014 - 4:03:03 ROVASOA.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.8/22/2013 - 1:43:41 ROVASOA.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.8/22/2013 - 12:40:15 ROVASOA.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.8/22/2013 - 9:46:35 ROVASOA.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.3/6/2014 - 10:22:50 ROVASOA.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/24/2014 - 12:45:39 ROVASOA.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.10/7/2014 - 4:29:50 ROVASOA.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.11/27/2013 - 1:02:29 ROVASOA.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.10/8/2014 - 8:32:10 ROVASOA.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.8/22/2013 - 12:37:02 ROVASOA.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/15/2014 - 9:32:37 ROVASOA.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.8/22/2013 - 12:40:02 ROVASOA.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.8/22/2013 - 12:35:51 ROVASOA.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.8/22/2013 - 11:26:13 ROVASOA.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.8/22/2013 - 2:25:35 ROVASOA.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.6/19/2014 - 3:13:36 ROVASOA.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in VAmn OAs
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/119
~ Mes Videos (My Videos) : 1/86
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/3263
~ Mon Bureau (My Desktop) : 1/703
~ Menu demarrer (Programs) : 1/49
~ Hidden Files: Scanned in VAmn OAs
---\\ Process running
[MD5.6536D8570B2CDEF6BE313CF1CE3C613F] - (.No owner - ASP.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [8465704] [PID.3288] =>PUP.AdvancedSystemProtector
[MD5.C8A0145CA371A09BB46136FD722C8549] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [238160] [PID.3388]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.5756]
[MD5.3F63F9C37038D314356F0CBD59415A11] - (.No owner - Application MFC hyperappel.) -- C:\Program Files (x86)\Larousse\Petit Larousse 2009\bin\Hyperappel.exe [237568] [PID.6512]
[MD5.E2310ECEAA1E0DE0EE8FE32C7BAB3422] - (.L'Aventure Multimedia - Dictionnaire MediaDICO pour Windows.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDico38.exe [281088] [PID.6616]
[MD5.7EE59B279195A49F17D0CEC42AA28CFD] - (.ISSENDIS - No Comment.) -- C:\Program Files (x86)\OFFICE ONE6.0\OFFICE One Clock\ooneclockv65.exe [257536] [PID.6624]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.6688]
[MD5.FB3784D0A806A85952199E0FFCBEE06B] - (.L'Aventure Multimedia - Reconnaissance Automatique de Caractères.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\RAC38.exe [200792] [PID.6784]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.6792]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - No Comment.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.6800]
[MD5.3DDE61DF866B70543A953C77765D8EDC] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [337432] [PID.6812]
[MD5.4D042B1F1375CF371AFBE0E0276BA627] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe [624248] [PID.6976]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.2276]
[MD5.E7B58CE9BD61BF575E2880088F4E5447] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8218112] [PID.7352]
~ Processes Running: Scanned in VAmn OAs
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\6nrlpipk.default\prefs.js
C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\mteietq8.default\prefs.js
M3 - MFPP: Plugins - [Rovasoa Niriniaina] -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\6nrlpipk.default\searchplugins\WebSearch.xml
M0 - MFSP: prefs.js [Rovasoa Niriniaina - mteietq8.default] http://www.google.fr
M2 - MFEP: prefs.js [Rovasoa Niriniaina - 6nrlpipk.default\{b9615918-d3de-44a4-ab65-76df7ea1f1c1}] [] ProfilePassword-Firefox v0.3.19 (..)
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] filtersetg@updater
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] foxmarks@kei.com
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] snaplinks@snaplinks.net
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {77b819fa-95ad-4f2c-ac7c-486b356188a9}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\snaplinks@snaplinks.net] [] Snap Links (EladKarako Mod) v0.0.7.1 (..)
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}] [] Gmail Notifier v0.6.3.8 (..)
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v4.0.20130422.1-signed (..)
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] filtersetg@updater
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] foxmarks@kei.com
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] snaplinks@snaplinks.net
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {77b819fa-95ad-4f2c-ac7c-486b356188a9}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 47 Scanned in VAmn OAs
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17728 (winblue_r9.150312-1720)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
~ IE Browser: 17 Scanned in VAmn OAs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in VAmn OAs
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in VAmn OAs
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in VAmn OAs
---\\ Browser Helper Objects (O2)
O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\\Adobe Contribute CS3\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} Orphan key
O2 - BHO: (no name) [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} Orphan key
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Orphan key
O2 - BHO: (no name) [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Orphan key
~ BHO: 16 Scanned in VAmn OAs
---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Advanced System~Protector.lnk . (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: RegClean Pro.lnk . (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe =>Rogue.RegistryPowerCleaner
O4 - GS\Desktop [Rovasoa Niriniaina]: FLV-Media-Player.lnk . (.HYBRIDWEB.de - FLV-Media-Player.) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Installer\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}\DesktopIcon.exe =>Adware.ADON
~ Global Startup: 3 Scanned in VAmn OAs
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RtsCM] . (.Realtek Semiconductor Corp. - Realtek Camera Man.) -- C:\Windows\RTSCM64.exe
O4 - HKLM\..\Run: [KeyLemon LemonScreen] . (.KeyLemon - Locks the session with face recognition.) -- C:\Program Files\KeyLemon\KLLockEngine.exe
O4 - HKLM\..\Run: [KeyLemon Updater] . (.KeyLemon - KeyLemon Updater.) -- C:\Program Files\KeyLemon\KLUpdater.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKCU\..\Run: [MediaDICO38] . (.L'Aventure Multimedia - No Comment.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
O4 - HKLM\..\Wow6432Node\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated - Adobe Version Cue CS3.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm®Atheros® - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [MediaDICO38] . (.L'Aventure Multimedia - No Comment.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe
~ Application: Scanned in VAmn OAs
---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in VAmn OAs
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in VAmn OAs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in VAmn OAs
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{377FBF71-2E49-4F71-BDA4-14F78BD5C443}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{436BE313-E79B-452E-A8D9-92646D18E3E7}: NameServer = 192.168.2.17,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85C517C-A48B-4079-BC17-C5B78EA48B62}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: DhcpNameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{C197FBE7-BF5B-496D-9CB6-80D57077777C}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{377FBF71-2E49-4F71-BDA4-14F78BD5C443}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{436BE313-E79B-452E-A8D9-92646D18E3E7}: NameServer = 192.168.2.17,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85C517C-A48B-4079-BC17-C5B78EA48B62}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: DhcpNameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{C197FBE7-BF5B-496D-9CB6-80D57077777C}: DhcpNameServer = 192.168.1.1 0.0.0.0
~ Domain: Scanned in VAmn OAs
---\\ Extra protocols (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in VAmn OAs
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in VAmn OAs
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service (Autodesk Content Service) . (.Autodesk, Inc. - Content Service.) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited - No Comment.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe =>Adware.Graftor
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MobiConnect. OUC (MobiConnect. RunOuc) . (...) - C:\Program Files (x86)\MobiConnect\UpdateDog\ouc.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) . (.RealVNC Ltd. - VNC Server Enterprise Edition for Win32.) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
~ Services: 20 Scanned in VAmn OAs
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in VAmn OAs
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in VAmn OAs
---\\ Task Planned Automatically (039)
[MD5.2B2B817A248F7D795891AF55FB0BA31B] [APT] [Advanced System~Protector] (...) -- C:\Program Files (x86)\ASP\AspManager.exe [477480] =>PUP.AdvancedSystemProtector
[MD5.6536D8570B2CDEF6BE313CF1CE3C613F] [APT] [Advanced System~Protector_startup] (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [8465704] =>PUP.AdvancedSystemProtector
[MD5.0ED398A4D031B9CFB10E3FEDF97AD836] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS.exe [614400] =>Hacktool.AutoKMS
[MD5.10B201CC8EBFC96C0F20BC2BF3BF2144] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [977600] =>PUA.KMSpico
[MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298688]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] [APT] [avastBCLRestart_firefox.exe] (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [MirageAgent] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (.not file.) [0]
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro_DEFAULT] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro_UPDATES] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.FB992EA627DCBD0D3972E7BC7D4EC388] [APT] [RtHDVBg] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472]
[MD5.A2E02F2AB6E59932165EA0EB217C6E6F] [APT] [RTKCPL] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736]
[MD5.BE5F9C72E9994D403FE5BFA9BC39AE14] [APT] [SoftwareInformerService] (.Informer Technologies, Inc..) -- C:\Program Files\Software Informer\softinfo.exe [1536000]
[MD5.92A80F5EB8FB3B821175A031B3D0B976] [APT] [{3B719921-3486-4A8A-A21C-529392A71260}] (.Power Software Ltd.) -- C:\Program Files (x86)\PowerISO\PowerISO.exe [2782744]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [242] =>Hacktool.AutoKMS
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [242] =>Hacktool.AutoKMS
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1088]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1092]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: RegClean Pro_DEFAULT - (...) -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job [300] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_DEFAULT - (...) -- C:\Windows\System32\Tasks\RegClean Pro_DEFAULT [300] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_UPDATES - (...) -- C:\Windows\Tasks\RegClean Pro_UPDATES.job [308] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_UPDATES - (...) -- C:\Windows\System32\Tasks\RegClean Pro_UPDATES [308] =>Rogue.RegistryPowerCleaner
~ Scheduled Task: 24 Scanned in VAmn OAs
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 10 Scanned in VAmn OAs
---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO CD-ROM Device Driver.) - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (vncmirror) . (.RealVNC Ltd. - VNC Mirror Miniport.) - C:\Windows\system32\DRIVERS\vncmirror.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 52 Scanned in VAmn OAs
---\\ Software installed (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
O42 - Logiciel: Ad-Aware Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {65972064-0C2B-4710-A3F8-825F26636993}
O42 - Logiciel: Adobe After Effects CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EB0202F7-016A-410C-ADE4-40F848CCC661}
O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_3675c95c239b992d5d0ee8fce969b9e
O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2D81E70-2A98-4A08-A628-94388B063C5E}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {73B5D990-04EA-4751-B10F-5534770B91F2}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
O42 - Logiciel: Adobe Contribute CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F84ADE4E-9220-4324-994D-801EDD9DD251}
O42 - Logiciel: Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5D2398DF-3022-4820-93BA-F1175FBEA9CA}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4BDB76C6-902E-41D5-9064-68768E02886B}
O42 - Logiciel: Adobe Encore CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
O42 - Logiciel: Adobe Encore CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BE5F3842-8309-4754-92D5-83E02E6077A3}
O42 - Logiciel: Adobe Fireworks CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {21C4D775-368A-46C4-8DC3-4207165B7115}
O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {80FD3971-8482-49C8-BA8C-B6464A15882F}
O42 - Logiciel: Adobe Flash Player 11 ActiveX & Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3}
O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6E08CE13-C2AB-4749-9335-5900B958929E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE8327F9-3AC1-4586-8C7E-3DEE2BC92441} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6B708481-748A-4EB4-97C1-CD386244FF77}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C1FA4B3B-1625-4922-9C9D-780E8FCE161A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA}
O42 - Logiciel: Adobe Reader 9.3 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {004685F7-9FB6-4789-812F-59ABB34A55AF}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Soundbooth CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
O42 - Logiciel: Adobe Soundbooth CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0327FA9D-975C-448C-A086-577D57BB25B8}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Version Cue CS3 Server - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1D58229F-C505-45CA-8223-F35F3A34B963} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Video Profiles - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}
O42 - Logiciel: Advanced-System Protector - (.systweak.com.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: AirDroid Notifier - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: Ajouter ou supprimer Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_b5d5789539ea1f004a4defceea74312
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArchiCAD 17 INT - (.GRAPHISOFT.) [HKLM][64Bits] -- 001FFF2FFF17FF00FF0701F01F02F000-R1
O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM][64Bits] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: AutoCAD 2007 - English - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-5001-0409-0002-0060B0CE6BBA}
O42 - Logiciel: AutoCAD Architecture 2014 - Français (French) - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-D004-0000-0102-0060B0CE6BBA}
O42 - Logiciel: Autodesk 360 - (.Autodesk.) [HKLM][64Bits] -- {52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}
O42 - Logiciel: Autodesk App Manager - (.Autodesk.) [HKLM][64Bits] -- {C070121A-C8C5-4D52-9A7D-D240631BD433}
O42 - Logiciel: Autodesk AutoCAD Architecture 2014 - Français (French) - (.Autodesk.) [HKLM][64Bits] -- AutoCAD Architecture 2014 - Français (French)
O42 - Logiciel: Autodesk Content Service - (.Autodesk.) [HKLM][64Bits] -- Autodesk Content Service
O42 - Logiciel: Autodesk Content Service Language Pack - (.Autodesk.) [HKLM][64Bits] -- {62F029AB-85F2-0001-866A-9FC0DD99DDBC}
O42 - Logiciel: Autodesk DWF Viewer - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk DWF Viewer
O42 - Logiciel: Autodesk Featured Apps - (.Autodesk.) [HKLM][64Bits] -- {F732FEDA-7713-4428-934B-EF83B8DD65D0}
O42 - Logiciel: Autodesk Material Library 2014 - (.Autodesk.) [HKLM][64Bits] -- {644F9B19-A462-499C-BF4D-300ABC2A28B1}
O42 - Logiciel: Autodesk Material Library Base Resolution Image Library 2014 - (.Autodesk.) [HKLM][64Bits] -- {51BF3210-B825-4092-8E0D-66D689916E02}
O42 - Logiciel: Autodesk ReCap - (.Autodesk.) [HKLM][64Bits] -- Autodesk ReCap
O42 - Logiciel: Autodesk Robot Structural Analysis Professional 2014 - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk Robot Structural Analysis Professional 2014
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: BibleWorks 6 - (...) [HKLM][64Bits] -- {F5CD130F-5789-4D38-8762-FFBEBA896805}
O42 - Logiciel: Cain & Abel 4.9.56 - (...) [HKLM][64Bits] -- Cain & Abel 4.9.56
O42 - Logiciel: CamStudio version 2.7 - (.CamStudio Open Source.) [HKLM][64Bits] -- {04B83666-3A62-452B-85D3-70F8117F2329}_is1
O42 - Logiciel: Capturino version 2.5 - (.Capturino Software - Jean-Paul Bellenger.) [HKLM][64Bits] -- {0B8D7877-0178-4782-818A-0498F2E33BCC}_is1
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: CodeMeter Runtime Kit v5.00a - (.WIBU-SYSTEMS AG.) [HKLM][64Bits] -- {44DDBAF6-3F9C-483D-97FA-303B2DE181E6}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine =>Toolbar.Conduit
O42 - Logiciel: Conjugaison - (.homework.) [HKLM][64Bits] -- {057AA4D8-559F-42B1-98A0-508303834B2E}
O42 - Logiciel: ConvertHelper 3.1.1 - (.DownloadHelper.) [HKLM][64Bits] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Dev-C++ 5 beta 9 release (4.9.9.2) - (...) [HKLM][64Bits] -- Dev-C++
O42 - Logiciel: Dictionary version 2.1 - (.7tech Limited.) [HKLM][64Bits] -- Dic7tech_is1
O42 - Logiciel: ETABS 9 - (.Computers and Structures.) [HKLM][64Bits] -- {D47BD22B-769F-4CAB-B40E-D1F53B4020E6}
O42 - Logiciel: EZDownloader - (.EZDownloader.) [HKLM][64Bits] -- {0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
O42 - Logiciel: Etude de la Bible - (...) [HKLM][64Bits] -- Etude de la Bible
O42 - Logiciel: EzerKb - (.Ezer IT Consulting.) [HKLM][64Bits] -- {5AB2D033-2CAF-42DA-9B2D-1AE26021A4EA}
O42 - Logiciel: FARO LS 1.1.501.0 (64bit) - (.FARO Scanner Production.) [HKLM][64Bits] -- {8A470330-70B2-49AD-86AF-79885EF9898A}
O42 - Logiciel: FLV-Media-Player - (.HYBRIDWEB.de.) [HKLM][64Bits] -- {AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}
O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Fraps - (...) [HKLM][64Bits] -- Fraps
O42 - Logiciel: Free YouTube Download version 3.2.14.1022 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube Download_is1
O42 - Logiciel: GOM Audio - (.Gretech Corporation.) [HKLM][64Bits] -- GomAudio
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM][64Bits] -- Guitar Pro 5_is1
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {8C1ADF61-4F87-44BC-804C-C20FC70D98BB}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Java SE Development Kit 8 Update 25 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180250}
O42 - Logiciel: Jeux du Dictionnaire - (.Micro Application.) [HKLM][64Bits] -- {AB254D00-D5D7-493B-922C-9E673848EFB5}
O42 - Logiciel: KMSpico v9.2.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUA.KMSpico
O42 - Logiciel: KeyLemon - (.KeyLemon Solutions S.A..) [HKLM][64Bits] -- KeyLemon
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM][64Bits] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: LavasoftTcpService - (.Lavasoft.) [HKLM][64Bits] -- {90CF05DE-735F-42AB-A52A-F447FDFBE207} =>Adware.Graftor
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM][64Bits] -- ShockwaveFlash
O42 - Logiciel: Micro Application - 38 Dictionnaires et Recueils de Correspondance - (...) [HKLM][64Bits] -- {B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}
O42 - Logiciel: MobiConnect - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- MobiConnect
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM][64Bits] -- {5E6EC4DD-7B1F-4E10-82B9-EA1B90791036}
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: OFFICE One Clock 6.5 - (.ISSENDIS.) [HKLM][64Bits] -- OFFICE One Clock 6.5
O42 - Logiciel: OpenVPN 2.3.4-I605 - (...) [HKLM][64Bits] -- OpenVPN
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: Petit Larousse 2009 - (...) [HKLM][64Bits] -- {422FADA9-FED2-41D7-B5FA-472BB98B7784}
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: PriceMinus - (...) [HKLM][64Bits] -- {06B99631-BFA2-3B7A-F58B-D067C2BA59B7} =>PUP.PriceMinus
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: QuickTime Alternative 3.2.2 - (...) [HKLM][64Bits] -- QuicktimeAlt_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RegClean-Pro - (.systweak.com.) [HKLM][64Bits] -- RegClean-Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: Robot Expert v.17.0 - (...) [HKLM][64Bits] -- {06347192-28A4-4145-87A6-5A801233B98D}
O42 - Logiciel: SWF & FLV Player 3.0 (build 3.0.33.5106) - (.Eltima Software.) [HKLM][64Bits] -- SWF & FLV Player_is1
O42 - Logiciel: SketchUp 2013 - (.Trimble Navigation Limited.) [HKLM][64Bits] -- {F277FA87-FCE4-49A3-B745-B82FB29ED8A4}
O42 - Logiciel: SketchUp 2015 - (.Trimble Navigation Limited.) [HKLM][64Bits] -- {37B47810-E821-4B53-B3D2-3DB1F2084B7E}
O42 - Logiciel: SketchUp Import for AutoCAD 2014 - (.Autodesk.) [HKLM][64Bits] -- {644E9589-F73A-49A4-AC61-A953B9DE5669}
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Softonic France FF Toolbar - (.Softonic France FF.) [HKLM][64Bits] -- Softonic_France_FF Toolbar =>Adware.FFToolBar
O42 - Logiciel: Software Informer 1.4.1273.0 - (.Informer Technologies, Inc..) [HKLM][64Bits] -- Software Informer_is1
O42 - Logiciel: Sony Media Manager 2.2 - (.Sony.) [HKLM][64Bits] -- {38E1CA6C-2121-4B5C-A3A5-0B0003794EFF}
O42 - Logiciel: Sony Vegas 7.0 - (.Sony.) [HKLM][64Bits] -- {8411FA28-D32D-4518-92F0-3FBD80A702BC}
O42 - Logiciel: SuperCopier2 - (...) [HKLM][64Bits] -- SuperCopier2
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TAP-Windows 9.21.0 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: Tests de QI et Mémoire - (...) [HKLM][64Bits] -- {A164036A-722E-41CB-A1C1-3C3825A575D6}
O42 - Logiciel: Tipp Top 4.0 - (...) [HKLM][64Bits] -- {7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}
O42 - Logiciel: Total Video Converter 3.11 070908 - (.EffectMatrix Inc..) [HKLM][64Bits] -- Total Video Converter 3.11_is1
O42 - Logiciel: USB Video Device - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: UltraISO Premium V8.6 - (...) [HKLM][64Bits] -- UltraISO_is1
O42 - Logiciel: Update for Japanese Microsoft IME Postal Code Dictionary - (.Microsoft Corporation.) [HKLM][64Bits] -- {15015752-9990-4516-A2B1-93823281FB8E}
O42 - Logiciel: Update for Japanese Microsoft IME Standard Extended Dictionary - (.Microsoft Corporation.) [HKLM][64Bits] -- {78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM][64Bits] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VNC Enterprise Edition E4.5.4 - (.RealVNC Ltd..) [HKLM][64Bits] -- RealVNC_is1
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM][64Bits] -- VNCMirror_is1
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM][64Bits] -- VNCPrinter_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: WinRAR archiver - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: bestadblocker - (...) [HKLM][64Bits] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Adblocker
O42 - Logiciel: i686-4.9.2-posix-dwarf-rt_v4-rev2 - (.MinGW-W64.) [HKLM][64Bits] -- i686-4.9.2-posix-dwarf-rt_v4-rev2
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 95 Scanned in VAmn OAs
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Atheros]
[HKCU\Software\Audacity]
[HKCU\Software\Autodesk]
[HKCU\Software\BugSplat]
[HKCU\Software\Cain]
[HKCU\Software\CamStudioOpenSource for Nick]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Dictionary]
[HKCU\Software\DownloadManager]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Fraps3]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GRAPHISOFT]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Geomedia SA]
[HKCU\Software\Google]
[HKCU\Software\HYBRIDWEB.de]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\Intel]
[HKCU\Software\JMJLogiciels]
[HKCU\Software\JavaSoft]
[HKCU\Software\KeyLemon]
[HKCU\Software\LAventure]
[HKCU\Software\Licenses]
[HKCU\Software\Lockdir]
[HKCU\Software\LogMeInRescueCallingCard]
[HKCU\Software\MOVDLTool]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Mine]
[HKCU\Software\Minnetonka Audio Software]
[HKCU\Software\Mozilla]
[HKCU\Software\Necrosoft]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nilings]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\P®O Group]
[HKCU\Software\RealVNC]
[HKCU\Software\Realtek]
[HKCU\Software\Reg]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\RoboBAT]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SMADΔV]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\SketchUp]
[HKCU\Software\Skype]
[HKCU\Software\Sony Media Software]
[HKCU\Software\Spiral Monkey]
[HKCU\Software\Synaptics]
[HKCU\Software\TechSmith]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WIBU-SYSTEMS]
[HKCU\Software\WebApp]
[HKCU\Software\Webshots]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\homework]
[HKCU\Software\systweak]
[HKLM\Software\7-Zip]
[HKLM\Software\Atheros]
[HKLM\Software\Audible]
[HKLM\Software\Autodesk]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Google]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RealVNC]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SketchUp]
[HKLM\Software\Synaptics]
[HKLM\Software\WIBU-SYSTEMS]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Arobas Music]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Autodesk]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\BibleWorks]
[HKLM\Software\Wow6432Node\Borland]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Computers and Structures, Inc.]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Crystal Decisions]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DATA BECKER]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\DownloadHelper]
[HKLM\Software\Wow6432Node\EasyBoot Systems]
[HKLM\Software\Wow6432Node\Eidos Interactive]
[HKLM\Software\Wow6432Node\Elaborate Bytes]
[HKLM\Software\Wow6432Node\FastStone Soft]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GRETECH]
[HKLM\Software\Wow6432Node\Geomedia SA]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Havas Interactive]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\HighCriteria]
[HKLM\Software\Wow6432Node\Huawei technologies]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Internet Download Manager]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAventure]
[HKLM\Software\Wow6432Node\Larousse]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\MAXSOFT-OCRON]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Micro Application]
[HKLM\Software\Wow6432Node\Minnetonka Audio Software]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenVPN-GUI]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\QTAlternative]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\RealVNC]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RoboBAT]
[HKLM\Software\Wow6432Node\Seagate Software]
[HKLM\Software\Wow6432Node\SketchUp]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Softonic_France_FF] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Sony Media Software]
[HKLM\Software\Wow6432Node\Spiral Monkey]
[HKLM\Software\Wow6432Node\Synthetic Aperture]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TG Byte Software]
[HKLM\Software\Wow6432Node\VST]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WIBU-SYSTEMS]
[HKLM\Software\Wow6432Node\WexTech Systems]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\homework]
[HKLM\Software\Wow6432Node\iTinySoft]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 483 Scanned in VAmn OAs
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 6/7/2015 - 2:26:30 ROVASOA - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 5/22/2015 - 10:54:52 ROVASOA - [] ----D C:\Program Files (x86)\AirDroid Notifier
O43 - CFD: 5/9/2015 - 9:13:08 ROVASOA - [] ----D C:\Program Files (x86)\AnswerWorks 4.0
O43 - CFD: 4/19/2015 - 2:46:45 ROVASOA - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 6/11/2015 - 4:58:16 ROVASOA - [] ----D C:\Program Files (x86)\ASP
O43 - CFD: 4/19/2015 - 9:58:44 ROVASOA - [] ----D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
O43 - CFD: 5/9/2015 - 9:13:34 ROVASOA - [] ----D C:\Program Files (x86)\AutoCAD 2007
O43 - CFD: 5/9/2015 - 9:09:44 ROVASOA - [] ----D C:\Program Files (x86)\Autodesk
O43 - CFD: 5/22/2015 - 10:54:50 ROVASOA - [] ----D C:\Program Files (x86)\bestadblocker =>PUP.Adblocker
O43 - CFD: 5/4/2015 - 9:04:47 ROVASOA - [] ----D C:\Program Files (x86)\BibleWorks 6
O43 - CFD: 5/4/2015 - 8:55:17 ROVASOA - [] ----D C:\Program Files (x86)\Bibliquest
O43 - CFD: 6/7/2015 - 2:03:12 ROVASOA - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 6/7/2015 - 1:47:54 ROVASOA - [] ----D C:\Program Files (x86)\Cain
O43 - CFD: 6/5/2015 - 6:47:41 ROVASOA - [] ----D C:\Program Files (x86)\CamStudio 2.7
O43 - CFD: 6/5/2015 - 5:43:55 ROVASOA - [] ----D C:\Program Files (x86)\CapturinoV25
O43 - CFD: 5/22/2015 - 1:59:33 ROVASOA - [] ----D C:\Program Files (x86)\CodeBlocks
O43 - CFD: 4/19/2015 - 2:49:24 ROVASOA - [] ----D C:\Program Files (x86)\CodeMeter
O43 - CFD: 6/12/2015 - 8:21:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 5/15/2015 - 8:25:51 ROVASOA - [] ----D C:\Program Files (x86)\Computers and Structures
O43 - CFD: 5/4/2015 - 1:07:41 ROVASOA - [] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 5/4/2015 - 1:07:40 ROVASOA - [] ----D C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 5/17/2015 - 11:20:01 ROVASOA - [] ----D C:\Program Files (x86)\Conjugaison
O43 - CFD: 5/4/2015 - 11:44:47 ROVASOA - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 6/12/2015 - 8:21:00 ROVASOA - [] ----D C:\Program Files (x86)\DATA BECKER
O43 - CFD: 5/4/2015 - 12:59:00 ROVASOA - [] ----D C:\Program Files (x86)\Dictionary
O43 - CFD: 5/4/2015 - 11:12:41 ROVASOA - [] ----D C:\Program Files (x86)\directx
O43 - CFD: 5/1/2015 - 12:54:07 ROVASOA - [] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 5/4/2015 - 10:16:37 ROVASOA - [] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 6/4/2015 - 5:34:21 ROVASOA - [] ----D C:\Program Files (x86)\Eltima Software
O43 - CFD: 5/22/2015 - 11:08:14 ROVASOA - [] ----D C:\Program Files (x86)\EZDownloader
O43 - CFD: 5/4/2015 - 1:02:10 ROVASOA - [] ----D C:\Program Files (x86)\Ezer IT Consulting
O43 - CFD: 6/4/2015 - 5:38:28 ROVASOA - [] ----D C:\Program Files (x86)\FLV-Media-Player
O43 - CFD: 5/14/2015 - 3:21:45 ROVASOA - [0] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 5/4/2015 - 1:03:38 ROVASOA - [] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 5/2/2015 - 8:47:52 ROVASOA - [] ----D C:\Program Files (x86)\Geomedia SA
O43 - CFD: 5/4/2015 - 1:10:32 ROVASOA - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 4/20/2015 - 10:47:56 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto III
O43 - CFD: 4/20/2015 - 10:50:31 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto San Andreas
O43 - CFD: 4/20/2015 - 5:38:39 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto Vice City
O43 - CFD: 5/4/2015 - 1:10:11 ROVASOA - [] ----D C:\Program Files (x86)\GRETECH
O43 - CFD: 5/4/2015 - 10:09:01 ROVASOA - [] ----D C:\Program Files (x86)\Guitar Pro 5
O43 - CFD: 5/4/2015 - 12:15:58 ROVASOA - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 6/12/2015 - 8:21:00 ROVASOA - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 4/19/2015 - 9:33:40 ROVASOA - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 5/30/2015 - 12:54:11 ROVASOA - [] ----D C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 4/19/2015 - 2:27:19 ROVASOA - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 5/4/2015 - 11:12:42 ROVASOA - [] ----D C:\Program Files (x86)\Larousse
O43 - CFD: 5/1/2015 - 1:27:29 ROVASOA - [] ----D C:\Program Files (x86)\Lavasoft
O43 - CFD: 6/12/2015 - 8:18:15 ROVASOA - [] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 4/26/2015 - 10:03:57 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 5/9/2015 - 9:13:09 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 6/7/2015 - 12:46:32 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 5/9/2015 - 8:34:59 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Visual Studio .NET 2003
O43 - CFD: 4/26/2015 - 10:04:54 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 4/26/2015 - 10:06:06 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 5/22/2015 - 12:18:35 ROVASOA - [] ----D C:\Program Files (x86)\mingw-w64
O43 - CFD: 5/15/2015 - 1:17:25 ROVASOA - [] ----D C:\Program Files (x86)\MobiConnect
O43 - CFD: 6/5/2015 - 3:46:50 ROVASOA - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 6/5/2015 - 3:46:51 ROVASOA - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 5/1/2015 - 4:59:40 ROVASOA - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 5/4/2015 - 11:12:23 ROVASOA - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 6/1/2015 - 6:18:08 ROVASOA - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 5/14/2015 - 3:38:00 ROVASOA - [] ----D C:\Program Files (x86)\Notepad++
O43 - CFD: 5/4/2015 - 10:18:13 ROVASOA - [] ----D C:\Program Files (x86)\OFFICE ONE6.0
O43 - CFD: 5/4/2015 - 11:10:53 ROVASOA - [] ----D C:\Program Files (x86)\OpenVPN
O43 - CFD: 4/20/2015 - 5:22:16 ROVASOA - [] ----D C:\Program Files (x86)\PowerISO
O43 - CFD: 5/22/2015 - 10:42:11 ROVASOA - [] ----D C:\Program Files (x86)\PriceMiinus =>PUP.PriceMinus
O43 - CFD: 5/22/2015 - 10:49:19 ROVASOA - [] ----D C:\Program Files (x86)\PriceMinus =>PUP.PriceMinus
O43 - CFD: 4/19/2015 - 8:11:09 ROVASOA - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 6/7/2015 - 2:15:19 ROVASOA - [] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 5/15/2015 - 8:08:32 ROVASOA - [] ----D C:\Program Files (x86)\QuickTime Alternative
O43 - CFD: 6/5/2015 - 5:43:37 ROVASOA - [] ----D C:\Program Files (x86)\RCP
O43 - CFD: 5/1/2015 - 4:59:40 ROVASOA - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 5/15/2015 - 8:37:06 ROVASOA - [] ----D C:\Program Files (x86)\Robot Office
O43 - CFD: 5/3/2015 - 12:26:59 ROVASOA - [] ----D C:\Program Files (x86)\SketchUp
O43 - CFD: 5/29/2015 - 5:39:37 ROVASOA - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 5/20/2015 - 2:16:57 ROVASOA - [] ----D C:\Program Files (x86)\Smadav
O43 - CFD: 5/4/2015 - 1:07:41 ROVASOA - [] ----D C:\Program Files (x86)\Softonic_France_FF =>Toolbar.Conduit
O43 - CFD: 6/7/2015 - 12:45:02 ROVASOA - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 6/7/2015 - 12:43:58 ROVASOA - [] ----D C:\Program Files (x86)\Sony Setup
O43 - CFD: 5/4/2015 - 10:16:03 ROVASOA - [] ----D C:\Program Files (x86)\SuperCopier2
O43 - CFD: 5/4/2015 - 12:34:27 ROVASOA - [] ----D C:\Program Files (x86)\Total Video Converter
O43 - CFD: 4/20/2015 - 4:30:48 ROVASOA - [] ----D C:\Program Files (x86)\UltraISO
O43 - CFD: 6/7/2015 - 12:46:46 ROVASOA - [] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 4/20/2015 - 8:03:35 ROVASOA - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 6/7/2015 - 12:45:16 ROVASOA - [] ----D C:\Program Files (x86)\Vstplugins
O43 - CFD: 5/6/2015 - 11:15:36 ROVASOA - [] ----D C:\Program Files (x86)\Webshots
O43 - CFD: 5/29/2015 - 3:58:56 ROVASOA - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 6/5/2015 - 6:17:42 ROVASOA - [] ----D C:\Program Files (x86)\WinPcap
O43 - CFD: 5/4/2015 - 12:50:30 ROVASOA - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 6/17/2015 - 6:21:16 ROVASOA - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 6/7/2015 - 2:27:04 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 4/19/2015 - 2:46:53 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 4/19/2015 - 8:10:30 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 5/15/2015 - 8:55:30 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Autodesk Shared
O43 - CFD: 6/12/2015 - 8:21:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 6/7/2015 - 2:25:53 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Control Panels
O43 - CFD: 5/9/2015 - 8:34:51 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Crystal Decisions
O43 - CFD: 5/9/2015 - 9:13:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Designer
O43 - CFD: 5/1/2015 - 12:54:03 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 4/20/2015 - 4:30:48 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\EZB Systems
O43 - CFD: 5/4/2015 - 1:10:13 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Gretech Corporation
O43 - CFD: 5/4/2015 - 11:32:14 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 4/19/2015 - 9:32:29 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 4/19/2015 - 2:27:35 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 6/7/2015 - 1:59:56 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 5/22/2015 - 10:54:07 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 6/1/2015 - 6:18:40 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 4/19/2015 - 8:20:24 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 5/15/2015 - 8:37:04 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\RoboBAT
O43 - CFD: 8/22/2013 - 5:36:33 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 5/27/2015 - 5:59:59 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 5/29/2015 - 3:56:52 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 5/4/2015 - 12:39:14 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Ulead Systems
O43 - CFD: 5/22/2015 - 10:54:52 ROVASOA - [] ----D C:\ProgramData\747021844698302485
O43 - CFD: 6/7/2015 - 2:31:01 ROVASOA - [] ----D C:\ProgramData\Adobe
O43 - CFD: 6/7/2015 - 2:24:47 ROVASOA - [0] ----D C:\ProgramData\ALM
O43 - CFD: 4/19/2015 - 2:46:44 ROVASOA - [] ----D C:\ProgramData\Apple
O43 - CFD: 5/15/2015 - 8:07:56 ROVASOA - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 5/4/2015 - 2:33:14 ROVASOA - [] ----D C:\ProgramData\Atheros
O43 - CFD: 5/15/2015 - 9:02:21 ROVASOA - [] ----D C:\ProgramData\Autodesk
O43 - CFD: 4/19/2015 - 9:52:34 ROVASOA - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 4/19/2015 - 2:49:13 ROVASOA - [] ----D C:\ProgramData\CodeMeter
O43 - CFD: 5/4/2015 - 5:29:30 ROVASOA - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 5/15/2015 - 1:17:59 ROVASOA - [] ----D C:\ProgramData\DatacardService
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 5/2/2015 - 10:59:48 ROVASOA - [] ----D C:\ProgramData\FARO
O43 - CFD: 6/7/2015 - 2:31:08 ROVASOA - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 5/4/2015 - 1:10:12 ROVASOA - [] ----D C:\ProgramData\GRETECH
O43 - CFD: 5/30/2015 - 10:43:14 ROVASOA - [0] ----D C:\ProgramData\IDM
O43 - CFD: 6/7/2015 - 7:46:22 ROVASOA - [] ----D C:\ProgramData\Informer Technologies, Inc
O43 - CFD: 4/19/2015 - 8:20:51 ROVASOA - [] ----D C:\ProgramData\Intel
O43 - CFD: 5/23/2015 - 1:08:00 ROVASOA - [] ----D C:\ProgramData\KeyLemon
O43 - CFD: 5/1/2015 - 1:09:57 ROVASOA - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 5/29/2015 - 3:56:38 ROVASOA - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 6/12/2015 - 2:49:25 ROVASOA - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 5/15/2015 - 1:17:30 ROVASOA - [] ----D C:\ProgramData\MobiConnect
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 4/19/2015 - 9:57:06 ROVASOA - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 6/1/2015 - 6:18:09 ROVASOA - [] ----D C:\ProgramData\Nero
O43 - CFD: 5/23/2015 - 1:04:36 ROVASOA - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 4/19/2015 - 8:09:01 ROVASOA - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 5/29/2015 - 3:56:52 ROVASOA - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 5/3/2015 - 1:57:01 ROVASOA - [] ---AD C:\ProgramData\Reprise
O43 - CFD: 5/4/2015 - 11:42:32 ROVASOA - [] ----D C:\ProgramData\Sage
O43 - CFD: 5/3/2015 - 1:56:04 ROVASOA - [] ----D C:\ProgramData\SketchUp
O43 - CFD: 5/29/2015 - 5:39:30 ROVASOA - [] ----D C:\ProgramData\Skype
O43 - CFD: 6/7/2015 - 12:46:12 ROVASOA - [] ----D C:\ProgramData\Sony
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 4/19/2015 - 2:27:35 ROVASOA - [] ----D C:\ProgramData\Sun
O43 - CFD: 4/19/2015 - 1:48:16 ROVASOA - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 6/11/2015 - 4:58:13 ROVASOA - [] ----D C:\ProgramData\Systweak
O43 - CFD: 5/4/2015 - 12:13:08 ROVASOA - [] ----D C:\ProgramData\Temp
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 5/23/2015 - 10:40:23 ROVASOA - [] ----D C:\ProgramData\{33332bbf-4e55-43af-3333-32bbf4e5aefd}
O43 - CFD: 5/18/2015 - 9:41:50 ROVASOA - [] ----D C:\ProgramData\{8a70c610-3289-06d1-8a70-0c6103281840}
O43 - CFD: 4/21/2015 - 11:30:29 ROVASOA - [0] ----D C:\ProgramData\{e5855398-3f77-d732-e585-553983f74e60}
O43 - CFD: 4/19/2015 - 8:09:50 ROVASOA - [] ----D C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
O43 - CFD: 5/4/2015 - 11:56:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 5/29/2015 - 3:58:57 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 5/29/2015 - 3:58:52 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 6/7/2015 - 2:26:54 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3
O43 - CFD: 6/11/2015 - 4:58:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 5/3/2015 - 12:11:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Architecture 2014 - Français (French)
O43 - CFD: 5/15/2015 - 9:01:23 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
O43 - CFD: 5/2/2015 - 10:59:45 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
O43 - CFD: 5/15/2015 - 9:02:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Robot Structural Analysis Professional 2014
O43 - CFD: 5/30/2015 - 10:31:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 5/4/2015 - 8:59:12 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BibleWorks 6
O43 - CFD: 5/4/2015 - 8:55:18 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bibliquest
O43 - CFD: 5/14/2015 - 3:39:30 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
O43 - CFD: 6/5/2015 - 6:17:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
O43 - CFD: 6/5/2015 - 6:47:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
O43 - CFD: 6/5/2015 - 5:43:58 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capturino 2.5
O43 - CFD: 5/22/2015 - 1:58:58 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 4/19/2015 - 2:49:24 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
O43 - CFD: 5/4/2015 - 11:44:56 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 5/15/2015 - 8:26:01 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computers and Structures
O43 - CFD: 6/12/2015 - 8:21:37 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
O43 - CFD: 5/4/2015 - 12:59:05 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictionary
O43 - CFD: 5/4/2015 - 1:00:31 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dream Aquarium
O43 - CFD: 5/1/2015 - 12:54:05 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
O43 - CFD: 5/4/2015 - 10:16:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 6/4/2015 - 5:34:21 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eltima Software
O43 - CFD: 5/3/2015 - 1:21:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etude de la Bible
O43 - CFD: 5/22/2015 - 11:08:14 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
O43 - CFD: 5/4/2015 - 1:02:11 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EzerKb
O43 - CFD: 6/7/2015 - 10:50:31 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
O43 - CFD: 5/4/2015 - 1:10:15 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
O43 - CFD: 4/19/2015 - 2:29:11 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
O43 - CFD: 5/4/2015 - 10:09:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
O43 - CFD: 5/4/2015 - 12:14:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 5/4/2015 - 1:15:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 5/4/2015 - 1:15:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 5/23/2015 - 1:05:49 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyLemon
O43 - CFD: 4/19/2015 - 8:00:56 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 5/4/2015 - 11:12:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larousse
O43 - CFD: 5/1/2015 - 1:27:30 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 8/22/2013 - 5:36:33 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 6/12/2015 - 8:18:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 4/26/2015 - 10:07:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 5/15/2015 - 1:17:24 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MobiConnect
O43 - CFD: 5/29/2015 - 3:42:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
O43 - CFD: 6/1/2015 - 6:19:52 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
O43 - CFD: 5/14/2015 - 3:37:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 5/4/2015 - 10:18:13 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OFFICE One 6.0
O43 - CFD: 5/4/2015 - 11:10:52 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
O43 - CFD: 4/20/2015 - 5:22:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 5/15/2015 - 8:07:57 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
O43 - CFD: 6/7/2015 - 10:28:26 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
O43 - CFD: 6/5/2015 - 6:07:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 5/15/2015 - 8:37:42 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Office
O43 - CFD: 4/26/2015 - 10:07:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 5/3/2015 - 12:27:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2013
O43 - CFD: 5/3/2015 - 1:56:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
O43 - CFD: 5/27/2015 - 6:00:02 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 6/7/2015 - 7:46:01 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
O43 - CFD: 6/7/2015 - 12:45:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 6/7/2015 - 2:14:32 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 8/23/2013 - 12:26:22 ROVASOA - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 5/4/2015 - 11:04:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
O43 - CFD: 5/4/2015 - 12:34:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
O43 - CFD: 4/20/2015 - 4:30:49 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 4/20/2015 - 8:03:57 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 6/5/2015 - 6:17:42 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 5/2/2015 - 11:17:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 6/17/2015 - 6:21:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 6/8/2015 - 12:27:49 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Adobe
O43 - CFD: 4/19/2015 - 2:50:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Apple Computer
O43 - CFD: 4/19/2015 - 8:14:21 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Atheros
O43 - CFD: 6/13/2015 - 4:08:36 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Audacity
O43 - CFD: 5/15/2015 - 9:41:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Autodesk
O43 - CFD: 4/19/2015 - 9:55:02 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\AVAST Software
O43 - CFD: 6/7/2015 - 12:43:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Capturino
O43 - CFD: 6/10/2015 - 6:17:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\codeblocks
O43 - CFD: 5/4/2015 - 5:28:03 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\CyberLink
O43 - CFD: 5/14/2015 - 6:37:46 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Dev-Cpp
O43 - CFD: 5/30/2015 - 10:42:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\DMCache
O43 - CFD: 5/1/2015 - 5:02:40 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\DVDVideoSoft
O43 - CFD: 6/4/2015 - 5:57:25 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Eltima Software
O43 - CFD: 4/19/2015 - 3:09:27 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft
O43 - CFD: 5/4/2015 - 1:10:18 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\GRETECH
O43 - CFD: 5/29/2015 - 8:29:23 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Identities
O43 - CFD: 5/30/2015 - 10:42:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\IDM
O43 - CFD: 4/19/2015 - 2:27:44 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Install.GS
O43 - CFD: 5/1/2015 - 1:09:57 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Lavasoft
O43 - CFD: 4/30/2015 - 9:29:06 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Macromedia
O43 - CFD: 6/11/2015 - 4:58:33 ROVASOA - [] -S--D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft
O43 - CFD: 5/10/2015 - 7:01:31 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla
O43 - CFD: 5/14/2015 - 6:17:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Notepad++
O43 - CFD: 5/1/2015 - 12:53:46 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 4/19/2015 - 8:58:53 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\PowerISO
O43 - CFD: 5/3/2015 - 3:48:43 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\SketchUp
O43 - CFD: 6/10/2015 - 1:02:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Skype
O43 - CFD: 5/20/2015 - 12:53:54 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Smadav
O43 - CFD: 6/17/2015 - 6:22:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Software Informer
O43 - CFD: 6/7/2015 - 12:46:16 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Sony
O43 - CFD: 4/19/2015 - 1:48:16 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Synaptics
O43 - CFD: 6/11/2015 - 4:58:19 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak
O43 - CFD: 6/17/2015 - 12:27:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\vlc
O43 - CFD: 4/19/2015 - 8:27:33 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\WinRAR
O43 - CFD: 6/17/2015 - 6:23:27 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 6/7/2015 - 2:38:30 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Adobe
O43 - CFD: 4/19/2015 - 2:46:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Apple
O43 - CFD: 4/19/2015 - 7:58:03 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Application Data
O43 - CFD: 5/2/2015 - 8:44:52 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\ApplicationHistory
O43 - CFD: 5/9/2015 - 9:12:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Autodesk
O43 - CFD: 5/4/2015 - 2:35:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\BMExplorer
O43 - CFD: 6/1/2015 - 11:06:51 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\cache
O43 - CFD: 6/12/2015 - 6:13:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\CrashDumps
O43 - CFD: 5/4/2015 - 5:28:02 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\CyberLink
O43 - CFD: 6/8/2015 - 10:31:44 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Diagnostics
O43 - CFD: 5/5/2015 - 11:58:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Dictionnaire Freelang
O43 - CFD: 6/9/2015 - 8:38:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\ElevatedDiagnostics
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieBrowserModeList
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieSiteList
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieUserList
O43 - CFD: 4/19/2015 - 9:53:22 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Google
O43 - CFD: 4/19/2015 - 3:09:31 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Graphisoft
O43 - CFD: 5/4/2015 - 12:14:01 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Hewlett-Packard
O43 - CFD: 4/19/2015 - 7:58:04 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Historique
O43 - CFD: 6/17/2015 - 5:36:32 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\KeyLemon
O43 - CFD: 5/1/2015 - 6:19:40 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Lavasoft
O43 - CFD: 6/3/2015 - 11:48:42 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft
O43 - CFD: 6/2/2015 - 1:26:59 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft Help
O43 - CFD: 4/30/2015 - 11:31:38 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Mozilla
O43 - CFD: 6/17/2015 - 3:32:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Packages
O43 - CFD: 4/19/2015 - 8:00:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Programs
O43 - CFD: 4/19/2015 - 10:01:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Skype
O43 - CFD: 6/17/2015 - 6:21:19 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Temp
O43 - CFD: 4/19/2015 - 7:58:04 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Temporary Internet Files
O43 - CFD: 5/15/2015 - 1:18:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\VirtualStore
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 5/29/2015 - 8:29:26 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 5/4/2015 - 8:55:18 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bibliquest
O43 - CFD: 6/5/2015 - 6:17:27 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
O43 - CFD: 5/22/2015 - 1:59:33 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 6/4/2015 - 5:38:29 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV-Media-Player
O43 - CFD: 5/4/2015 - 1:03:52 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 5/9/2015 - 8:36:21 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Géomédia SA
O43 - CFD: 5/30/2015 - 11:04:49 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 5/22/2015 - 12:20:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinGW-W64 project
O43 - CFD: 5/14/2015 - 3:37:58 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 5/29/2015 - 8:29:26 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 5/4/2015 - 10:16:04 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 5/2/2015 - 11:17:20 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 324 Scanned in VAmn OAs
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.B0D20C02416CE3A801DBAB972EBE7262] - 6/11/2015 - 3:58:07 ROVASOA ---A- . (...) -- C:\Windows\System32\sasnative64.exe [23336]
O44 - LFC:[MD5.6CCC851608DD076C13E37737BB75A9DC] - 6/12/2015 - 1:27:30 ROVASOA ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4177920]
O44 - LFC:[MD5.5AFA18049BFA8D18EF3F26C0D3F4B446] - 6/12/2015 - 6:58:20 ROVASOA ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [2521016]
O44 - LFC:[MD5.CBC5CAE774672F2C649D9429B46439CF] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.L'Aventure MultiMedia - Dll de Reconnaissance Automatique de Caract.) -- C:\Windows\RACHook38.dll [208992]
O44 - LFC:[MD5.A673792D3A5EBC194D888638FD5B0E78] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.L'Aventure Multimedia - Dictionnaires MediaDICO.) -- C:\Windows\MediaDico38Dll.dll [2507776]
O44 - LFC:[MD5.2FE13D6F0FCB01F3FC35A467A5C9FD3A] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.Structu Rise - Textract.) -- C:\Windows\MediaR38.dll [199680]
O44 - LFC:[MD5.959A8293A06A680489CF1CE595D15E5A] - 6/12/2015 - 7:15:53 ROVASOA ---A- . (...) -- C:\Windows\MediaR38.ini [1982]
O44 - LFC:[MD5.E4DF1016021719D26BCB0E2D45D03770] - 6/12/2015 - 7:21:37 ROVASOA ---A- . (...) -- C:\Windows\ASYM.ini [167]
O44 - LFC:[MD5.BB4FEE31C8D03423E0D01C84BE3DB61C] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1909582]
O44 - LFC:[MD5.04F1ADAEFC65085A7581CC28319F18E4] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfc009.dat [147500]
O44 - LFC:[MD5.608FD35474DBA1C6C9343641B8CDB983] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfc00C.dat [174542]
O44 - LFC:[MD5.C8B045ABE6669E3706ACC08AB10BB57E] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfh009.dat [759520]
O44 - LFC:[MD5.9C7B3DDC192BF5D180EB71A606926133] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfh00C.dat [842972]
O44 - LFC:[MD5.26CA47EFA7F705E79F0A78C621A14FBB] - 6/17/2015 - 4:35:50 ROVASOA ---A- . (...) -- C:\Windows\setupact.log [52861]
O44 - LFC:[MD5.0E60DAD200CBE12BE4D1C5E330575050] - 6/17/2015 - 4:37:13 ROVASOA ---A- . (...) -- C:\Windows\AutoKMS.log [34619] =>Hacktool.AutoKMS
O44 - LFC:[MD5.2479D4090184CA39E7CF1160FBCFA17B] - 6/17/2015 - 4:37:45 ROVASOA -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.3A7D03E53A682D328F946489F3A4610B] - 6/17/2015 - 5:19:59 ROVASOA ---A- . (...) -- C:\Windows\WindowsUpdate.log [1409389]
O44 - LFC:[MD5.D1CEC2E76611EE3DED4F875AD379FA02] - 6/5/2015 - 4:43:38 ROVASOA ---A- . (.No owner - Registry Optimizer.) -- C:\Windows\System32\roboot64.exe [20248]
O44 - LFC:[MD5.515E4684008E955DE0C81E6A7AEA1C2A] - 6/7/2015 - 11:46:43 ROVASOA ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\Windows\IsUninst.exe [306688]
O44 - LFC:[MD5.AEC0828B9A0772831523809BD2EC8FCA] - 6/7/2015 - 11:46:46 ROVASOA ---A- . (...) -- C:\Windows\dasetup.log [19626]
O44 - LFC:[MD5.974636BF28DDA64D787D3F2FAB4853F7] - 6/7/2015 - 11:46:48 ROVASOA ---A- . (...) -- C:\Windows\dahotfix.log [917]
O44 - LFC:[MD5.3292291CF418979F8B731205EFD15F48] - 6/7/2015 - 1:28:37 ROVASOA ---A- . (...) -- C:\Windows\PFRO.log [25850]
O44 - LFC:[MD5.54936A3C9CE94696CF70729B0781FF6A] - 6/7/2015 - 9:27:50 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Driver.) -- C:\Windows\System32\vncmirror.dll [26112]
O44 - LFC:[MD5.93F279A2C172562050700A18FA84BE2E] - 6/7/2015 - 9:27:50 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\Windows\System32\Drivers\vncmirror.sys [4608]
O44 - LFC:[MD5.6218B6D086B487E30A0374479E03A2FB] - 6/7/2015 - 9:28:23 ROVASOA ---A- . (.No owner - Port Monitor DLL.) -- C:\Windows\System32\VNCpm.dll [31232]
~ Files: 25 Scanned in VAmn OAs
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in VAmn OAs
---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [Enabled] .(.WIBU-SYSTEMS AG.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O47 - AAKE:Key Export DP - "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [Enabled] .(.WIBU-SYSTEMS AG.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
~ Keys Export: 2 Scanned in VAmn OAs
---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in VAmn OAs
---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in VAmn OAs
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{6ac8ec0f-fe54-11e4-82a7-a01d48bd0024}\AutoRun\command. (...) -- H:\INSTALL_ADB_RNDIS.exe (.not file.)
O51 - MPSK:{f51adc9f-fa39-11e4-829f-a01d48bd0024}\AutoRun\command. (...) -- J:\AutoRun.exe (.not file.)
O51 - MPSK:{f51adcf4-fa39-11e4-829f-a01d48bd0024}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
~ Keys: Scanned in VAmn OAs
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
~ TDSD: 4 Scanned in VAmn OAs
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in VAmn OAs
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 18 Scanned in VAmn OAs
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 4 Scanned in VAmn OAs
---\\ System Drivers List (SDL) (O58)
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:8/22/2013 - 1:43:40 ROVASOA ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] =>.ALWIL Software
O58 - SDL:5/30/2015 - 9:30:41 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O58 - SDL:5/30/2015 - 9:30:38 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] =>.ALWIL Software
O58 - SDL:5/30/2015 - 9:30:41 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O58 - SDL:5/30/2015 - 9:30:55 ROVASOA ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] =>.ALWIL Software
O58 - SDL:6/18/2013 - 3:45:02 ROVASOA ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3680256]
O58 - SDL:10/17/2014 - 6:03:00 ROVASOA ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys [4226560]
O58 - SDL:8/13/2013 - 12:25:46 ROVASOA ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:2/25/2014 - 8:53:02 ROVASOA ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [35016]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:12/17/2009 - 11:25:17 ROVASOA ---A- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\Drivers\ElbyCDIO.sys [34472]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:11/14/2013 - 10:39:03 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ewusbmdm.sys [226048]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ewusbwwan.sys [455680]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcacm Driver.) -- C:\Windows\System32\Drivers\ew_cdcacm.sys [121728]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\Drivers\ew_hwupgrade.sys [22016]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\Drivers\ew_jubusenum.sys [91648]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\Drivers\ew_jucdcacm.sys [110592]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_jucdcecm.sys [77312]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\Drivers\ew_juextctrl.sys [30720]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_juwwanecm.sys [246272]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\Drivers\ew_usbenumfilter.sys [14976]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcndis Driver.) -- C:\Windows\System32\Drivers\ew_wwanecm.sys [375040]
O58 - SDL:5/15/2014 - 2:18:36 ROVASOA ---A- . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\HpqKbFiltr64.sys [28376]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:7/30/2013 - 7:47:35 ROVASOA ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:7/25/2013 - 8:05:39 ROVASOA ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:4/24/2014 - 3:34:12 ROVASOA ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [633704]
O58 - SDL:8/10/2013 - 1:39:30 ROVASOA ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:10/30/2014 - 1:23:36 ROVASOA ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3775416]
O58 - SDL:9/26/2014 - 3:26:12 ROVASOA ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [454416]
O58 - SDL:8/1/2014 - 9:18:33 ROVASOA ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296]
O58 - SDL:11/4/2014 - 9:47:38 ROVASOA ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27000]
O58 - SDL:8/22/2013 - 1:43:44 ROVASOA ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:8/22/2013 - 1:43:44 ROVASOA ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:8/22/2013 - 1:43:49 ROVASOA ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:3/1/2013 - 2:49:12 ROVASOA ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:8/22/2013 - 1:43:31 ROVASOA ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:8/26/2014 - 12:31:52 ROVASOA ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [874712]
O58 - SDL:12/3/2014 - 11:41:54 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [4290520]
O58 - SDL:8/19/2014 - 12:33:40 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsP2Stor.sys [294104]
O58 - SDL:5/28/2014 - 5:02:30 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek UVC Driver for XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\rtsuvc.sys [9112792]
O58 - SDL:2/3/2014 - 7:45:22 ROVASOA ---A- . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [129944]
O58 - SDL:8/22/2013 - 4:35:09 ROVASOA ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:8/22/2013 - 1:43:31 ROVASOA ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:10/30/2014 - 2:19:58 ROVASOA ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [33008]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:9/5/2014 - 1:39:38 ROVASOA ---A- . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [576752]
O58 - SDL:4/8/2014 - 2:33:44 ROVASOA ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0).) -- C:\Windows\System32\Drivers\tap0901.sys [27136]
O58 - SDL:3/26/2012 - 10:45:14 ROVASOA ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [37888]
O58 - SDL:10/10/2014 - 9:37:16 ROVASOA ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [129312]
O58 - SDL:8/9/2009 - 10:25:45 ROVASOA ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\Drivers\VClone.sys [36352]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:6/14/2010 - 10:17:04 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\Windows\System32\Drivers\vncmirror.sys [4608]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
O58 - SDL:8/6/2013 - 1:33:28 ROVASOA ---A- . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [20800]
~ Drivers: 78 Scanned in VAmn OAs
---\\ Last modified or created user files (O61)
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160] =>.Microsoft Corporation
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248] =>.Microsoft Corporation
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\b2ac7be6485b0e6e8c3e905a399a6a55\Platform.ni.dll [6372864] =>.Microsoft Corporation
O61 - LFC: 6/11/2015 - 6:28:23 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin [80]
O61 - LFC: 6/11/2015 - 6:28:26 ROVASOA ---A- . (.DownloadHelper.) -- C:\Users\Rovasoa Niriniaina\Downloads\ConvertHelper3Setup.exe [19189487]
O61 - LFC: 6/12/2015 - 6:27:24 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\12726CosmosChong.AdvancedEnglishDictionary_amge560j0aq9g\LocalState\recent.bin [125]
O61 - LFC: 6/12/2015 - 6:27:24 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\12726CosmosChong.AdvancedEnglishDictionary_amge560j0aq9g\LocalState\recentDB.bin [756]
O61 - LFC: 6/12/2015 - 6:28:04 ROVASOA ---A- . (.InstallShield Corp..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\_ISTMP3.DIR\ZDataI50.dll [45056]
O61 - LFC: 6/12/2015 - 6:28:24 ROVASOA ---A- . (.Adobe Systems Inc.) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\mteietq8.default\gmp-eme-adobe\11\eme-adobe.dll [5916912]
O61 - LFC: 6/14/2015 - 6:28:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak\regclean pro\Version 6.1\backup0.bin [761] =>Rogue.RegistryPowerCleaner
O61 - LFC: 6/16/2015 - 6:26:00 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft\Windows\INetCache\IE\9ATFE9H1\urlblockindex[1].bin [16]
O61 - LFC: 6/16/2015 - 6:27:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\23500ANUSUMALIKAAKEPOGU.LIVINGWORD_heaf1c2gb9pg6\AC\Microsoft\CLR_v4.0_32\NativeImages\App58\876ac62101ff20777da5a44360f5fbc1\App58.ni.exe [198144]
O61 - LFC: 6/16/2015 - 6:27:27 ROVASOA ---A- . (.MarkedUp Inc.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\58358KittenInteractive.47391C753B11E_c1e5xmghw0yqc\AC\Microsoft\CLR_v4.0\NativeImages\MarkedUp\a4ba1f8be6f6e874474b86d418643a65\MarkedUp.ni.dll [1715200]
O61 - LFC: 6/16/2015 - 6:27:27 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\58358KittenInteractive.47391C753B11E_c1e5xmghw0yqc\AC\Microsoft\CLR_v4.0\NativeImages\MicrosoftAdvertising\3054dc56d444c6c0819580d49c5f4417\MicrosoftAdvertising.ni.dll [825344]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\CloudTTS\bf487a385b7289635e4f7e838c4d8700\CloudTTS.ni.dll [87040]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\FCPCommon\66407039b1c33a29514c1512c11521cd\FCPCommon.ni.dll [1814016]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\FlashcardsPro\963c2fbbb9a5a11127dee3aca6c4c81c\FlashcardsPro.ni.exe [1397760]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.24e0b7c1#\36486eeb7bad3aea88472908f6a601f4\Syncfusion.SfColorPickers.WinRT.ni.dll [319488]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.AdDuplex.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.Controls\4174803412489daaffaf80744e02ebf4\AdDuplex.Controls.ni.dll [284160]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.AdDuplex.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.WinRT\e27aa368f964520f429c1911d25052a2\AdDuplex.WinRT.ni.dll [513024]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.Aa7f4f37f#\ab0cbe0620a47fa745bd7b44d85f4494\Microsoft.Advertising.WinRT.UI.ni.dll [700928]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\MicrosoftAdvertising\3054dc56d444c6c0819580d49c5f4417\MicrosoftAdvertising.ni.dll [825344]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.022a76c6#\b1087c55d74880429d4faa3afa0f6bd4\Syncfusion.SfMaps.WinRT.ni.dll [1482752]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Syncfusion.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.08f550cc#\af5fc79428f4c36bf648750f20d9476d\Syncfusion.Data.WinRT.ni.dll [1293824]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Tim Heuer.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Callisto\3bb0991ed1c24380b8f1240f5a0e8e6f\Callisto.ni.dll [732672]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.2896fa44#\b35e85398b5f2d82a7c728667bc76080\Syncfusion.SfGridBase.WinRT.ni.dll [2320384]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3154d2bd#\12dd2604e68bb056ea6c5b91e5b25cfb\Syncfusion.SfReportViewer.WinRT.ni.dll [6444544]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3a0c20d0#\e3ea776389843ca1196fdc708d2bbdcb\Syncfusion.SfTileView.WinRT.ni.dll [217600]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.433e62d8#\46fdd3b84684015f920f41b1b7244d23\Syncfusion.SfGauge.WinRT.ni.dll [1295360]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.484bc9b9#\35dd9be233ab152a75d21a7ccb651c7c\Syncfusion.SfAccordion.WinRT.ni.dll [326144]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.6be7ec69#\21dd647b4b63f69b7e57b82ea11e53f6\Syncfusion.SfRadialMenu.WinRT.ni.dll [491520]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.713138e2#\d164da0855dd3d7b6a08e0a28d99cb6e\Syncfusion.SfHubTile.WinRT.ni.dll [400384]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.79af754c#\5181b78a5a9990a127ccc60487954df7\Syncfusion.SfSchedule.WinRT.ni.dll [3888640]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3af09c52#\97a64e54ffaf6330d95d7702e168bcb8\Syncfusion.DocIO.WinRT.ni.dll [11083264]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.684726a3#\58fd957c9c7d305dabd6204b0291f7b9\Syncfusion.SfBulletGraph.WinRT.ni.dll [299520]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.412a82f1#\48a5ca55d1161be6963bfbfcea45e8d8\Syncfusion.SfGrid.WinRT.ni.dll [5453312]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.7f925700#\a203d32b0d292886854758e361e8bae5\Syncfusion.SfShared.WinRT.ni.dll [426496]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.866da959#\1a5773cc269340c179920f2e3d1be1cd\Syncfusion.SfCarousel.WinRT.ni.dll [141824]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.8cabb3f0#\afabee77d05eb3858ed659fc0e2f9dee\Syncfusion.SfTreeNavigator.WinRT.ni.dll [168960]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.9c7d43b5#\5decdfb3e572494ecf000343391ab1c6\Syncfusion.SfBusyIndicator.WinRT.ni.dll [92672]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a0778b85#\69ce7ab95c206969bada6e426465488e\Syncfusion.SfChart.WinRT.ni.dll [6202368]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a1dc96bf#\7b86eb82039a4ee26f5ef017c1981274\Syncfusion.SfInput.WinRT.ni.dll [2163200]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a9526c39#\0edcc3dbd00d47c3af8c1a6b39b42dbd\Syncfusion.SfTabControl.WinRT.ni.dll [354816]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (.Syncfusion Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a97a4f02#\79b1c4d3a833c8060a070b5b5e9a2902\Syncfusion.SfRichTextBoxAdv.WinRT.ni.dll [2443776]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a3bdf953#\9f7d4bbd5841ee880d2c96d9f19dbe9c\Syncfusion.SfTreeMap.WinRT.ni.dll [513536]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.b5a52b69#\62d824e95ee41b2504b426553806ddf7\Syncfusion.GridCommon.WinRT.ni.dll [1732608]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.c13daabc#\0fb042ff0d2b38d65255019fcf92348e\Syncfusion.SfDiagram.WinRT.ni.dll [3539456]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\WinRTFramework\8f3fa23516b00a492a7a5e2fdf21dbc3\WinRTFramework.ni.dll [691712]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\avonmobility.EnglishClub_fecrcyk3kabz6\AC\Microsoft\CLR_v4.0\NativeImages\AvonMobilitf0397a36#\653cdf0d555b34764ee8fe29cb1eba6d\AvonMobility.EnglishClub.ni.exe [3485696]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Filip Skakun.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\WinRTXamlToolkit\686af1f8e2bcc1c8324bb8072b884558\WinRTXamlToolkit.ni.dll [3298816]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Fortumo.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\avonmobility.EnglishClub_fecrcyk3kabz6\AC\Microsoft\CLR_v4.0\NativeImages\FortumoWindows\50161802c7097da008d8549b99da611f\FortumoWindows.ni.dll [823296]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Syncfuson Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.c9d69095#\23eb7e56fa93010a22e3d5bf56327809\Syncfusion.SfBarcode.WinRT.ni.dll [551424]
O61 - LFC: 6/16/2015 - 6:28:12 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Adobe\Acrobat\8.0\UserCache.bin [128220]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\IFC Preferences\IFC Options Data.bin [394]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\Palettes\Palette.bin [6458]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\Tools\Tools.bin [35864]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\User Preferences\User Preferences.bin [522]
O61 - LFC: 6/17/2015 - 6:27:52 ROVASOA ---A- . (.Installer prog.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\ICReinstall_sony-vegas-pro_13-build-290_fr_124204.exe [721056]
O61 - LFC: 6/17/2015 - 6:28:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak\regclean pro\Version 6.1\backup6.bin [750] =>Rogue.RegistryPowerCleaner
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Installer prog.) -- C:\Users\Rovasoa Niriniaina\Downloads\sony-vegas-pro_13-build-290_fr_124204.exe [721056]
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Nicolas Coolman.) -- C:\Users\Rovasoa Niriniaina\Downloads\ZHPDiag2-2015.6.16.57.exe [6883618] =>.Nicolas Coolman
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Sony Creative Software Inc..) -- C:\Users\Rovasoa Niriniaina\Downloads\sony-vegas-pro_13-build-290_fr_124204 [1].exe [395026776]
~ 3330 Fichiers temporaires (Temporary files)
~ Files: 62 Scanned in VAmn OAs
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in VAmn OAs
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.scr>[HKCU\..\open\Command] (.Microsoft Corporation - Bloc-notes.) -- C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
~ FASS Keys: 12 Scanned in VAmn OAs
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in VAmn OAs
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} [DefaultScope] - (Bing (by Mircosoft)) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.searchfix.info
O69 - SBI: SearchScopes [HKCU] {C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!) - http://search.yahoo.com
~ Keys: Scanned in VAmn OAs
---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\Rovasoa Niriniaina\Downloads\FRAPS 3.5.99 Cracked Version is Here !.exe =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\Fraps 3.5.99 Full Cracked 2013[A4] [www.OMGTORRENT.com].torrent =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\FRAPS 3.5.99 Cracked Version is Here !.exe =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\Fraps 3.5.99 Full Cracked 2013[A4] [www.OMGTORRENT.com].torrent =>.Crack,Keygen
D:\lOGICIEL\ACROBAT\Adobe CS3\BS\keygen_master.exe =>.Crack,Keygen
D:\lOGICIEL\Antivirus\Avast! Internet Security v8.0.1489.300 with licence keys valid till 2015 [TorDigger]\Avast5\Keygen free edition\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Robot Structural 2014\Autodesk 2014 KEYGEN\xf-adsk64\adesk_patcher64.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\LayOut.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\SketchUp.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\Style Builder.exe =>.Crack,Keygen
D:\lOGICIEL\crack_seven\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\Nero 8\Keygen\nero8x.exe =>.Crack,Keygen
D:\lOGICIEL\PC FASTER\crack_seven\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\RealVNC Enterprise v4.5.4\VNC Enterprise Edition 4.5.4\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\UltraISO_Premium_Edition_v9.3.5.2716\Keygen\keygen.exe =>.Crack,Keygen
D:\lOGICIEL\W7_crack\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Win 8 key\Windows Loader\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Win 8 key\Windows Loader\Windows Loader.rar =>.Crack,Keygen
D:\PowerISO 5.5 (FULL + Keygen)\PowerISO 5.5 (FULL + Keygen).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Beatles (The) - Michelle (classic).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ De Lucia, Paco - Rio Ancho (Rumba).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Howard, Bart - Fly Me To the Moon.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Jobim, Antonio Carlos - Desafinado.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Nirvana - About A Girl.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Rightmire, Richard - Tango Flamenco.zip =>.Crack,Keygen
~ Files: Scanned in VAmn OAs
---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [521728]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3678720]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [640000]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [187904]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filter.) -- C:\Windows\System32\KeyboardFilterSvc.dll [92992]
~ Services: 36 Scanned in VAmn OAs
---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.1BD4F0C1CA041E0C31B6ACEF82B27EFD] [SPRF][5/4/2015] (...) -- C:\Users\Rovasoa Niriniaina\Desktop\ram.bat [20]
[MD5.6AFBDA3B252F6EC1E90DAC1463B25459] [SPRF][2/8/2013] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [117064]
[MD5.F96D6BB77C20C91B2203D6C9D5186045] [SPRF][2/21/2013] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [109368]
~ Files: 3 Scanned in VAmn OAs
---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "ED50FC09F537BA245AA24F74DFBF2E70" . (.LavasoftTcpService.) -- C:\WINDOWS\Installer\{90CF05DE-735F-42AB-A52A-F447FDFBE207}\ARPPRODUCTICON.exe =>Adware.Graftor
~ Update Products: 1 Scanned in VAmn OAs
---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: Autodesk 360 - {A7B36FF9-3BB0-426B-A737-A997B80466D5}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 7 Scanned in VAmn OAs
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector
~ BTK: 45 Scanned in VAmn OAs
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 3/20/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe =>.Adobe Systems Incorporated
SS - | Demand 5/9/2015 77944 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SS - | Demand 10/30/2014 280680 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 5/2/2015 1471352 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 5/4/2015 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 5/4/2015 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 8/27/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 11/14/2013 656976 | (MobiConnect. RunOuc) . (...) - C:\Program Files (x86)\MobiConnect\UpdateDog\ouc.exe
SS - | Demand 6/4/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 9/20/2007 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Demand 10/21/2014 33080 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
SS - | Demand 3/1/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 2/18/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 7/22/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 11/17/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 2/25/2014 319104 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 12/13/2012 12288 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 5/30/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 5/30/2015 107448 | (avast! Firewall) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 2/28/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 4/3/2013 2915704 | (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
SR - | Demand 6/7/2015 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 4/10/2013 351824 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 10/30/2014 318568 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 8/27/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/10/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 4/27/2015 833888 | (LavasoftTcpService) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe =>Adware.Graftor
SR - | Auto 12/10/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 9/20/2007 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 9/4/2014 292568 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 9/5/2014 220912 | (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
SR - | Demand 7/22/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 7/22/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 6/14/2010 2069880 | (WinVNC4) . (.RealVNC Ltd..) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
SR - | Demand 10/29/2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in VAmn OAs
---\\ Search Master Boot Record Infection (MBR)(O80)
Run by Rovasoa Niriniaina at 6/17/2015 6:39:28 ROVASOA
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in VAmn OAs
---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Rovasoa Niriniaina at 6/17/2015 6:39:30 ROVASOA
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in VAmn OAs
---\\ Scan Additionnel (O88)
Database Version : 13008 - (6/16/2015)
Clés trouvées (Keys found) : 27
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 15
[HKLM\SYSTEM\CurrentControlSet\Services\LavasoftTcpService] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1] =>PUP.AdvancedSystemProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90CF05DE-735F-42AB-A52A-F447FDFBE207}] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}] =>PUP.PriceMinus^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1] =>Rogue.RegistryPowerCleaner^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France_FF Toolbar] =>Adware.FFToolBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}] =>PUP.Adblocker^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\Conduit.Engine] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>PUP.Conduit
[HKLM\Software\Wow6432Node\conduitEngine] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Softonic_France_FF] =>PUP.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France_FF Toolbar] =>PUP.Conduit
[HKLM\Software\Classes\Toolbar.CT2207610] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2207610] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
C:\Program Files (x86)\bestadblocker =>PUP.Adblocker^
C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit^
C:\Program Files (x86)\PriceMiinus =>PUP.PriceMinus^
C:\Program Files (x86)\PriceMinus =>PUP.PriceMinus^
C:\Program Files (x86)\Softonic_France_FF =>Toolbar.Conduit^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\Users\Rovasoa Niriniaina\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Program Files (x86)\Conduit =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\Conduit =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\ConduitEngine =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\Softonic_France_FF =>PUP.Conduit
C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^
C:\Program Files (x86)\ASP\AspManager.exe =>PUP.AdvancedSystemProtector^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\Program Files (x86)\RCP\RegCleanPro.exe =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_DEFAULT.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_DEFAULT =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_UPDATES.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_UPDATES =>Rogue.RegistryPowerCleaner^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
C:\Windows\AutoKMS.exe =>Trojan.Keygen
C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\sp-downloader.exe =>Toolbar.Conduit
C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\SPIdentifier.exe =>Toolbar.Conduit
~ Additionnel Scan: 778113 Items scanned in VAmn OAs
---\\ Additional information about modules
~ http://www.nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://www.nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://www.nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://www.nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51)
~ AMI: 4 Scanned in VAmn OAs
---\\ Summary of the detections found on your workstation
http://www.nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://www.nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
http://www.nicolascoolman.fr/adware-adon =>Adware.ADON
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
http://www.nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://www.nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.PriceMinus
http://www.nicolascoolman.fr/blog/ =>Adware.FFToolBar
http://www.nicolascoolman.fr/blog/ =>PUP.Adblocker
http://www.nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Toolbar.Ask&Record
http://www.nicolascoolman.fr/blog/ =>Trojan.Keygen
~ MSI: 15 link(s) detected in VAmn OAs
End of the scan (1748 lines in VAmn OAs)(26.2)
~ Launched by Rovasoa Niriniaina (6/17/2015 6:22:14 ROVASOA)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://www.forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Activate by user
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.5 (Defaut)
---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
---\\ System protection software
Avast Internet Security v10.2.2218
Ad-Aware Web Companion v1.1.980.2014
Windows Defender W8 (Deactivate)
---\\ System optimization software
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 11 ActiveX & Plugin 64-bit
Adobe Flash Player 9 ActiveX
Adobe Reader 9.3 - Français
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3991.4 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 81 GB (40%) free of 201 GB
---\\ Connection to the system mode
~ Computer Name: ROVASOA
~ User Name: Rovasoa Niriniaina
~ All Users Names: Rovasoa Niriniaina, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\
~ %Desktop% : C:\Users\Rovasoa Niriniaina\Desktop\
~ %Favorites% : C:\Users\Rovasoa Niriniaina\Favorites\
~ %LocalAppData% : C:\Users\Rovasoa Niriniaina\AppData\Local\
~ %StartMenu% : C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 81 Go of 201 Go)
D: Hard drive, Flash drive, Thumb drive (Free 28 Go of 265 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 46 Scanned in VAmn OAs
---\\ Search Generic System Files
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.1/28/2015 - 12:47:12 ROVASOA.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.10/29/2014 - 2:25:54 ROVASOA.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.4/21/2015 - 4:27:25 ROVASOA.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.10/29/2014 - 2:22:52 ROVASOA.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.12/21/2013 - 9:54:07 ROVASOA.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.5/30/2014 - 4:03:03 ROVASOA.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.8/22/2013 - 1:43:41 ROVASOA.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.8/22/2013 - 12:40:15 ROVASOA.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.8/22/2013 - 9:46:35 ROVASOA.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.3/6/2014 - 10:22:50 ROVASOA.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/24/2014 - 12:45:39 ROVASOA.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.10/7/2014 - 4:29:50 ROVASOA.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.11/27/2013 - 1:02:29 ROVASOA.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.10/8/2014 - 8:32:10 ROVASOA.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.8/22/2013 - 12:37:02 ROVASOA.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/15/2014 - 9:32:37 ROVASOA.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.8/22/2013 - 12:40:02 ROVASOA.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.8/22/2013 - 12:35:51 ROVASOA.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.8/22/2013 - 11:26:13 ROVASOA.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.8/22/2013 - 2:25:35 ROVASOA.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.6/19/2014 - 3:13:36 ROVASOA.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in VAmn OAs
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/119
~ Mes Videos (My Videos) : 1/86
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/3263
~ Mon Bureau (My Desktop) : 1/703
~ Menu demarrer (Programs) : 1/49
~ Hidden Files: Scanned in VAmn OAs
---\\ Process running
[MD5.6536D8570B2CDEF6BE313CF1CE3C613F] - (.No owner - ASP.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [8465704] [PID.3288] =>PUP.AdvancedSystemProtector
[MD5.C8A0145CA371A09BB46136FD722C8549] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [238160] [PID.3388]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.5756]
[MD5.3F63F9C37038D314356F0CBD59415A11] - (.No owner - Application MFC hyperappel.) -- C:\Program Files (x86)\Larousse\Petit Larousse 2009\bin\Hyperappel.exe [237568] [PID.6512]
[MD5.E2310ECEAA1E0DE0EE8FE32C7BAB3422] - (.L'Aventure Multimedia - Dictionnaire MediaDICO pour Windows.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDico38.exe [281088] [PID.6616]
[MD5.7EE59B279195A49F17D0CEC42AA28CFD] - (.ISSENDIS - No Comment.) -- C:\Program Files (x86)\OFFICE ONE6.0\OFFICE One Clock\ooneclockv65.exe [257536] [PID.6624]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.6688]
[MD5.FB3784D0A806A85952199E0FFCBEE06B] - (.L'Aventure Multimedia - Reconnaissance Automatique de Caractères.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\RAC38.exe [200792] [PID.6784]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.6792]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - No Comment.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.6800]
[MD5.3DDE61DF866B70543A953C77765D8EDC] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [337432] [PID.6812]
[MD5.4D042B1F1375CF371AFBE0E0276BA627] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe [624248] [PID.6976]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.2276]
[MD5.E7B58CE9BD61BF575E2880088F4E5447] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8218112] [PID.7352]
~ Processes Running: Scanned in VAmn OAs
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\6nrlpipk.default\prefs.js
C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\mteietq8.default\prefs.js
M3 - MFPP: Plugins - [Rovasoa Niriniaina] -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\6nrlpipk.default\searchplugins\WebSearch.xml
M0 - MFSP: prefs.js [Rovasoa Niriniaina - mteietq8.default] http://www.google.fr
M2 - MFEP: prefs.js [Rovasoa Niriniaina - 6nrlpipk.default\{b9615918-d3de-44a4-ab65-76df7ea1f1c1}] [] ProfilePassword-Firefox v0.3.19 (..)
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] filtersetg@updater
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] foxmarks@kei.com
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] snaplinks@snaplinks.net
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {77b819fa-95ad-4f2c-ac7c-486b356188a9}
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - 6nrlpipk.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\snaplinks@snaplinks.net] [] Snap Links (EladKarako Mod) v0.0.7.1 (..)
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}] [] Gmail Notifier v0.6.3.8 (..)
M2 - MFEP: prefs.js [Rovasoa Niriniaina - mteietq8.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v4.0.20130422.1-signed (..)
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] filtersetg@updater
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] foxmarks@kei.com
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] snaplinks@snaplinks.net
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {77b819fa-95ad-4f2c-ac7c-486b356188a9}
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9615918-d3de-44a4-ab65-76df7ea1f1c1}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
M2 - MFEP: Extension [Rovasoa Niriniaina - mteietq8.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: 47 Scanned in VAmn OAs
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17728 (winblue_r9.150312-1720)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
~ IE Browser: 17 Scanned in VAmn OAs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in VAmn OAs
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in VAmn OAs
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in VAmn OAs
---\\ Browser Helper Objects (O2)
O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\\Adobe Contribute CS3\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} Orphan key
O2 - BHO: (no name) [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} Orphan key
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Orphan key
O2 - BHO: (no name) [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Orphan key
~ BHO: 16 Scanned in VAmn OAs
---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Advanced System~Protector.lnk . (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: RegClean Pro.lnk . (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe =>Rogue.RegistryPowerCleaner
O4 - GS\Desktop [Rovasoa Niriniaina]: FLV-Media-Player.lnk . (.HYBRIDWEB.de - FLV-Media-Player.) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Installer\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}\DesktopIcon.exe =>Adware.ADON
~ Global Startup: 3 Scanned in VAmn OAs
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RtsCM] . (.Realtek Semiconductor Corp. - Realtek Camera Man.) -- C:\Windows\RTSCM64.exe
O4 - HKLM\..\Run: [KeyLemon LemonScreen] . (.KeyLemon - Locks the session with face recognition.) -- C:\Program Files\KeyLemon\KLLockEngine.exe
O4 - HKLM\..\Run: [KeyLemon Updater] . (.KeyLemon - KeyLemon Updater.) -- C:\Program Files\KeyLemon\KLUpdater.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKCU\..\Run: [MediaDICO38] . (.L'Aventure Multimedia - No Comment.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
O4 - HKLM\..\Wow6432Node\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated - Adobe Version Cue CS3.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm®Atheros® - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKUS\S-1-5-21-844386363-1422757463-2713201600-1001\..\Run: [MediaDICO38] . (.L'Aventure Multimedia - No Comment.) -- C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe
~ Application: Scanned in VAmn OAs
---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in VAmn OAs
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in VAmn OAs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in VAmn OAs
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{377FBF71-2E49-4F71-BDA4-14F78BD5C443}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{436BE313-E79B-452E-A8D9-92646D18E3E7}: NameServer = 192.168.2.17,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85C517C-A48B-4079-BC17-C5B78EA48B62}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: DhcpNameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{C197FBE7-BF5B-496D-9CB6-80D57077777C}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{377FBF71-2E49-4F71-BDA4-14F78BD5C443}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{436BE313-E79B-452E-A8D9-92646D18E3E7}: NameServer = 192.168.2.17,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85C517C-A48B-4079-BC17-C5B78EA48B62}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{16E56881-D2DA-4C81-A313-5BB42C3A05F9}: DhcpNameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{C197FBE7-BF5B-496D-9CB6-80D57077777C}: DhcpNameServer = 192.168.1.1 0.0.0.0
~ Domain: Scanned in VAmn OAs
---\\ Extra protocols (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in VAmn OAs
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in VAmn OAs
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service (Autodesk Content Service) . (.Autodesk, Inc. - Content Service.) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited - No Comment.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe =>Adware.Graftor
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MobiConnect. OUC (MobiConnect. RunOuc) . (...) - C:\Program Files (x86)\MobiConnect\UpdateDog\ouc.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) . (.RealVNC Ltd. - VNC Server Enterprise Edition for Win32.) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
~ Services: 20 Scanned in VAmn OAs
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in VAmn OAs
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in VAmn OAs
---\\ Task Planned Automatically (039)
[MD5.2B2B817A248F7D795891AF55FB0BA31B] [APT] [Advanced System~Protector] (...) -- C:\Program Files (x86)\ASP\AspManager.exe [477480] =>PUP.AdvancedSystemProtector
[MD5.6536D8570B2CDEF6BE313CF1CE3C613F] [APT] [Advanced System~Protector_startup] (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [8465704] =>PUP.AdvancedSystemProtector
[MD5.0ED398A4D031B9CFB10E3FEDF97AD836] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS.exe [614400] =>Hacktool.AutoKMS
[MD5.10B201CC8EBFC96C0F20BC2BF3BF2144] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [977600] =>PUA.KMSpico
[MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298688]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] [APT] [avastBCLRestart_firefox.exe] (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [MirageAgent] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (.not file.) [0]
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro_DEFAULT] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.E547B124E91CFB267603B16804C6932F] [APT] [RegClean Pro_UPDATES] (...) -- C:\Program Files (x86)\RCP\RegCleanPro.exe [8732952] =>Rogue.RegistryPowerCleaner
[MD5.FB992EA627DCBD0D3972E7BC7D4EC388] [APT] [RtHDVBg] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472]
[MD5.A2E02F2AB6E59932165EA0EB217C6E6F] [APT] [RTKCPL] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736]
[MD5.BE5F9C72E9994D403FE5BFA9BC39AE14] [APT] [SoftwareInformerService] (.Informer Technologies, Inc..) -- C:\Program Files\Software Informer\softinfo.exe [1536000]
[MD5.92A80F5EB8FB3B821175A031B3D0B976] [APT] [{3B719921-3486-4A8A-A21C-529392A71260}] (.Power Software Ltd.) -- C:\Program Files (x86)\PowerISO\PowerISO.exe [2782744]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [242] =>Hacktool.AutoKMS
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [242] =>Hacktool.AutoKMS
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1088]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1092]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: RegClean Pro_DEFAULT - (...) -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job [300] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_DEFAULT - (...) -- C:\Windows\System32\Tasks\RegClean Pro_DEFAULT [300] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_UPDATES - (...) -- C:\Windows\Tasks\RegClean Pro_UPDATES.job [308] =>Rogue.RegistryPowerCleaner
O39 - APT: RegClean Pro_UPDATES - (...) -- C:\Windows\System32\Tasks\RegClean Pro_UPDATES [308] =>Rogue.RegistryPowerCleaner
~ Scheduled Task: 24 Scanned in VAmn OAs
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 10 Scanned in VAmn OAs
---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO CD-ROM Device Driver.) - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (vncmirror) . (.RealVNC Ltd. - VNC Mirror Miniport.) - C:\Windows\system32\DRIVERS\vncmirror.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 52 Scanned in VAmn OAs
---\\ Software installed (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
O42 - Logiciel: Ad-Aware Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {65972064-0C2B-4710-A3F8-825F26636993}
O42 - Logiciel: Adobe After Effects CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EB0202F7-016A-410C-ADE4-40F848CCC661}
O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_3675c95c239b992d5d0ee8fce969b9e
O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2D81E70-2A98-4A08-A628-94388B063C5E}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {73B5D990-04EA-4751-B10F-5534770B91F2}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
O42 - Logiciel: Adobe Contribute CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F84ADE4E-9220-4324-994D-801EDD9DD251}
O42 - Logiciel: Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5D2398DF-3022-4820-93BA-F1175FBEA9CA}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4BDB76C6-902E-41D5-9064-68768E02886B}
O42 - Logiciel: Adobe Encore CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
O42 - Logiciel: Adobe Encore CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BE5F3842-8309-4754-92D5-83E02E6077A3}
O42 - Logiciel: Adobe Fireworks CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {21C4D775-368A-46C4-8DC3-4207165B7115}
O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {80FD3971-8482-49C8-BA8C-B6464A15882F}
O42 - Logiciel: Adobe Flash Player 11 ActiveX & Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3}
O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6E08CE13-C2AB-4749-9335-5900B958929E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE8327F9-3AC1-4586-8C7E-3DEE2BC92441} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6B708481-748A-4EB4-97C1-CD386244FF77}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C1FA4B3B-1625-4922-9C9D-780E8FCE161A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA}
O42 - Logiciel: Adobe Reader 9.3 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {004685F7-9FB6-4789-812F-59ABB34A55AF}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Soundbooth CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
O42 - Logiciel: Adobe Soundbooth CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0327FA9D-975C-448C-A086-577D57BB25B8}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Version Cue CS3 Server - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1D58229F-C505-45CA-8223-F35F3A34B963} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Video Profiles - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}
O42 - Logiciel: Advanced-System Protector - (.systweak.com.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: AirDroid Notifier - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: Ajouter ou supprimer Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_b5d5789539ea1f004a4defceea74312
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArchiCAD 17 INT - (.GRAPHISOFT.) [HKLM][64Bits] -- 001FFF2FFF17FF00FF0701F01F02F000-R1
O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM][64Bits] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: AutoCAD 2007 - English - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-5001-0409-0002-0060B0CE6BBA}
O42 - Logiciel: AutoCAD Architecture 2014 - Français (French) - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-D004-0000-0102-0060B0CE6BBA}
O42 - Logiciel: Autodesk 360 - (.Autodesk.) [HKLM][64Bits] -- {52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}
O42 - Logiciel: Autodesk App Manager - (.Autodesk.) [HKLM][64Bits] -- {C070121A-C8C5-4D52-9A7D-D240631BD433}
O42 - Logiciel: Autodesk AutoCAD Architecture 2014 - Français (French) - (.Autodesk.) [HKLM][64Bits] -- AutoCAD Architecture 2014 - Français (French)
O42 - Logiciel: Autodesk Content Service - (.Autodesk.) [HKLM][64Bits] -- Autodesk Content Service
O42 - Logiciel: Autodesk Content Service Language Pack - (.Autodesk.) [HKLM][64Bits] -- {62F029AB-85F2-0001-866A-9FC0DD99DDBC}
O42 - Logiciel: Autodesk DWF Viewer - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk DWF Viewer
O42 - Logiciel: Autodesk Featured Apps - (.Autodesk.) [HKLM][64Bits] -- {F732FEDA-7713-4428-934B-EF83B8DD65D0}
O42 - Logiciel: Autodesk Material Library 2014 - (.Autodesk.) [HKLM][64Bits] -- {644F9B19-A462-499C-BF4D-300ABC2A28B1}
O42 - Logiciel: Autodesk Material Library Base Resolution Image Library 2014 - (.Autodesk.) [HKLM][64Bits] -- {51BF3210-B825-4092-8E0D-66D689916E02}
O42 - Logiciel: Autodesk ReCap - (.Autodesk.) [HKLM][64Bits] -- Autodesk ReCap
O42 - Logiciel: Autodesk Robot Structural Analysis Professional 2014 - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk Robot Structural Analysis Professional 2014
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: BibleWorks 6 - (...) [HKLM][64Bits] -- {F5CD130F-5789-4D38-8762-FFBEBA896805}
O42 - Logiciel: Cain & Abel 4.9.56 - (...) [HKLM][64Bits] -- Cain & Abel 4.9.56
O42 - Logiciel: CamStudio version 2.7 - (.CamStudio Open Source.) [HKLM][64Bits] -- {04B83666-3A62-452B-85D3-70F8117F2329}_is1
O42 - Logiciel: Capturino version 2.5 - (.Capturino Software - Jean-Paul Bellenger.) [HKLM][64Bits] -- {0B8D7877-0178-4782-818A-0498F2E33BCC}_is1
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: CodeMeter Runtime Kit v5.00a - (.WIBU-SYSTEMS AG.) [HKLM][64Bits] -- {44DDBAF6-3F9C-483D-97FA-303B2DE181E6}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine =>Toolbar.Conduit
O42 - Logiciel: Conjugaison - (.homework.) [HKLM][64Bits] -- {057AA4D8-559F-42B1-98A0-508303834B2E}
O42 - Logiciel: ConvertHelper 3.1.1 - (.DownloadHelper.) [HKLM][64Bits] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Dev-C++ 5 beta 9 release (4.9.9.2) - (...) [HKLM][64Bits] -- Dev-C++
O42 - Logiciel: Dictionary version 2.1 - (.7tech Limited.) [HKLM][64Bits] -- Dic7tech_is1
O42 - Logiciel: ETABS 9 - (.Computers and Structures.) [HKLM][64Bits] -- {D47BD22B-769F-4CAB-B40E-D1F53B4020E6}
O42 - Logiciel: EZDownloader - (.EZDownloader.) [HKLM][64Bits] -- {0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
O42 - Logiciel: Etude de la Bible - (...) [HKLM][64Bits] -- Etude de la Bible
O42 - Logiciel: EzerKb - (.Ezer IT Consulting.) [HKLM][64Bits] -- {5AB2D033-2CAF-42DA-9B2D-1AE26021A4EA}
O42 - Logiciel: FARO LS 1.1.501.0 (64bit) - (.FARO Scanner Production.) [HKLM][64Bits] -- {8A470330-70B2-49AD-86AF-79885EF9898A}
O42 - Logiciel: FLV-Media-Player - (.HYBRIDWEB.de.) [HKLM][64Bits] -- {AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}
O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Fraps - (...) [HKLM][64Bits] -- Fraps
O42 - Logiciel: Free YouTube Download version 3.2.14.1022 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube Download_is1
O42 - Logiciel: GOM Audio - (.Gretech Corporation.) [HKLM][64Bits] -- GomAudio
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM][64Bits] -- Guitar Pro 5_is1
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {8C1ADF61-4F87-44BC-804C-C20FC70D98BB}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Java SE Development Kit 8 Update 25 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180250}
O42 - Logiciel: Jeux du Dictionnaire - (.Micro Application.) [HKLM][64Bits] -- {AB254D00-D5D7-493B-922C-9E673848EFB5}
O42 - Logiciel: KMSpico v9.2.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUA.KMSpico
O42 - Logiciel: KeyLemon - (.KeyLemon Solutions S.A..) [HKLM][64Bits] -- KeyLemon
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM][64Bits] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: LavasoftTcpService - (.Lavasoft.) [HKLM][64Bits] -- {90CF05DE-735F-42AB-A52A-F447FDFBE207} =>Adware.Graftor
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM][64Bits] -- ShockwaveFlash
O42 - Logiciel: Micro Application - 38 Dictionnaires et Recueils de Correspondance - (...) [HKLM][64Bits] -- {B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}
O42 - Logiciel: MobiConnect - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- MobiConnect
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM][64Bits] -- {5E6EC4DD-7B1F-4E10-82B9-EA1B90791036}
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: OFFICE One Clock 6.5 - (.ISSENDIS.) [HKLM][64Bits] -- OFFICE One Clock 6.5
O42 - Logiciel: OpenVPN 2.3.4-I605 - (...) [HKLM][64Bits] -- OpenVPN
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: Petit Larousse 2009 - (...) [HKLM][64Bits] -- {422FADA9-FED2-41D7-B5FA-472BB98B7784}
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: PriceMinus - (...) [HKLM][64Bits] -- {06B99631-BFA2-3B7A-F58B-D067C2BA59B7} =>PUP.PriceMinus
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: QuickTime Alternative 3.2.2 - (...) [HKLM][64Bits] -- QuicktimeAlt_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RegClean-Pro - (.systweak.com.) [HKLM][64Bits] -- RegClean-Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: Robot Expert v.17.0 - (...) [HKLM][64Bits] -- {06347192-28A4-4145-87A6-5A801233B98D}
O42 - Logiciel: SWF & FLV Player 3.0 (build 3.0.33.5106) - (.Eltima Software.) [HKLM][64Bits] -- SWF & FLV Player_is1
O42 - Logiciel: SketchUp 2013 - (.Trimble Navigation Limited.) [HKLM][64Bits] -- {F277FA87-FCE4-49A3-B745-B82FB29ED8A4}
O42 - Logiciel: SketchUp 2015 - (.Trimble Navigation Limited.) [HKLM][64Bits] -- {37B47810-E821-4B53-B3D2-3DB1F2084B7E}
O42 - Logiciel: SketchUp Import for AutoCAD 2014 - (.Autodesk.) [HKLM][64Bits] -- {644E9589-F73A-49A4-AC61-A953B9DE5669}
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Softonic France FF Toolbar - (.Softonic France FF.) [HKLM][64Bits] -- Softonic_France_FF Toolbar =>Adware.FFToolBar
O42 - Logiciel: Software Informer 1.4.1273.0 - (.Informer Technologies, Inc..) [HKLM][64Bits] -- Software Informer_is1
O42 - Logiciel: Sony Media Manager 2.2 - (.Sony.) [HKLM][64Bits] -- {38E1CA6C-2121-4B5C-A3A5-0B0003794EFF}
O42 - Logiciel: Sony Vegas 7.0 - (.Sony.) [HKLM][64Bits] -- {8411FA28-D32D-4518-92F0-3FBD80A702BC}
O42 - Logiciel: SuperCopier2 - (...) [HKLM][64Bits] -- SuperCopier2
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TAP-Windows 9.21.0 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: Tests de QI et Mémoire - (...) [HKLM][64Bits] -- {A164036A-722E-41CB-A1C1-3C3825A575D6}
O42 - Logiciel: Tipp Top 4.0 - (...) [HKLM][64Bits] -- {7087A5CE-60AB-4C14-A4D9-5F1AAA699E97}
O42 - Logiciel: Total Video Converter 3.11 070908 - (.EffectMatrix Inc..) [HKLM][64Bits] -- Total Video Converter 3.11_is1
O42 - Logiciel: USB Video Device - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: UltraISO Premium V8.6 - (...) [HKLM][64Bits] -- UltraISO_is1
O42 - Logiciel: Update for Japanese Microsoft IME Postal Code Dictionary - (.Microsoft Corporation.) [HKLM][64Bits] -- {15015752-9990-4516-A2B1-93823281FB8E}
O42 - Logiciel: Update for Japanese Microsoft IME Standard Extended Dictionary - (.Microsoft Corporation.) [HKLM][64Bits] -- {78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM][64Bits] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VNC Enterprise Edition E4.5.4 - (.RealVNC Ltd..) [HKLM][64Bits] -- RealVNC_is1
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM][64Bits] -- VNCMirror_is1
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM][64Bits] -- VNCPrinter_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: WinRAR archiver - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: bestadblocker - (...) [HKLM][64Bits] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Adblocker
O42 - Logiciel: i686-4.9.2-posix-dwarf-rt_v4-rev2 - (.MinGW-W64.) [HKLM][64Bits] -- i686-4.9.2-posix-dwarf-rt_v4-rev2
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 95 Scanned in VAmn OAs
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Atheros]
[HKCU\Software\Audacity]
[HKCU\Software\Autodesk]
[HKCU\Software\BugSplat]
[HKCU\Software\Cain]
[HKCU\Software\CamStudioOpenSource for Nick]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Dictionary]
[HKCU\Software\DownloadManager]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Fraps3]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GRAPHISOFT]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Geomedia SA]
[HKCU\Software\Google]
[HKCU\Software\HYBRIDWEB.de]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\Intel]
[HKCU\Software\JMJLogiciels]
[HKCU\Software\JavaSoft]
[HKCU\Software\KeyLemon]
[HKCU\Software\LAventure]
[HKCU\Software\Licenses]
[HKCU\Software\Lockdir]
[HKCU\Software\LogMeInRescueCallingCard]
[HKCU\Software\MOVDLTool]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Mine]
[HKCU\Software\Minnetonka Audio Software]
[HKCU\Software\Mozilla]
[HKCU\Software\Necrosoft]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nilings]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\P®O Group]
[HKCU\Software\RealVNC]
[HKCU\Software\Realtek]
[HKCU\Software\Reg]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\RoboBAT]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SMADΔV]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\SketchUp]
[HKCU\Software\Skype]
[HKCU\Software\Sony Media Software]
[HKCU\Software\Spiral Monkey]
[HKCU\Software\Synaptics]
[HKCU\Software\TechSmith]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WIBU-SYSTEMS]
[HKCU\Software\WebApp]
[HKCU\Software\Webshots]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\homework]
[HKCU\Software\systweak]
[HKLM\Software\7-Zip]
[HKLM\Software\Atheros]
[HKLM\Software\Audible]
[HKLM\Software\Autodesk]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Google]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RealVNC]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SketchUp]
[HKLM\Software\Synaptics]
[HKLM\Software\WIBU-SYSTEMS]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Arobas Music]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Autodesk]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\BibleWorks]
[HKLM\Software\Wow6432Node\Borland]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Computers and Structures, Inc.]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Crystal Decisions]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DATA BECKER]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\DownloadHelper]
[HKLM\Software\Wow6432Node\EasyBoot Systems]
[HKLM\Software\Wow6432Node\Eidos Interactive]
[HKLM\Software\Wow6432Node\Elaborate Bytes]
[HKLM\Software\Wow6432Node\FastStone Soft]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GRETECH]
[HKLM\Software\Wow6432Node\Geomedia SA]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Havas Interactive]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\HighCriteria]
[HKLM\Software\Wow6432Node\Huawei technologies]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Internet Download Manager]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAventure]
[HKLM\Software\Wow6432Node\Larousse]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\MAXSOFT-OCRON]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Micro Application]
[HKLM\Software\Wow6432Node\Minnetonka Audio Software]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenVPN-GUI]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\QTAlternative]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\RealVNC]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RoboBAT]
[HKLM\Software\Wow6432Node\Seagate Software]
[HKLM\Software\Wow6432Node\SketchUp]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Softonic_France_FF] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Sony Media Software]
[HKLM\Software\Wow6432Node\Spiral Monkey]
[HKLM\Software\Wow6432Node\Synthetic Aperture]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TG Byte Software]
[HKLM\Software\Wow6432Node\VST]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WIBU-SYSTEMS]
[HKLM\Software\Wow6432Node\WexTech Systems]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\homework]
[HKLM\Software\Wow6432Node\iTinySoft]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 483 Scanned in VAmn OAs
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 6/7/2015 - 2:26:30 ROVASOA - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 5/22/2015 - 10:54:52 ROVASOA - [] ----D C:\Program Files (x86)\AirDroid Notifier
O43 - CFD: 5/9/2015 - 9:13:08 ROVASOA - [] ----D C:\Program Files (x86)\AnswerWorks 4.0
O43 - CFD: 4/19/2015 - 2:46:45 ROVASOA - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 6/11/2015 - 4:58:16 ROVASOA - [] ----D C:\Program Files (x86)\ASP
O43 - CFD: 4/19/2015 - 9:58:44 ROVASOA - [] ----D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
O43 - CFD: 5/9/2015 - 9:13:34 ROVASOA - [] ----D C:\Program Files (x86)\AutoCAD 2007
O43 - CFD: 5/9/2015 - 9:09:44 ROVASOA - [] ----D C:\Program Files (x86)\Autodesk
O43 - CFD: 5/22/2015 - 10:54:50 ROVASOA - [] ----D C:\Program Files (x86)\bestadblocker =>PUP.Adblocker
O43 - CFD: 5/4/2015 - 9:04:47 ROVASOA - [] ----D C:\Program Files (x86)\BibleWorks 6
O43 - CFD: 5/4/2015 - 8:55:17 ROVASOA - [] ----D C:\Program Files (x86)\Bibliquest
O43 - CFD: 6/7/2015 - 2:03:12 ROVASOA - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 6/7/2015 - 1:47:54 ROVASOA - [] ----D C:\Program Files (x86)\Cain
O43 - CFD: 6/5/2015 - 6:47:41 ROVASOA - [] ----D C:\Program Files (x86)\CamStudio 2.7
O43 - CFD: 6/5/2015 - 5:43:55 ROVASOA - [] ----D C:\Program Files (x86)\CapturinoV25
O43 - CFD: 5/22/2015 - 1:59:33 ROVASOA - [] ----D C:\Program Files (x86)\CodeBlocks
O43 - CFD: 4/19/2015 - 2:49:24 ROVASOA - [] ----D C:\Program Files (x86)\CodeMeter
O43 - CFD: 6/12/2015 - 8:21:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 5/15/2015 - 8:25:51 ROVASOA - [] ----D C:\Program Files (x86)\Computers and Structures
O43 - CFD: 5/4/2015 - 1:07:41 ROVASOA - [] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 5/4/2015 - 1:07:40 ROVASOA - [] ----D C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 5/17/2015 - 11:20:01 ROVASOA - [] ----D C:\Program Files (x86)\Conjugaison
O43 - CFD: 5/4/2015 - 11:44:47 ROVASOA - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 6/12/2015 - 8:21:00 ROVASOA - [] ----D C:\Program Files (x86)\DATA BECKER
O43 - CFD: 5/4/2015 - 12:59:00 ROVASOA - [] ----D C:\Program Files (x86)\Dictionary
O43 - CFD: 5/4/2015 - 11:12:41 ROVASOA - [] ----D C:\Program Files (x86)\directx
O43 - CFD: 5/1/2015 - 12:54:07 ROVASOA - [] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 5/4/2015 - 10:16:37 ROVASOA - [] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 6/4/2015 - 5:34:21 ROVASOA - [] ----D C:\Program Files (x86)\Eltima Software
O43 - CFD: 5/22/2015 - 11:08:14 ROVASOA - [] ----D C:\Program Files (x86)\EZDownloader
O43 - CFD: 5/4/2015 - 1:02:10 ROVASOA - [] ----D C:\Program Files (x86)\Ezer IT Consulting
O43 - CFD: 6/4/2015 - 5:38:28 ROVASOA - [] ----D C:\Program Files (x86)\FLV-Media-Player
O43 - CFD: 5/14/2015 - 3:21:45 ROVASOA - [0] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 5/4/2015 - 1:03:38 ROVASOA - [] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 5/2/2015 - 8:47:52 ROVASOA - [] ----D C:\Program Files (x86)\Geomedia SA
O43 - CFD: 5/4/2015 - 1:10:32 ROVASOA - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 4/20/2015 - 10:47:56 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto III
O43 - CFD: 4/20/2015 - 10:50:31 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto San Andreas
O43 - CFD: 4/20/2015 - 5:38:39 ROVASOA - [] ----D C:\Program Files (x86)\Grand Theft Auto Vice City
O43 - CFD: 5/4/2015 - 1:10:11 ROVASOA - [] ----D C:\Program Files (x86)\GRETECH
O43 - CFD: 5/4/2015 - 10:09:01 ROVASOA - [] ----D C:\Program Files (x86)\Guitar Pro 5
O43 - CFD: 5/4/2015 - 12:15:58 ROVASOA - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 6/12/2015 - 8:21:00 ROVASOA - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 4/19/2015 - 9:33:40 ROVASOA - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 5/30/2015 - 12:54:11 ROVASOA - [] ----D C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 4/19/2015 - 2:27:19 ROVASOA - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 5/4/2015 - 11:12:42 ROVASOA - [] ----D C:\Program Files (x86)\Larousse
O43 - CFD: 5/1/2015 - 1:27:29 ROVASOA - [] ----D C:\Program Files (x86)\Lavasoft
O43 - CFD: 6/12/2015 - 8:18:15 ROVASOA - [] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 4/26/2015 - 10:03:57 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 5/9/2015 - 9:13:09 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 6/7/2015 - 12:46:32 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 5/9/2015 - 8:34:59 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Visual Studio .NET 2003
O43 - CFD: 4/26/2015 - 10:04:54 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 4/26/2015 - 10:06:06 ROVASOA - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 5/22/2015 - 12:18:35 ROVASOA - [] ----D C:\Program Files (x86)\mingw-w64
O43 - CFD: 5/15/2015 - 1:17:25 ROVASOA - [] ----D C:\Program Files (x86)\MobiConnect
O43 - CFD: 6/5/2015 - 3:46:50 ROVASOA - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 6/5/2015 - 3:46:51 ROVASOA - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 5/1/2015 - 4:59:40 ROVASOA - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 5/4/2015 - 11:12:23 ROVASOA - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 6/1/2015 - 6:18:08 ROVASOA - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 5/14/2015 - 3:38:00 ROVASOA - [] ----D C:\Program Files (x86)\Notepad++
O43 - CFD: 5/4/2015 - 10:18:13 ROVASOA - [] ----D C:\Program Files (x86)\OFFICE ONE6.0
O43 - CFD: 5/4/2015 - 11:10:53 ROVASOA - [] ----D C:\Program Files (x86)\OpenVPN
O43 - CFD: 4/20/2015 - 5:22:16 ROVASOA - [] ----D C:\Program Files (x86)\PowerISO
O43 - CFD: 5/22/2015 - 10:42:11 ROVASOA - [] ----D C:\Program Files (x86)\PriceMiinus =>PUP.PriceMinus
O43 - CFD: 5/22/2015 - 10:49:19 ROVASOA - [] ----D C:\Program Files (x86)\PriceMinus =>PUP.PriceMinus
O43 - CFD: 4/19/2015 - 8:11:09 ROVASOA - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 6/7/2015 - 2:15:19 ROVASOA - [] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 5/15/2015 - 8:08:32 ROVASOA - [] ----D C:\Program Files (x86)\QuickTime Alternative
O43 - CFD: 6/5/2015 - 5:43:37 ROVASOA - [] ----D C:\Program Files (x86)\RCP
O43 - CFD: 5/1/2015 - 4:59:40 ROVASOA - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 5/15/2015 - 8:37:06 ROVASOA - [] ----D C:\Program Files (x86)\Robot Office
O43 - CFD: 5/3/2015 - 12:26:59 ROVASOA - [] ----D C:\Program Files (x86)\SketchUp
O43 - CFD: 5/29/2015 - 5:39:37 ROVASOA - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 5/20/2015 - 2:16:57 ROVASOA - [] ----D C:\Program Files (x86)\Smadav
O43 - CFD: 5/4/2015 - 1:07:41 ROVASOA - [] ----D C:\Program Files (x86)\Softonic_France_FF =>Toolbar.Conduit
O43 - CFD: 6/7/2015 - 12:45:02 ROVASOA - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 6/7/2015 - 12:43:58 ROVASOA - [] ----D C:\Program Files (x86)\Sony Setup
O43 - CFD: 5/4/2015 - 10:16:03 ROVASOA - [] ----D C:\Program Files (x86)\SuperCopier2
O43 - CFD: 5/4/2015 - 12:34:27 ROVASOA - [] ----D C:\Program Files (x86)\Total Video Converter
O43 - CFD: 4/20/2015 - 4:30:48 ROVASOA - [] ----D C:\Program Files (x86)\UltraISO
O43 - CFD: 6/7/2015 - 12:46:46 ROVASOA - [] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 4/20/2015 - 8:03:35 ROVASOA - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 6/7/2015 - 12:45:16 ROVASOA - [] ----D C:\Program Files (x86)\Vstplugins
O43 - CFD: 5/6/2015 - 11:15:36 ROVASOA - [] ----D C:\Program Files (x86)\Webshots
O43 - CFD: 5/29/2015 - 3:58:56 ROVASOA - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 5/29/2015 - 3:56:53 ROVASOA - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 8/22/2013 - 5:36:30 ROVASOA - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 6/5/2015 - 6:17:42 ROVASOA - [] ----D C:\Program Files (x86)\WinPcap
O43 - CFD: 5/4/2015 - 12:50:30 ROVASOA - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 6/17/2015 - 6:21:16 ROVASOA - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 6/7/2015 - 2:27:04 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 4/19/2015 - 2:46:53 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 4/19/2015 - 8:10:30 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 5/15/2015 - 8:55:30 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Autodesk Shared
O43 - CFD: 6/12/2015 - 8:21:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 6/7/2015 - 2:25:53 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Control Panels
O43 - CFD: 5/9/2015 - 8:34:51 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Crystal Decisions
O43 - CFD: 5/9/2015 - 9:13:02 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Designer
O43 - CFD: 5/1/2015 - 12:54:03 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 4/20/2015 - 4:30:48 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\EZB Systems
O43 - CFD: 5/4/2015 - 1:10:13 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Gretech Corporation
O43 - CFD: 5/4/2015 - 11:32:14 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 4/19/2015 - 9:32:29 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 4/19/2015 - 2:27:35 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 6/7/2015 - 1:59:56 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 5/22/2015 - 10:54:07 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 6/1/2015 - 6:18:40 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 4/19/2015 - 8:20:24 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 5/15/2015 - 8:37:04 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\RoboBAT
O43 - CFD: 8/22/2013 - 5:36:33 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 5/27/2015 - 5:59:59 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 5/29/2015 - 3:56:52 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 5/4/2015 - 12:39:14 ROVASOA - [] ----D C:\Program Files (x86)\Common Files\Ulead Systems
O43 - CFD: 5/22/2015 - 10:54:52 ROVASOA - [] ----D C:\ProgramData\747021844698302485
O43 - CFD: 6/7/2015 - 2:31:01 ROVASOA - [] ----D C:\ProgramData\Adobe
O43 - CFD: 6/7/2015 - 2:24:47 ROVASOA - [0] ----D C:\ProgramData\ALM
O43 - CFD: 4/19/2015 - 2:46:44 ROVASOA - [] ----D C:\ProgramData\Apple
O43 - CFD: 5/15/2015 - 8:07:56 ROVASOA - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 5/4/2015 - 2:33:14 ROVASOA - [] ----D C:\ProgramData\Atheros
O43 - CFD: 5/15/2015 - 9:02:21 ROVASOA - [] ----D C:\ProgramData\Autodesk
O43 - CFD: 4/19/2015 - 9:52:34 ROVASOA - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 4/19/2015 - 2:49:13 ROVASOA - [] ----D C:\ProgramData\CodeMeter
O43 - CFD: 5/4/2015 - 5:29:30 ROVASOA - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 5/15/2015 - 1:17:59 ROVASOA - [] ----D C:\ProgramData\DatacardService
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 5/2/2015 - 10:59:48 ROVASOA - [] ----D C:\ProgramData\FARO
O43 - CFD: 6/7/2015 - 2:31:08 ROVASOA - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 5/4/2015 - 1:10:12 ROVASOA - [] ----D C:\ProgramData\GRETECH
O43 - CFD: 5/30/2015 - 10:43:14 ROVASOA - [0] ----D C:\ProgramData\IDM
O43 - CFD: 6/7/2015 - 7:46:22 ROVASOA - [] ----D C:\ProgramData\Informer Technologies, Inc
O43 - CFD: 4/19/2015 - 8:20:51 ROVASOA - [] ----D C:\ProgramData\Intel
O43 - CFD: 5/23/2015 - 1:08:00 ROVASOA - [] ----D C:\ProgramData\KeyLemon
O43 - CFD: 5/1/2015 - 1:09:57 ROVASOA - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 5/29/2015 - 3:56:38 ROVASOA - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 6/12/2015 - 2:49:25 ROVASOA - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 5/15/2015 - 1:17:30 ROVASOA - [] ----D C:\ProgramData\MobiConnect
O43 - CFD: 4/19/2015 - 7:51:42 ROVASOA - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 4/19/2015 - 9:57:06 ROVASOA - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 6/1/2015 - 6:18:09 ROVASOA - [] ----D C:\ProgramData\Nero
O43 - CFD: 5/23/2015 - 1:04:36 ROVASOA - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 4/19/2015 - 8:09:01 ROVASOA - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 5/29/2015 - 3:56:52 ROVASOA - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 5/3/2015 - 1:57:01 ROVASOA - [] ---AD C:\ProgramData\Reprise
O43 - CFD: 5/4/2015 - 11:42:32 ROVASOA - [] ----D C:\ProgramData\Sage
O43 - CFD: 5/3/2015 - 1:56:04 ROVASOA - [] ----D C:\ProgramData\SketchUp
O43 - CFD: 5/29/2015 - 5:39:30 ROVASOA - [] ----D C:\ProgramData\Skype
O43 - CFD: 6/7/2015 - 12:46:12 ROVASOA - [] ----D C:\ProgramData\Sony
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 4/19/2015 - 2:27:35 ROVASOA - [] ----D C:\ProgramData\Sun
O43 - CFD: 4/19/2015 - 1:48:16 ROVASOA - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 6/11/2015 - 4:58:13 ROVASOA - [] ----D C:\ProgramData\Systweak
O43 - CFD: 5/4/2015 - 12:13:08 ROVASOA - [] ----D C:\ProgramData\Temp
O43 - CFD: 8/22/2013 - 4:45:52 ROVASOA - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 5/23/2015 - 10:40:23 ROVASOA - [] ----D C:\ProgramData\{33332bbf-4e55-43af-3333-32bbf4e5aefd}
O43 - CFD: 5/18/2015 - 9:41:50 ROVASOA - [] ----D C:\ProgramData\{8a70c610-3289-06d1-8a70-0c6103281840}
O43 - CFD: 4/21/2015 - 11:30:29 ROVASOA - [0] ----D C:\ProgramData\{e5855398-3f77-d732-e585-553983f74e60}
O43 - CFD: 4/19/2015 - 8:09:50 ROVASOA - [] ----D C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
O43 - CFD: 5/4/2015 - 11:56:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 5/29/2015 - 3:58:57 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 5/29/2015 - 3:58:52 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 6/7/2015 - 2:26:54 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3
O43 - CFD: 6/11/2015 - 4:58:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 5/3/2015 - 12:11:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Architecture 2014 - Français (French)
O43 - CFD: 5/15/2015 - 9:01:23 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
O43 - CFD: 5/2/2015 - 10:59:45 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
O43 - CFD: 5/15/2015 - 9:02:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Robot Structural Analysis Professional 2014
O43 - CFD: 5/30/2015 - 10:31:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 5/4/2015 - 8:59:12 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BibleWorks 6
O43 - CFD: 5/4/2015 - 8:55:18 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bibliquest
O43 - CFD: 5/14/2015 - 3:39:30 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
O43 - CFD: 6/5/2015 - 6:17:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
O43 - CFD: 6/5/2015 - 6:47:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
O43 - CFD: 6/5/2015 - 5:43:58 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capturino 2.5
O43 - CFD: 5/22/2015 - 1:58:58 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 4/19/2015 - 2:49:24 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
O43 - CFD: 5/4/2015 - 11:44:56 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 5/15/2015 - 8:26:01 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computers and Structures
O43 - CFD: 6/12/2015 - 8:21:37 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
O43 - CFD: 5/4/2015 - 12:59:05 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictionary
O43 - CFD: 5/4/2015 - 1:00:31 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dream Aquarium
O43 - CFD: 5/1/2015 - 12:54:05 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
O43 - CFD: 5/4/2015 - 10:16:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 6/4/2015 - 5:34:21 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eltima Software
O43 - CFD: 5/3/2015 - 1:21:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etude de la Bible
O43 - CFD: 5/22/2015 - 11:08:14 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
O43 - CFD: 5/4/2015 - 1:02:11 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EzerKb
O43 - CFD: 6/7/2015 - 10:50:31 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
O43 - CFD: 5/4/2015 - 1:10:15 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
O43 - CFD: 4/19/2015 - 2:29:11 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
O43 - CFD: 5/4/2015 - 10:09:16 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
O43 - CFD: 5/4/2015 - 12:14:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 5/4/2015 - 1:15:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 5/4/2015 - 1:15:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 5/23/2015 - 1:05:49 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyLemon
O43 - CFD: 4/19/2015 - 8:00:56 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 5/4/2015 - 11:12:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larousse
O43 - CFD: 5/1/2015 - 1:27:30 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 8/22/2013 - 5:36:33 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 6/12/2015 - 8:18:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 4/26/2015 - 10:07:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 5/15/2015 - 1:17:24 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MobiConnect
O43 - CFD: 5/29/2015 - 3:42:51 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
O43 - CFD: 6/1/2015 - 6:19:52 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
O43 - CFD: 5/14/2015 - 3:37:59 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 5/4/2015 - 10:18:13 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OFFICE One 6.0
O43 - CFD: 5/4/2015 - 11:10:52 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
O43 - CFD: 4/20/2015 - 5:22:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 5/15/2015 - 8:07:57 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
O43 - CFD: 6/7/2015 - 10:28:26 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
O43 - CFD: 6/5/2015 - 6:07:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 5/15/2015 - 8:37:42 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Office
O43 - CFD: 4/26/2015 - 10:07:38 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 5/3/2015 - 12:27:27 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2013
O43 - CFD: 5/3/2015 - 1:56:55 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
O43 - CFD: 5/27/2015 - 6:00:02 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 6/7/2015 - 7:46:01 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
O43 - CFD: 6/7/2015 - 12:45:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 6/7/2015 - 2:14:32 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 5/29/2015 - 3:58:51 ROVASOA - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 8/23/2013 - 12:26:22 ROVASOA - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 5/4/2015 - 11:04:41 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
O43 - CFD: 5/4/2015 - 12:34:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
O43 - CFD: 4/20/2015 - 4:30:49 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 4/20/2015 - 8:03:57 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 6/5/2015 - 6:17:42 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 5/2/2015 - 11:17:20 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 6/17/2015 - 6:21:17 ROVASOA - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 6/8/2015 - 12:27:49 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Adobe
O43 - CFD: 4/19/2015 - 2:50:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Apple Computer
O43 - CFD: 4/19/2015 - 8:14:21 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Atheros
O43 - CFD: 6/13/2015 - 4:08:36 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Audacity
O43 - CFD: 5/15/2015 - 9:41:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Autodesk
O43 - CFD: 4/19/2015 - 9:55:02 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\AVAST Software
O43 - CFD: 6/7/2015 - 12:43:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Capturino
O43 - CFD: 6/10/2015 - 6:17:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\codeblocks
O43 - CFD: 5/4/2015 - 5:28:03 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\CyberLink
O43 - CFD: 5/14/2015 - 6:37:46 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Dev-Cpp
O43 - CFD: 5/30/2015 - 10:42:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\DMCache
O43 - CFD: 5/1/2015 - 5:02:40 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\DVDVideoSoft
O43 - CFD: 6/4/2015 - 5:57:25 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Eltima Software
O43 - CFD: 4/19/2015 - 3:09:27 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft
O43 - CFD: 5/4/2015 - 1:10:18 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\GRETECH
O43 - CFD: 5/29/2015 - 8:29:23 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Identities
O43 - CFD: 5/30/2015 - 10:42:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\IDM
O43 - CFD: 4/19/2015 - 2:27:44 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Install.GS
O43 - CFD: 5/1/2015 - 1:09:57 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Lavasoft
O43 - CFD: 4/30/2015 - 9:29:06 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Macromedia
O43 - CFD: 6/11/2015 - 4:58:33 ROVASOA - [] -S--D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft
O43 - CFD: 5/10/2015 - 7:01:31 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla
O43 - CFD: 5/14/2015 - 6:17:56 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Notepad++
O43 - CFD: 5/1/2015 - 12:53:46 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 4/19/2015 - 8:58:53 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\PowerISO
O43 - CFD: 5/3/2015 - 3:48:43 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\SketchUp
O43 - CFD: 6/10/2015 - 1:02:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Skype
O43 - CFD: 5/20/2015 - 12:53:54 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Smadav
O43 - CFD: 6/17/2015 - 6:22:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Software Informer
O43 - CFD: 6/7/2015 - 12:46:16 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Sony
O43 - CFD: 4/19/2015 - 1:48:16 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Synaptics
O43 - CFD: 6/11/2015 - 4:58:19 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak
O43 - CFD: 6/17/2015 - 12:27:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\vlc
O43 - CFD: 4/19/2015 - 8:27:33 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\WinRAR
O43 - CFD: 6/17/2015 - 6:23:27 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 6/7/2015 - 2:38:30 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Adobe
O43 - CFD: 4/19/2015 - 2:46:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Apple
O43 - CFD: 4/19/2015 - 7:58:03 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Application Data
O43 - CFD: 5/2/2015 - 8:44:52 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\ApplicationHistory
O43 - CFD: 5/9/2015 - 9:12:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Autodesk
O43 - CFD: 5/4/2015 - 2:35:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\BMExplorer
O43 - CFD: 6/1/2015 - 11:06:51 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\cache
O43 - CFD: 6/12/2015 - 6:13:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\CrashDumps
O43 - CFD: 5/4/2015 - 5:28:02 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\CyberLink
O43 - CFD: 6/8/2015 - 10:31:44 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Diagnostics
O43 - CFD: 5/5/2015 - 11:58:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Dictionnaire Freelang
O43 - CFD: 6/9/2015 - 8:38:28 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\ElevatedDiagnostics
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieBrowserModeList
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieSiteList
O43 - CFD: 6/16/2015 - 6:08:57 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\EmieUserList
O43 - CFD: 4/19/2015 - 9:53:22 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Google
O43 - CFD: 4/19/2015 - 3:09:31 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Graphisoft
O43 - CFD: 5/4/2015 - 12:14:01 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Hewlett-Packard
O43 - CFD: 4/19/2015 - 7:58:04 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Historique
O43 - CFD: 6/17/2015 - 5:36:32 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\KeyLemon
O43 - CFD: 5/1/2015 - 6:19:40 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Lavasoft
O43 - CFD: 6/3/2015 - 11:48:42 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft
O43 - CFD: 6/2/2015 - 1:26:59 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft Help
O43 - CFD: 4/30/2015 - 11:31:38 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Mozilla
O43 - CFD: 6/17/2015 - 3:32:54 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Packages
O43 - CFD: 4/19/2015 - 8:00:41 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Programs
O43 - CFD: 4/19/2015 - 10:01:47 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Skype
O43 - CFD: 6/17/2015 - 6:21:19 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\Temp
O43 - CFD: 4/19/2015 - 7:58:04 ROVASOA - [] -SH-D C:\Users\Rovasoa Niriniaina\AppData\Local\Temporary Internet Files
O43 - CFD: 5/15/2015 - 1:18:15 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Local\VirtualStore
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 5/29/2015 - 8:29:26 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 5/4/2015 - 8:55:18 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bibliquest
O43 - CFD: 6/5/2015 - 6:17:27 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
O43 - CFD: 5/22/2015 - 1:59:33 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 6/4/2015 - 5:38:29 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV-Media-Player
O43 - CFD: 5/4/2015 - 1:03:52 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 5/9/2015 - 8:36:21 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Géomédia SA
O43 - CFD: 5/30/2015 - 11:04:49 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 5/22/2015 - 12:20:14 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinGW-W64 project
O43 - CFD: 5/14/2015 - 3:37:58 ROVASOA - [0] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 5/29/2015 - 8:29:26 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 5/4/2015 - 10:16:04 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2
O43 - CFD: 8/22/2013 - 5:36:32 ROVASOA - [] R---D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 5/2/2015 - 11:17:20 ROVASOA - [] ----D C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 324 Scanned in VAmn OAs
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.B0D20C02416CE3A801DBAB972EBE7262] - 6/11/2015 - 3:58:07 ROVASOA ---A- . (...) -- C:\Windows\System32\sasnative64.exe [23336]
O44 - LFC:[MD5.6CCC851608DD076C13E37737BB75A9DC] - 6/12/2015 - 1:27:30 ROVASOA ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4177920]
O44 - LFC:[MD5.5AFA18049BFA8D18EF3F26C0D3F4B446] - 6/12/2015 - 6:58:20 ROVASOA ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [2521016]
O44 - LFC:[MD5.CBC5CAE774672F2C649D9429B46439CF] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.L'Aventure MultiMedia - Dll de Reconnaissance Automatique de Caract.) -- C:\Windows\RACHook38.dll [208992]
O44 - LFC:[MD5.A673792D3A5EBC194D888638FD5B0E78] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.L'Aventure Multimedia - Dictionnaires MediaDICO.) -- C:\Windows\MediaDico38Dll.dll [2507776]
O44 - LFC:[MD5.2FE13D6F0FCB01F3FC35A467A5C9FD3A] - 6/12/2015 - 7:10:48 ROVASOA ---A- . (.Structu Rise - Textract.) -- C:\Windows\MediaR38.dll [199680]
O44 - LFC:[MD5.959A8293A06A680489CF1CE595D15E5A] - 6/12/2015 - 7:15:53 ROVASOA ---A- . (...) -- C:\Windows\MediaR38.ini [1982]
O44 - LFC:[MD5.E4DF1016021719D26BCB0E2D45D03770] - 6/12/2015 - 7:21:37 ROVASOA ---A- . (...) -- C:\Windows\ASYM.ini [167]
O44 - LFC:[MD5.BB4FEE31C8D03423E0D01C84BE3DB61C] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1909582]
O44 - LFC:[MD5.04F1ADAEFC65085A7581CC28319F18E4] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfc009.dat [147500]
O44 - LFC:[MD5.608FD35474DBA1C6C9343641B8CDB983] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfc00C.dat [174542]
O44 - LFC:[MD5.C8B045ABE6669E3706ACC08AB10BB57E] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfh009.dat [759520]
O44 - LFC:[MD5.9C7B3DDC192BF5D180EB71A606926133] - 6/17/2015 - 11:37:27 ROVASOA ---A- . (...) -- C:\Windows\System32\perfh00C.dat [842972]
O44 - LFC:[MD5.26CA47EFA7F705E79F0A78C621A14FBB] - 6/17/2015 - 4:35:50 ROVASOA ---A- . (...) -- C:\Windows\setupact.log [52861]
O44 - LFC:[MD5.0E60DAD200CBE12BE4D1C5E330575050] - 6/17/2015 - 4:37:13 ROVASOA ---A- . (...) -- C:\Windows\AutoKMS.log [34619] =>Hacktool.AutoKMS
O44 - LFC:[MD5.2479D4090184CA39E7CF1160FBCFA17B] - 6/17/2015 - 4:37:45 ROVASOA -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.3A7D03E53A682D328F946489F3A4610B] - 6/17/2015 - 5:19:59 ROVASOA ---A- . (...) -- C:\Windows\WindowsUpdate.log [1409389]
O44 - LFC:[MD5.D1CEC2E76611EE3DED4F875AD379FA02] - 6/5/2015 - 4:43:38 ROVASOA ---A- . (.No owner - Registry Optimizer.) -- C:\Windows\System32\roboot64.exe [20248]
O44 - LFC:[MD5.515E4684008E955DE0C81E6A7AEA1C2A] - 6/7/2015 - 11:46:43 ROVASOA ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\Windows\IsUninst.exe [306688]
O44 - LFC:[MD5.AEC0828B9A0772831523809BD2EC8FCA] - 6/7/2015 - 11:46:46 ROVASOA ---A- . (...) -- C:\Windows\dasetup.log [19626]
O44 - LFC:[MD5.974636BF28DDA64D787D3F2FAB4853F7] - 6/7/2015 - 11:46:48 ROVASOA ---A- . (...) -- C:\Windows\dahotfix.log [917]
O44 - LFC:[MD5.3292291CF418979F8B731205EFD15F48] - 6/7/2015 - 1:28:37 ROVASOA ---A- . (...) -- C:\Windows\PFRO.log [25850]
O44 - LFC:[MD5.54936A3C9CE94696CF70729B0781FF6A] - 6/7/2015 - 9:27:50 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Driver.) -- C:\Windows\System32\vncmirror.dll [26112]
O44 - LFC:[MD5.93F279A2C172562050700A18FA84BE2E] - 6/7/2015 - 9:27:50 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\Windows\System32\Drivers\vncmirror.sys [4608]
O44 - LFC:[MD5.6218B6D086B487E30A0374479E03A2FB] - 6/7/2015 - 9:28:23 ROVASOA ---A- . (.No owner - Port Monitor DLL.) -- C:\Windows\System32\VNCpm.dll [31232]
~ Files: 25 Scanned in VAmn OAs
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in VAmn OAs
---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [Enabled] .(.WIBU-SYSTEMS AG.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O47 - AAKE:Key Export DP - "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [Enabled] .(.WIBU-SYSTEMS AG.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
~ Keys Export: 2 Scanned in VAmn OAs
---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in VAmn OAs
---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in VAmn OAs
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{6ac8ec0f-fe54-11e4-82a7-a01d48bd0024}\AutoRun\command. (...) -- H:\INSTALL_ADB_RNDIS.exe (.not file.)
O51 - MPSK:{f51adc9f-fa39-11e4-829f-a01d48bd0024}\AutoRun\command. (...) -- J:\AutoRun.exe (.not file.)
O51 - MPSK:{f51adcf4-fa39-11e4-829f-a01d48bd0024}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
~ Keys: Scanned in VAmn OAs
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
~ TDSD: 4 Scanned in VAmn OAs
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in VAmn OAs
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 18 Scanned in VAmn OAs
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 4 Scanned in VAmn OAs
---\\ System Drivers List (SDL) (O58)
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:8/22/2013 - 1:43:40 ROVASOA ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] =>.ALWIL Software
O58 - SDL:5/30/2015 - 9:30:41 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O58 - SDL:5/30/2015 - 9:30:38 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] =>.ALWIL Software
O58 - SDL:5/30/2015 - 9:30:41 ROVASOA ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O58 - SDL:5/30/2015 - 9:30:55 ROVASOA ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O58 - SDL:5/30/2015 - 9:30:54 ROVASOA ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] =>.ALWIL Software
O58 - SDL:6/18/2013 - 3:45:02 ROVASOA ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3680256]
O58 - SDL:10/17/2014 - 6:03:00 ROVASOA ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys [4226560]
O58 - SDL:8/13/2013 - 12:25:46 ROVASOA ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:2/25/2014 - 8:53:02 ROVASOA ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [35016]
O58 - SDL:8/22/2013 - 1:43:41 ROVASOA ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:12/17/2009 - 11:25:17 ROVASOA ---A- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\Drivers\ElbyCDIO.sys [34472]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:11/14/2013 - 10:39:03 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ewusbmdm.sys [226048]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ewusbwwan.sys [455680]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcacm Driver.) -- C:\Windows\System32\Drivers\ew_cdcacm.sys [121728]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\Drivers\ew_hwupgrade.sys [22016]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\Drivers\ew_jubusenum.sys [91648]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\Drivers\ew_jucdcacm.sys [110592]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_jucdcecm.sys [77312]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\Drivers\ew_juextctrl.sys [30720]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_juwwanecm.sys [246272]
O58 - SDL:11/14/2013 - 10:39:05 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\Drivers\ew_usbenumfilter.sys [14976]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcndis Driver.) -- C:\Windows\System32\Drivers\ew_wwanecm.sys [375040]
O58 - SDL:5/15/2014 - 2:18:36 ROVASOA ---A- . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\HpqKbFiltr64.sys [28376]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:7/30/2013 - 7:47:35 ROVASOA ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:7/25/2013 - 8:05:39 ROVASOA ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:4/24/2014 - 3:34:12 ROVASOA ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [633704]
O58 - SDL:8/10/2013 - 1:39:30 ROVASOA ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:10/30/2014 - 1:23:36 ROVASOA ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3775416]
O58 - SDL:9/26/2014 - 3:26:12 ROVASOA ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [454416]
O58 - SDL:8/1/2014 - 9:18:33 ROVASOA ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296]
O58 - SDL:11/4/2014 - 9:47:38 ROVASOA ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27000]
O58 - SDL:8/22/2013 - 1:43:44 ROVASOA ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:8/22/2013 - 1:43:44 ROVASOA ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:8/22/2013 - 1:43:45 ROVASOA ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:11/14/2013 - 10:39:04 ROVASOA ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:8/22/2013 - 1:43:49 ROVASOA ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:3/1/2013 - 2:49:12 ROVASOA ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:8/22/2013 - 1:43:31 ROVASOA ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:8/26/2014 - 12:31:52 ROVASOA ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [874712]
O58 - SDL:12/3/2014 - 11:41:54 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [4290520]
O58 - SDL:8/19/2014 - 12:33:40 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsP2Stor.sys [294104]
O58 - SDL:5/28/2014 - 5:02:30 ROVASOA ---A- . (.Realtek Semiconductor Corp. - Realtek UVC Driver for XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\rtsuvc.sys [9112792]
O58 - SDL:2/3/2014 - 7:45:22 ROVASOA ---A- . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [129944]
O58 - SDL:8/22/2013 - 4:35:09 ROVASOA ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:8/22/2013 - 1:43:31 ROVASOA ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:10/30/2014 - 2:19:58 ROVASOA ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [33008]
O58 - SDL:8/22/2013 - 1:43:32 ROVASOA ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:9/5/2014 - 1:39:38 ROVASOA ---A- . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [576752]
O58 - SDL:4/8/2014 - 2:33:44 ROVASOA ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0).) -- C:\Windows\System32\Drivers\tap0901.sys [27136]
O58 - SDL:3/26/2012 - 10:45:14 ROVASOA ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [37888]
O58 - SDL:10/10/2014 - 9:37:16 ROVASOA ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [129312]
O58 - SDL:8/9/2009 - 10:25:45 ROVASOA ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\Drivers\VClone.sys [36352]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:6/14/2010 - 10:17:04 ROVASOA ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\Windows\System32\Drivers\vncmirror.sys [4608]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:8/22/2013 - 1:43:34 ROVASOA ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
O58 - SDL:8/6/2013 - 1:33:28 ROVASOA ---A- . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [20800]
~ Drivers: 78 Scanned in VAmn OAs
---\\ Last modified or created user files (O61)
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160] =>.Microsoft Corporation
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248] =>.Microsoft Corporation
O61 - LFC: 6/10/2015 - 6:27:34 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\b2ac7be6485b0e6e8c3e905a399a6a55\Platform.ni.dll [6372864] =>.Microsoft Corporation
O61 - LFC: 6/11/2015 - 6:28:23 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin [80]
O61 - LFC: 6/11/2015 - 6:28:26 ROVASOA ---A- . (.DownloadHelper.) -- C:\Users\Rovasoa Niriniaina\Downloads\ConvertHelper3Setup.exe [19189487]
O61 - LFC: 6/12/2015 - 6:27:24 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\12726CosmosChong.AdvancedEnglishDictionary_amge560j0aq9g\LocalState\recent.bin [125]
O61 - LFC: 6/12/2015 - 6:27:24 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\12726CosmosChong.AdvancedEnglishDictionary_amge560j0aq9g\LocalState\recentDB.bin [756]
O61 - LFC: 6/12/2015 - 6:28:04 ROVASOA ---A- . (.InstallShield Corp..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\_ISTMP3.DIR\ZDataI50.dll [45056]
O61 - LFC: 6/12/2015 - 6:28:24 ROVASOA ---A- . (.Adobe Systems Inc.) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Mozilla\Firefox\Profiles\mteietq8.default\gmp-eme-adobe\11\eme-adobe.dll [5916912]
O61 - LFC: 6/14/2015 - 6:28:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak\regclean pro\Version 6.1\backup0.bin [761] =>Rogue.RegistryPowerCleaner
O61 - LFC: 6/16/2015 - 6:26:00 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Microsoft\Windows\INetCache\IE\9ATFE9H1\urlblockindex[1].bin [16]
O61 - LFC: 6/16/2015 - 6:27:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\23500ANUSUMALIKAAKEPOGU.LIVINGWORD_heaf1c2gb9pg6\AC\Microsoft\CLR_v4.0_32\NativeImages\App58\876ac62101ff20777da5a44360f5fbc1\App58.ni.exe [198144]
O61 - LFC: 6/16/2015 - 6:27:27 ROVASOA ---A- . (.MarkedUp Inc.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\58358KittenInteractive.47391C753B11E_c1e5xmghw0yqc\AC\Microsoft\CLR_v4.0\NativeImages\MarkedUp\a4ba1f8be6f6e874474b86d418643a65\MarkedUp.ni.dll [1715200]
O61 - LFC: 6/16/2015 - 6:27:27 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\58358KittenInteractive.47391C753B11E_c1e5xmghw0yqc\AC\Microsoft\CLR_v4.0\NativeImages\MicrosoftAdvertising\3054dc56d444c6c0819580d49c5f4417\MicrosoftAdvertising.ni.dll [825344]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\CloudTTS\bf487a385b7289635e4f7e838c4d8700\CloudTTS.ni.dll [87040]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\FCPCommon\66407039b1c33a29514c1512c11521cd\FCPCommon.ni.dll [1814016]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\FlashcardsPro\963c2fbbb9a5a11127dee3aca6c4c81c\FlashcardsPro.ni.exe [1397760]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.24e0b7c1#\36486eeb7bad3aea88472908f6a601f4\Syncfusion.SfColorPickers.WinRT.ni.dll [319488]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.AdDuplex.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.Controls\4174803412489daaffaf80744e02ebf4\AdDuplex.Controls.ni.dll [284160]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.AdDuplex.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.WinRT\e27aa368f964520f429c1911d25052a2\AdDuplex.WinRT.ni.dll [513024]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.Aa7f4f37f#\ab0cbe0620a47fa745bd7b44d85f4494\Microsoft.Advertising.WinRT.UI.ni.dll [700928]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Microsoft.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\MicrosoftAdvertising\3054dc56d444c6c0819580d49c5f4417\MicrosoftAdvertising.ni.dll [825344]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.022a76c6#\b1087c55d74880429d4faa3afa0f6bd4\Syncfusion.SfMaps.WinRT.ni.dll [1482752]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Syncfusion.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.08f550cc#\af5fc79428f4c36bf648750f20d9476d\Syncfusion.Data.WinRT.ni.dll [1293824]
O61 - LFC: 6/16/2015 - 6:27:28 ROVASOA ---A- . (.Tim Heuer.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Callisto\3bb0991ed1c24380b8f1240f5a0e8e6f\Callisto.ni.dll [732672]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.2896fa44#\b35e85398b5f2d82a7c728667bc76080\Syncfusion.SfGridBase.WinRT.ni.dll [2320384]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3154d2bd#\12dd2604e68bb056ea6c5b91e5b25cfb\Syncfusion.SfReportViewer.WinRT.ni.dll [6444544]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3a0c20d0#\e3ea776389843ca1196fdc708d2bbdcb\Syncfusion.SfTileView.WinRT.ni.dll [217600]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.433e62d8#\46fdd3b84684015f920f41b1b7244d23\Syncfusion.SfGauge.WinRT.ni.dll [1295360]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.484bc9b9#\35dd9be233ab152a75d21a7ccb651c7c\Syncfusion.SfAccordion.WinRT.ni.dll [326144]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.6be7ec69#\21dd647b4b63f69b7e57b82ea11e53f6\Syncfusion.SfRadialMenu.WinRT.ni.dll [491520]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.713138e2#\d164da0855dd3d7b6a08e0a28d99cb6e\Syncfusion.SfHubTile.WinRT.ni.dll [400384]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.79af754c#\5181b78a5a9990a127ccc60487954df7\Syncfusion.SfSchedule.WinRT.ni.dll [3888640]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.3af09c52#\97a64e54ffaf6330d95d7702e168bcb8\Syncfusion.DocIO.WinRT.ni.dll [11083264]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.684726a3#\58fd957c9c7d305dabd6204b0291f7b9\Syncfusion.SfBulletGraph.WinRT.ni.dll [299520]
O61 - LFC: 6/16/2015 - 6:27:29 ROVASOA ---A- . (.Syncfusion.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.412a82f1#\48a5ca55d1161be6963bfbfcea45e8d8\Syncfusion.SfGrid.WinRT.ni.dll [5453312]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.7f925700#\a203d32b0d292886854758e361e8bae5\Syncfusion.SfShared.WinRT.ni.dll [426496]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.866da959#\1a5773cc269340c179920f2e3d1be1cd\Syncfusion.SfCarousel.WinRT.ni.dll [141824]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.8cabb3f0#\afabee77d05eb3858ed659fc0e2f9dee\Syncfusion.SfTreeNavigator.WinRT.ni.dll [168960]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.9c7d43b5#\5decdfb3e572494ecf000343391ab1c6\Syncfusion.SfBusyIndicator.WinRT.ni.dll [92672]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a0778b85#\69ce7ab95c206969bada6e426465488e\Syncfusion.SfChart.WinRT.ni.dll [6202368]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a1dc96bf#\7b86eb82039a4ee26f5ef017c1981274\Syncfusion.SfInput.WinRT.ni.dll [2163200]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a9526c39#\0edcc3dbd00d47c3af8c1a6b39b42dbd\Syncfusion.SfTabControl.WinRT.ni.dll [354816]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (.Syncfusion Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a97a4f02#\79b1c4d3a833c8060a070b5b5e9a2902\Syncfusion.SfRichTextBoxAdv.WinRT.ni.dll [2443776]
O61 - LFC: 6/16/2015 - 6:27:30 ROVASOA ---A- . (.Syncfusion, Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.a3bdf953#\9f7d4bbd5841ee880d2c96d9f19dbe9c\Syncfusion.SfTreeMap.WinRT.ni.dll [513536]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.b5a52b69#\62d824e95ee41b2504b426553806ddf7\Syncfusion.GridCommon.WinRT.ni.dll [1732608]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.c13daabc#\0fb042ff0d2b38d65255019fcf92348e\Syncfusion.SfDiagram.WinRT.ni.dll [3539456]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\WinRTFramework\8f3fa23516b00a492a7a5e2fdf21dbc3\WinRTFramework.ni.dll [691712]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\avonmobility.EnglishClub_fecrcyk3kabz6\AC\Microsoft\CLR_v4.0\NativeImages\AvonMobilitf0397a36#\653cdf0d555b34764ee8fe29cb1eba6d\AvonMobility.EnglishClub.ni.exe [3485696]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Filip Skakun.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\WinRTXamlToolkit\686af1f8e2bcc1c8324bb8072b884558\WinRTXamlToolkit.ni.dll [3298816]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Fortumo.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\avonmobility.EnglishClub_fecrcyk3kabz6\AC\Microsoft\CLR_v4.0\NativeImages\FortumoWindows\50161802c7097da008d8549b99da611f\FortumoWindows.ni.dll [823296]
O61 - LFC: 6/16/2015 - 6:27:31 ROVASOA ---A- . (.Syncfuson Inc..) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Packages\AntaraSoftware.FlashcardsPro_7jhd16s0b93qm\AC\Microsoft\CLR_v4.0\NativeImages\Syncfusion.c9d69095#\23eb7e56fa93010a22e3d5bf56327809\Syncfusion.SfBarcode.WinRT.ni.dll [551424]
O61 - LFC: 6/16/2015 - 6:28:12 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Adobe\Acrobat\8.0\UserCache.bin [128220]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\IFC Preferences\IFC Options Data.bin [394]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\Palettes\Palette.bin [6458]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\Tools\Tools.bin [35864]
O61 - LFC: 6/16/2015 - 6:28:21 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\Graphisoft\ArchiCAD-64 17.0.0 INT R1\Latest WorkEnvironment\User Preferences\User Preferences.bin [522]
O61 - LFC: 6/17/2015 - 6:27:52 ROVASOA ---A- . (.Installer prog.) -- C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\ICReinstall_sony-vegas-pro_13-build-290_fr_124204.exe [721056]
O61 - LFC: 6/17/2015 - 6:28:25 ROVASOA ---A- . (...) -- C:\Users\Rovasoa Niriniaina\AppData\Roaming\systweak\regclean pro\Version 6.1\backup6.bin [750] =>Rogue.RegistryPowerCleaner
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Installer prog.) -- C:\Users\Rovasoa Niriniaina\Downloads\sony-vegas-pro_13-build-290_fr_124204.exe [721056]
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Nicolas Coolman.) -- C:\Users\Rovasoa Niriniaina\Downloads\ZHPDiag2-2015.6.16.57.exe [6883618] =>.Nicolas Coolman
O61 - LFC: 6/17/2015 - 6:28:26 ROVASOA ---A- . (.Sony Creative Software Inc..) -- C:\Users\Rovasoa Niriniaina\Downloads\sony-vegas-pro_13-build-290_fr_124204 [1].exe [395026776]
~ 3330 Fichiers temporaires (Temporary files)
~ Files: 62 Scanned in VAmn OAs
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in VAmn OAs
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.scr>
~ FASS Keys: 12 Scanned in VAmn OAs
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in VAmn OAs
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} [DefaultScope] - (Bing (by Mircosoft)) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.searchfix.info
O69 - SBI: SearchScopes [HKCU] {C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!) - http://search.yahoo.com
~ Keys: Scanned in VAmn OAs
---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\Rovasoa Niriniaina\Downloads\FRAPS 3.5.99 Cracked Version is Here !.exe =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\Fraps 3.5.99 Full Cracked 2013[A4] [www.OMGTORRENT.com].torrent =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\FRAPS 3.5.99 Cracked Version is Here !.exe =>.Crack,Keygen
C:\Users\Rovasoa Niriniaina\Downloads\Fraps 3.5.99 Full Cracked 2013[A4] [www.OMGTORRENT.com].torrent =>.Crack,Keygen
D:\lOGICIEL\ACROBAT\Adobe CS3\BS\keygen_master.exe =>.Crack,Keygen
D:\lOGICIEL\Antivirus\Avast! Internet Security v8.0.1489.300 with licence keys valid till 2015 [TorDigger]\Avast5\Keygen free edition\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Robot Structural 2014\Autodesk 2014 KEYGEN\xf-adsk64\adesk_patcher64.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\LayOut.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\SketchUp.exe =>.Crack,Keygen
D:\lOGICIEL\BTP\Sketchup2013 64bits\Cracked Files\Style Builder.exe =>.Crack,Keygen
D:\lOGICIEL\crack_seven\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\Nero 8\Keygen\nero8x.exe =>.Crack,Keygen
D:\lOGICIEL\PC FASTER\crack_seven\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\RealVNC Enterprise v4.5.4\VNC Enterprise Edition 4.5.4\Keygen.exe =>.Crack,Keygen
D:\lOGICIEL\UltraISO_Premium_Edition_v9.3.5.2716\Keygen\keygen.exe =>.Crack,Keygen
D:\lOGICIEL\W7_crack\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Win 8 key\Windows Loader\Windows Loader.exe =>.Crack,Keygen
D:\lOGICIEL\Win 8 key\Windows Loader\Windows Loader.rar =>.Crack,Keygen
D:\PowerISO 5.5 (FULL + Keygen)\PowerISO 5.5 (FULL + Keygen).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Beatles (The) - Michelle (classic).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ De Lucia, Paco - Rio Ancho (Rumba).zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Howard, Bart - Fly Me To the Moon.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Jobim, Antonio Carlos - Desafinado.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Nirvana - About A Girl.zip =>.Crack,Keygen
D:\Rova\JOOV\GP\Guitar Pro 5.2! Newest version! Fully cracked!\new tabs\www-tablatures-tk @ Rightmire, Richard - Tango Flamenco.zip =>.Crack,Keygen
~ Files: Scanned in VAmn OAs
---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [521728]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3678720]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [640000]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [187904]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filter.) -- C:\Windows\System32\KeyboardFilterSvc.dll [92992]
~ Services: 36 Scanned in VAmn OAs
---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.1BD4F0C1CA041E0C31B6ACEF82B27EFD] [SPRF][5/4/2015] (...) -- C:\Users\Rovasoa Niriniaina\Desktop\ram.bat [20]
[MD5.6AFBDA3B252F6EC1E90DAC1463B25459] [SPRF][2/8/2013] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [117064]
[MD5.F96D6BB77C20C91B2203D6C9D5186045] [SPRF][2/21/2013] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [109368]
~ Files: 3 Scanned in VAmn OAs
---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "ED50FC09F537BA245AA24F74DFBF2E70" . (.LavasoftTcpService.) -- C:\WINDOWS\Installer\{90CF05DE-735F-42AB-A52A-F447FDFBE207}\ARPPRODUCTICON.exe =>Adware.Graftor
~ Update Products: 1 Scanned in VAmn OAs
---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: Autodesk 360 - {A7B36FF9-3BB0-426B-A737-A997B80466D5}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 7 Scanned in VAmn OAs
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector
~ BTK: 45 Scanned in VAmn OAs
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 3/20/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe =>.Adobe Systems Incorporated
SS - | Demand 5/9/2015 77944 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SS - | Demand 10/30/2014 280680 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 5/2/2015 1471352 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 5/4/2015 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 5/4/2015 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 8/27/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 11/14/2013 656976 | (MobiConnect. RunOuc) . (...) - C:\Program Files (x86)\MobiConnect\UpdateDog\ouc.exe
SS - | Demand 6/4/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 9/20/2007 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Demand 10/21/2014 33080 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
SS - | Demand 3/1/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 2/18/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 7/22/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 11/17/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 2/25/2014 319104 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 12/13/2012 12288 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 5/30/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 5/30/2015 107448 | (avast! Firewall) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 2/28/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 4/3/2013 2915704 | (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
SR - | Demand 6/7/2015 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 4/10/2013 351824 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 10/30/2014 318568 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 8/27/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/10/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 4/27/2015 833888 | (LavasoftTcpService) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe =>Adware.Graftor
SR - | Auto 12/10/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 9/20/2007 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 9/4/2014 292568 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 9/5/2014 220912 | (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
SR - | Demand 7/22/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 7/22/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 6/14/2010 2069880 | (WinVNC4) . (.RealVNC Ltd..) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
SR - | Demand 10/29/2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in VAmn OAs
---\\ Search Master Boot Record Infection (MBR)(O80)
Run by Rovasoa Niriniaina at 6/17/2015 6:39:28 ROVASOA
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in VAmn OAs
---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Rovasoa Niriniaina at 6/17/2015 6:39:30 ROVASOA
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in VAmn OAs
---\\ Scan Additionnel (O88)
Database Version : 13008 - (6/16/2015)
Clés trouvées (Keys found) : 27
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 15
[HKLM\SYSTEM\CurrentControlSet\Services\LavasoftTcpService] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1] =>PUP.AdvancedSystemProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90CF05DE-735F-42AB-A52A-F447FDFBE207}] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}] =>PUP.PriceMinus^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1] =>Rogue.RegistryPowerCleaner^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France_FF Toolbar] =>Adware.FFToolBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}] =>PUP.Adblocker^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\Conduit.Engine] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>PUP.Conduit
[HKLM\Software\Wow6432Node\conduitEngine] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Softonic_France_FF] =>PUP.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France_FF Toolbar] =>PUP.Conduit
[HKLM\Software\Classes\Toolbar.CT2207610] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2207610] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
C:\Program Files (x86)\bestadblocker =>PUP.Adblocker^
C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit^
C:\Program Files (x86)\PriceMiinus =>PUP.PriceMinus^
C:\Program Files (x86)\PriceMinus =>PUP.PriceMinus^
C:\Program Files (x86)\Softonic_France_FF =>Toolbar.Conduit^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\Users\Rovasoa Niriniaina\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Program Files (x86)\Conduit =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\Conduit =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\ConduitEngine =>PUP.Conduit
C:\Users\Rovasoa Niriniaina\AppData\LocalLow\Softonic_France_FF =>PUP.Conduit
C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^
C:\Program Files (x86)\ASP\AspManager.exe =>PUP.AdvancedSystemProtector^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\Program Files (x86)\RCP\RegCleanPro.exe =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_DEFAULT.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_DEFAULT =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_UPDATES.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_UPDATES =>Rogue.RegistryPowerCleaner^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
C:\Windows\AutoKMS.exe =>Trojan.Keygen
C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\sp-downloader.exe =>Toolbar.Conduit
C:\Users\Rovasoa Niriniaina\AppData\Local\Temp\SPIdentifier.exe =>Toolbar.Conduit
~ Additionnel Scan: 778113 Items scanned in VAmn OAs
---\\ Additional information about modules
~ http://www.nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://www.nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://www.nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://www.nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51)
~ AMI: 4 Scanned in VAmn OAs
---\\ Summary of the detections found on your workstation
http://www.nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://www.nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
http://www.nicolascoolman.fr/adware-adon =>Adware.ADON
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
http://www.nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://www.nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.PriceMinus
http://www.nicolascoolman.fr/blog/ =>Adware.FFToolBar
http://www.nicolascoolman.fr/blog/ =>PUP.Adblocker
http://www.nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Toolbar.Ask&Record
http://www.nicolascoolman.fr/blog/ =>Trojan.Keygen
~ MSI: 15 link(s) detected in VAmn OAs
End of the scan (1748 lines in VAmn OAs)(26.2)