~ ZHPDiag v2015.11.1.160 By Nicolas Coolman (2015/11/01)
~ Run by toshiba (Administrator)  (2015/11/03 20:33:03)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\toshiba\Desktop\ZHPDiag.txt
~ Report: C:\Users\toshiba\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (2) - 0s
GCIE: Google Chrome v46.0.2490.80
MSIE: Internet Explorer v11.0.9600.18059

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software (3) - 17s
Avast Free Antivirus v10.4.2233
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender W7 (Activate)

---\\ System protection software (Superfluous) (1) - 17s
McAfee Security Scan Plus v3.11.163.2

---\\ System optimization software (1) - 17s
CCleaner v3.20

---\\ Surveillance software (2) - 17s
Adobe Flash Player 19 NPAPI
Adobe Acrobat Reader DC - Français

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System:  64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1956.708 MB (4% free)
~ System Restore: Activé (Enable)
~ System drive C: has 11 GB free of 59 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: TOSHIBA-PC
~ User Name: toshiba
~ Logged in as Administrator

---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 11 GB free of 59 GB  (System)
~ Drive D: has 0 GB free of 0 GB
~ Drive E: has 177 GB free of 178 GB
~ Drive F: has  GB free of 0 GB

---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (25) - 13s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - 25/02/2011 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2871808] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.BD06D875FB79E92DAF724C91DE743AFA] - 16/09/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2487808] ©
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.FA886682CFC5D36718D3E436AACF10B9] - 30/05/2014 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497152] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.ACB6782973BD93760D597FC7BB37E692] - 29/09/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] ©
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.70988118145F5F10EF24720B97F35F65] - 11/11/2014 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] ©

---\\ Process running (36) - 9s
[MD5.11120878E5276B367E1A10FF8C9B595B] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1336] ©
[MD5.5DB2C6B908C50767E2EDAA294A7566B5] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1792] ©
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.1824] ©
[MD5.2FE8F6A30802B69A3F501607F346DEEA] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [392984] [PID.1840] ©
[MD5.CA1941B93BA45B7EA4D7D9F451B25C84] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [417560] [PID.1868] ©
[MD5.50D981FC745F85C16EB78DF6202A9D42] - (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe [273408] [PID.1952]  =>PUP.Optional.Proxy
[MD5.F120335CFD86E98967AD5F77905E981D] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016] [PID.1108] ©
[MD5.89CACBC5A5D9F14AD11F09D1DE49294E] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088] [PID.1288] ©
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.1296] ©
[MD5.6F142F0DE632B11D25E859550A228E9A] - (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312] [PID.1392] ©
[MD5.1A1A7B2542A67C7A7D166920C8C3D075] - (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104] [PID.1416] ©
[MD5.2EA68E33DFF41A10F1BAB15FC3A28076] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616] [PID.1816] ©
[MD5.E175D10D3ADFA6479E3984E695499175] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe [330456] [PID.1548] ©
[MD5.9C4E0E4E185D46DFC4F5F35939B013FF] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.17\GoogleCrashHandler.exe [245576] [PID.2064] ©
[MD5.AA1600118E222FCBE3F3BFEC1ABEC309] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [113024] [PID.2340]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.2348] ©
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.2380] ©
[MD5.2F2BC80803F0638F6738E37F769E4BD0] - (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632] [PID.2388] ©
[MD5.AABF93F351E17EA4D42EE028A905AF45] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824] [PID.2416] ©
[MD5.B35BCDC8758F44BB092590D92A8E744C] - (.Megaify Software Co., Ltd. - DriverToolkit.) -- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [1304040] [PID.2444]  =>PUP.Optional.DriverToolkit
[MD5.123CE08362EE48BBA7F9F1D7EB50F24F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544] [PID.2452] ©
[MD5.C35DBD373D64FE3B8443E194DAA73150] - (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\Homepage.exe [49664] [PID.2556]  =>PUP.Optional.Proxy
[MD5.E9C15F5EBCA836E50ACE2DA57BFA53B7] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528] [PID.2596] ©
[MD5.16AEFBBF76ACE9A8548BD8819878024C] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.17\GoogleCrashHandler64.exe [307016] [PID.2680] ©
[MD5.A302AE354F6A164DB1AE2A778EA48B9D] - (.Copyright 2001 - hpgs2wnf Module.) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe [77824] [PID.2776]  =>PUP.Optional.Pirrit
[MD5.BB49EFB7F60B1624B0C060333D98922A] - (.TheBestMatch - HPMonitor.) -- C:\Program Files (x86)\TheBestMatch\Homepage\HPMonitor.exe [30720] [PID.2932]  =>PUP.Optional.Proxy
[MD5.23DE5B62B0445A6F874BE633C95B483E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.368] ©
[MD5.AB176B9E59C0435499D83047D84EDD59] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784] [PID.2304] ©
[MD5.40C126CB15FAB7D6C66490DCA9C1AED2] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416] [PID.3076] ©
[MD5.BABBBDEF9DBB5E012EE5210FCB47C33B] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [9832760] [PID.3212] ©
[MD5.D1AFB241B396E9E3735D44A65DA97AD5] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [120104] [PID.3268] ©
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.2756] ©
[MD5.2BACD71123F42CEA603F4E205E1AE337] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096] [PID.3760] ©
[MD5.2A46FFE841EC43001D5A293A54DB34DE] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [223104] [PID.3372] ©
[MD5.CC3775100ABA633984F73DFAE1F55CAE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.3092] ©
[MD5.26FFDA193A05A3D921223AE58A00F258] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3G68VAQV\ZHPDiag3.exe [1963520] [PID.6716] ©

---\\ Google Chrome, Start,Search,Extensions (11) - 3s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] [] Avast Online Security
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] [] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] [] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] [] Google Chrome manifest  =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 3s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll ©
P2 - FPN: [HKLM] [@www.dlmanager.net/omaha/tools//Software Update;version=8] - (.Software.) -- C:\Program Files (x86)\Software\Update\1.2.201.0\npSoftwareOneClick8.dll

---\\ Internet Explorer Extensions, Start, Search (17) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {e78569be-555b-4b4a-b7e5-647c31ca7ddc} Orphean
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.offerbox.com;<local>  =>PUP.Optional.OfferBox
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©

---\\ Hosts file redirection (2) - 0s
0
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©

---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) --  (.not file.)
O3 - Toolbar: FR-mywebsites.pro Toolbar - [HKLM]{e78569be-555b-4b4a-b7e5-647c31ca7ddc} . (...) --  (.not file.)

---\\ Auto loading programs from Registry and folders (32) - 3s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe ©
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ©
O4 - HKCU\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe ©
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe ©
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe ©
O4 - HKCU\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe ©
O4 - HKCU\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ©
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe ©
O4 - HKLM\..\Wow6432Node\Run: [zzzHPSETUP] . (...) -- F:\SETUP.EXE
O4 - HKLM\..\Wow6432Node\Run: [Share-to-Web Namespace Daemon] . (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKUS\.DEFAULT\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKUS\S-1-5-18\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-19\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-20\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [systray] . (.TheBestMatch - Homepage.) -- C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe ©
O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ©

---\\ Global shortcuts Startup (5) - 11s
O4 - GS\TaskBar [Administrator]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe  =>PUP.Optional.BubbleDock
O4 - GS\TaskBar [Guest]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe  =>PUP.Optional.BubbleDock
O4 - GS\TaskBar [toshiba]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe  =>PUP.Optional.BubbleDock
O4 - GS\CommonDesktop [Public]: DriverToolkit.lnk . (.Megaify Software Co., Ltd. - DriverToolkit.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe  =>PUP.Optional.DriverToolkit
O4 - GS\CommonDesktop [Public]: Readiris.lnk . (.Copyright 2001 - read70 Module.) C:\Readiris\readiris.exe  =>

---\\ Lop.com/Domain Hijackers (3) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.20 109.0.66.10

---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype4COM.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll ©
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©

---\\ Non Microsoft non disabled Windows Services (11) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service:  (Homepage) . (.TheBestMatch - Homepage.) - C:\Program Files (x86)\TheBestMatch\Homepage\Homepage.exe  =>PUP.Optional.Proxy
O23 - Service: HPMonitor (HPMonitor) . (.TheBestMatch - HPMonitor.) - C:\Program Files (x86)\TheBestMatch\Homepage\HPMonitor.exe  =>PUP.Optional.Proxy
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service:  (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service:  (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe ©
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©

---\\ Software installed (61) - 10s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan ©
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM][64Bits] -- SynTPDeinstKey ©
O42 - Logiciel: Remo Recover for Android - (.Remo Software.) [HKLM][64Bits] -- {3BF6B4CF-E6A1-45B3-9BC5-67213D146CB6}_is1 ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} ©
O42 - Logiciel: Adobe Digital Editions 2.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Digital Editions 2.0 ©
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast ©
O42 - Logiciel: FreeOCR v4.2 - (...) [HKLM][64Bits] -- freeocr_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: Google Books Download - (.eBook Download.) [HKLM][64Bits] -- GoogleBooks
O42 - Logiciel: Hemera Products - (...) [HKLM][64Bits] -- Hemera Products
O42 - Logiciel: HTML to PDF Converter Free 3.2 - (.PDFArea Software.) [HKLM][64Bits] -- HTML to PDF Converter Free_is1
O42 - Logiciel: Image to PDF Converter Free 6.5 - (.PDFArea Software.) [HKLM][64Bits] -- Image to PDF Converter Free_is1
O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F} ©
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: MyPhoneExplorer - (.F.J. Wechselberger.) [HKLM][64Bits] -- MPE ©
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3 ©
O42 - Logiciel: SimCardExplorer 1.1.2 - (...) [HKLM][64Bits] -- SimCardExplorer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: Warper - (...) [HKLM][64Bits] -- Warper
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE} ©
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} ©
O42 - Logiciel: Java 7 Update 80 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217080FF} ©
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} ©
O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} ©
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} ©
O42 - Logiciel: Homepage - (.TheBestMatch.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} ©
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {698BBAD8-B116-495D-B879-0F07A533E57F} ©
O42 - Logiciel: Skype™ 7.12 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} ©
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} ©
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} ©
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1} ©
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} ©
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} ©
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} ©
O42 - Logiciel: Readiris 7.5 - (...) [HKLM][64Bits] -- {9BFFB382-0B2C-11D6-AB3E-000102B0F79A}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824161310} ©
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} ©
O42 - Logiciel: HP Photo and Imaging 1.0 - Scanjet 3500c Series - (.{&Tahoma8}Hewlett-Packard.) [HKLM][64Bits] -- {B8E952E3-A823-443A-8493-39A0CCE0E3EB}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}  =>PUP.Optional.SweetIM
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21}  =>PUP.Optional.Boxore
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} ©
O42 - Logiciel: DriverToolkit version 8.5.0.0 - (.Megaify Software.) [HKLM][64Bits] -- {D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1  =>PUP.Optional.DriverToolkit
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} ©
O42 - Logiciel: Sony PC Companion 2.10.289 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3} ©
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM][64Bits] -- {F21ABA47-CE22-4B3D-8F47-8BF08C21C094}  =>PUP.Optional.SocialSkinz
O42 - Logiciel: Google+ Auto Backup - (.Google, Inc..) [HKCU][64Bits] -- Google+ Auto Backup ©
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: Update for MySearchDial - (.Update for MySearchDial.) [HKCU][64Bits] -- MySearchDial  =>PUP.Optional.MySearchDial
O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber ©

---\\ HKCU & HKLM Software Keys (105) - 10s
HKLM\SOFTWARE\Wow6432Node\5dedad0b034ee47  =>PUP.Optional.Heuristic
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Atheros Communications Inc.
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\Babylon  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Chromium
HKLM\SOFTWARE\Wow6432Node\Comodo
HKLM\SOFTWARE\Wow6432Node\Conduit  =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\EnjSoft
HKLM\SOFTWARE\Wow6432Node\FR-mywebsites.pro
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hemera Products
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\I.R.I.S.
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\IncrediMail
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Myfree Codec
HKLM\SOFTWARE\Wow6432Node\ND
HKLM\SOFTWARE\Wow6432Node\Oak Technology
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OfferBox  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\OpenOffice.org
HKLM\SOFTWARE\Wow6432Node\Pricora  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Remo Software
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Software
HKLM\SOFTWARE\Wow6432Node\Sony
HKLM\SOFTWARE\Wow6432Node\Systweak  =>PUP.Optional.Systweak
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\VEGA
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Viguer.net
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\5dedad0b034ee47  =>PUP.Optional.Heuristic
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adsearches
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Appscion  =>PUP.Optional.LiveSoftAction
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\DriverToolkit  =>PUP.Optional.DriverToolkit
HKCU\SOFTWARE\DriverTuner  =>PUP.Optional.DriverTuner
HKCU\SOFTWARE\DriverTuner_Init  =>PUP.Optional.DriverTuner
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\IM
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\ImInstaller  =>Toolbar.IncrediMail
HKCU\SOFTWARE\InstalledBrowserExtensions  =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Ligos
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyFree Codec
HKCU\SOFTWARE\MyPhoneExplorer
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Oak Technology
HKCU\SOFTWARE\OfferBox  =>PUP.Optional.OfferBox
HKCU\SOFTWARE\OpenOffice.org
HKCU\SOFTWARE\PDFArea Software
HKCU\SOFTWARE\pdfsvg
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\SampleView
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Spoon
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Viber
HKCU\SOFTWARE\Windows Live Writer
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YesMessenger
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Toolbar
HKCU\SOFTWARE\AppDataLow\Software\Conduit  =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow\Software\FR-mywebsites.pro
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
HKCU\SOFTWARE\AppDataLow\Software\Pricora  =>PUP.Optional.Pricora
HKCU\SOFTWARE\AppDataLow\Software\Smartbar  =>PUP.Optional.SmartBar

---\\ Contents of the Common Files folders (514) - 40s
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 31/10/2015 - [] D -- C:\Program Files (x86)\DriverToolkit  =>PUP.Optional.DriverToolkit
O43 - CFD: 21/03/2015 - [] D -- C:\Program Files (x86)\DriverTuner  =>PUP.Optional.DriverTuner
O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 01/02/2015 - [0] D -- C:\Program Files (x86)\GUMB0B8.tmp
O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\GUMDEF5.tmp
O43 - CFD: 24/05/2015 - [0] D -- C:\Program Files (x86)\GUMF7FA.tmp
O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Hemera Products
O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 16/10/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 21/12/2013 - [] D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 24/04/2013 - [] D -- C:\Program Files (x86)\MarkAny
O43 - CFD: 19/10/2015 - [0] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 25/10/2013 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 28/11/2013 - [] D -- C:\Program Files (x86)\MyFree Codec
O43 - CFD: 26/12/2013 - [] D -- C:\Program Files (x86)\MyPhoneExplorer
O43 - CFD: 13/10/2015 - [] D -- C:\Program Files (x86)\OfferBox  =>PUP.Optional.OfferBox
O43 - CFD: 06/10/2012 - [] D -- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 19/01/2014 - [] D -- C:\Program Files (x86)\PDFArea
O43 - CFD: 19/01/2014 - [] D -- C:\Program Files (x86)\PDFsvg
O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/11/2013 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 17/10/2015 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Software  =>PUP.Optional.Boxore
O43 - CFD: 05/01/2014 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 17/01/2014 - [0] D -- C:\Program Files (x86)\Temp
O43 - CFD: 08/11/2012 - [] D -- C:\Program Files (x86)\TheBestMatch  =>PUP.Optional.Proxy
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/01/2014 - [] D -- C:\Program Files (x86)\Viguer.net
O43 - CFD: 26/04/2014 - [] D -- C:\Program Files (x86)\Warper
O43 - CFD: 19/10/2013 - [] D -- C:\Program Files (x86)\WebPlayer  =>PUP.Optional.WebPlayer
O43 - CFD: 17/07/2013 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 25/12/2013 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/09/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 25/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applications I.R.I.S
O43 - CFD: 27/09/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 30/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
O43 - CFD: 31/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit  =>PUP.Optional.DriverToolkit
O43 - CFD: 18/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
O43 - CFD: 21/11/2010 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 28/11/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 26/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hemera Products
O43 - CFD: 26/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
O43 - CFD: 10/03/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Share-to-Web
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 03/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 28/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 26/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
O43 - CFD: 06/10/2012 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
O43 - CFD: 19/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFArea
O43 - CFD: 23/10/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 20/04/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android
O43 - CFD: 28/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 04/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCardExplorer
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 16/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 03/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 06/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 26/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warper
O43 - CFD: 04/10/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 02/11/2015 - [0] D -- C:\ProgramData\APN  =>Toolbar.Ask
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 19/01/2014 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 04/10/2012 - [0] D -- C:\ProgramData\Babylon  =>PUP.Optional.Babylon
O43 - CFD: 12/03/2014 - [] D -- C:\ProgramData\BoxUpdChk  =>PUP.Optional.Boxore
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 03/04/2015 - [] D -- C:\ProgramData\Google
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 01/11/2012 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 03/09/2015 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 19/10/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 18/04/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 08/04/2013 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 05/01/2014 - [] D -- C:\ProgramData\Sony
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 09/04/2014 - [] D -- C:\ProgramData\Sun
O43 - CFD: 01/11/2015 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 25/11/2013 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 06/10/2012 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Common Files\MSSoap
O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 25/12/2013 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 19/10/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Adobe
O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\AVAST Software
O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Dossier de téléchargement Share-to-Web
O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Dossier de téléchargement Share-to-Web
O43 - CFD: 31/10/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\DriverTurbo  =>PUP.Optional.DriverTurbo
O43 - CFD: 13/11/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Google
O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Identities
O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\InstallShield
O43 - CFD: 04/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Macromedia
O43 - CFD: 01/11/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - [0] D -- C:\Users\toshiba\AppData\Roaming\Media Center Programs
O43 - CFD: 10/06/2015 - [] SD -- C:\Users\toshiba\AppData\Roaming\Microsoft
O43 - CFD: 26/03/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Mozilla
O43 - CFD: 02/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\MyPhoneExplorer
O43 - CFD: 13/10/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\OfferBox  =>PUP.Optional.OfferBox
O43 - CFD: 19/06/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\ooVoo Details
O43 - CFD: 13/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\OpenOffice.org
O43 - CFD: 08/04/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Samsung
O43 - CFD: 03/11/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Skype
O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Sun
O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\U3
O43 - CFD: 01/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\ViberPC
O43 - CFD: 08/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\vlc
O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\WinBatch
O43 - CFD: 05/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Windows Live Writer
O43 - CFD: 25/12/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Wondershare
O43 - CFD: 03/11/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\ZHP
O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Adobe
O43 - CFD: 15/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\Adobe_Systems_Incorporate
O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\Application Data
O43 - CFD: 19/11/2012 - [] D -- C:\Users\toshiba\AppData\Local\Apps
O43 - CFD: 05/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\cache
O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\CEF
O43 - CFD: 18/06/2014 - [] D -- C:\Users\toshiba\AppData\Local\Comodo
O43 - CFD: 24/03/2015 - [0] D -- C:\Users\toshiba\AppData\Local\Deployment
O43 - CFD: 16/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\Diagnostics
O43 - CFD: 29/11/2013 - [] D -- C:\Users\toshiba\AppData\Local\Downloaded Installations
O43 - CFD: 28/11/2013 - [0] D -- C:\Users\toshiba\AppData\Local\DriverToolkit  =>PUP.Optional.DriverToolkit
O43 - CFD: 07/07/2014 - [0] D -- C:\Users\toshiba\AppData\Local\DriverTuner  =>PUP.Optional.DriverTuner
O43 - CFD: 29/10/2015 - [] D -- C:\Users\toshiba\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieBrowserModeList
O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieSiteList
O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieUserList
O43 - CFD: 18/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\FreeOCR
O43 - CFD: 11/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\genienext  =>PUP.Optional.NextLive
O43 - CFD: 30/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Google
O43 - CFD: 21/06/2015 - [] D -- C:\Users\toshiba\AppData\Local\GWX
O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\History
O43 - CFD: 12/04/2015 - [] D -- C:\Users\toshiba\AppData\Local\Macromedia
O43 - CFD: 13/03/2015 - [] D -- C:\Users\toshiba\AppData\Local\Microsoft
O43 - CFD: 05/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\Mobogenie  =>PUP.Optional.Mobogenie
O43 - CFD: 26/03/2015 - [] D -- C:\Users\toshiba\AppData\Local\Mozilla
O43 - CFD: 01/02/2015 - [] D -- C:\Users\toshiba\AppData\Local\Programs
O43 - CFD: 28/11/2013 - [] D -- C:\Users\toshiba\AppData\Local\Samsung
O43 - CFD: 20/03/2014 - [] D -- C:\Users\toshiba\AppData\Local\Skype
O43 - CFD: 09/01/2013 - [] D -- C:\Users\toshiba\AppData\Local\Software  =>PUP.Optional.Boxore
O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\Spoon
O43 - CFD: 03/11/2015 - [] D -- C:\Users\toshiba\AppData\Local\Temp
O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\Temporary Internet Files
O43 - CFD: 08/11/2012 - [] D -- C:\Users\toshiba\AppData\Local\TheBestMatch  =>PUP.Optional.Proxy
O43 - CFD: 01/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Viber
O43 - CFD: 27/09/2012 - [0] D -- C:\Users\toshiba\AppData\Local\VirtualStore
O43 - CFD: 08/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Windows Live
O43 - CFD: 16/12/2013 - [] D -- C:\Users\toshiba\AppData\Local\Windows Live Writer
O43 - CFD: 25/12/2013 - [] D -- C:\Users\toshiba\AppData\Local\Wondershare
O43 - CFD: 11/08/2013 - [] D -- C:\Users\toshiba\AppData\Local\yesmessenger
O43 - CFD: 22/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0026DEBE-9A60-4E83-BCB7-C14AF61C1392}
O43 - CFD: 08/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{00993D78-59A7-4E70-8859-3DB83DD114BB}
O43 - CFD: 30/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{024D4AAC-E59A-448C-A4E6-AAD17C9D1CCE}
O43 - CFD: 17/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{0383D516-3AAE-4D7C-ADC4-A4A42DCDBCB8}
O43 - CFD: 22/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{038C8D78-EAC6-4323-ABF7-C4140162F848}
O43 - CFD: 08/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{046DBA5F-E8EC-4734-8A60-9D4D97CB8601}
O43 - CFD: 12/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{047F6D37-FB76-4092-BBFE-7BBDEFC90110}
O43 - CFD: 03/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{04F451EC-2C75-48D2-B82C-21BD2932FF12}
O43 - CFD: 05/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{05583E0C-780B-4AA5-ABB8-C2E4BAB7F4AB}
O43 - CFD: 31/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{07597472-BA43-4FD6-B80B-BEB1607210D4}
O43 - CFD: 23/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{086855F1-3340-44DF-A3CE-9E4E31E91346}
O43 - CFD: 03/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{097A4BF0-0A20-4E9B-B0A9-8002A2EB889B}
O43 - CFD: 16/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0A37C93A-6515-4B11-8CC4-EFFFF91353EE}
O43 - CFD: 31/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0B79D538-D22C-4D88-88F7-CAF728D49054}
O43 - CFD: 12/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0BA975A3-ED18-42EA-84C8-3ADE01AF6587}
O43 - CFD: 23/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0C1E1185-E7AA-4DA0-AEDB-A1EA3D73FB1F}
O43 - CFD: 22/07/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{0DFCA9FE-8221-406D-9D2E-6C0203AECB92}
O43 - CFD: 28/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0E110369-4CC9-457D-9CA1-65BDCA4BDD73}
O43 - CFD: 07/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{0EF985F1-9611-4D34-BFCD-46F62DF339DA}
O43 - CFD: 29/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{0FBF3BB6-53FE-411A-A4D4-8FE74D428214}
O43 - CFD: 25/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{115B1612-9329-446D-8797-20BF1DD03D2C}
O43 - CFD: 08/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{138326A1-0F15-4F65-91FC-772078DFEDC7}
O43 - CFD: 24/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{1441DA33-3DF1-4DC1-928D-DED723FCE30E}
O43 - CFD: 10/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{14FDA2AF-F16A-4C78-8670-28DB6480A8CB}
O43 - CFD: 27/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{180C4067-6904-4CF9-BA18-ECE00C3032A6}
O43 - CFD: 07/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{18D440EF-F5B7-428D-B1BB-55EFE6F85A3C}
O43 - CFD: 18/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{19C30F52-8C0C-4ED6-8BC9-149C112624CD}
O43 - CFD: 13/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{1A952234-0447-484A-9E47-0CBF407EF4BE}
O43 - CFD: 17/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{1AA253EA-1D51-4971-8B7D-F84B9A037151}
O43 - CFD: 14/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{1B38024E-B371-4F7E-BE27-548C89676B5E}
O43 - CFD: 18/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{1BAD7EAF-9893-45E7-8E24-4E1A024BC324}
O43 - CFD: 21/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{1F8D26DA-56D6-44C8-8EB2-C9923ABFA764}
O43 - CFD: 27/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{1FE623EA-64A3-4D6C-8667-DB3B7239387D}
O43 - CFD: 01/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{1FF6EA4D-65C8-4028-835D-78F0D4FE76CC}
O43 - CFD: 04/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{200966CE-09C1-4BA9-9F3E-23613032A994}
O43 - CFD: 18/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{220CD49E-A67B-49FE-BF55-D424D7550740}
O43 - CFD: 08/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{2359B21B-0CC1-453A-9EEC-6DBCA047E606}
O43 - CFD: 20/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{236563B3-0A90-42AB-A9A4-4B60E74A6234}
O43 - CFD: 05/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{2401756C-17B4-457E-A169-0DD98E2C84E6}
O43 - CFD: 17/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2411B5E0-199B-4B8F-9579-FDA92309C53C}
O43 - CFD: 28/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{241288E3-B1F4-4E01-88B8-B580F05BFBFB}
O43 - CFD: 23/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{2442468D-4B58-4EFB-AC82-22B3B62263DF}
O43 - CFD: 20/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{24EA3AE7-5B04-479B-8227-193E9879C5F2}
O43 - CFD: 01/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{250E58F6-229B-4B42-AC14-4A41264FD222}
O43 - CFD: 10/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{26A9A8C7-0B48-416A-B7FA-1D0A92042E9E}
O43 - CFD: 06/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{26C25EFD-540A-46F9-A7BE-D8FDC7157B66}
O43 - CFD: 11/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{27C1A12B-CF52-4984-B67E-1DF61BF1F921}
O43 - CFD: 19/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{27EF16FB-57E7-4C07-974D-72D40D1F9BAC}
O43 - CFD: 23/05/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{281DDB16-B6AF-4AA9-B43A-F100C3D67184}
O43 - CFD: 05/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{28759F31-962F-4FE3-BF25-EE1558B7A55C}
O43 - CFD: 05/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{289579D8-F19B-47D0-B5DF-B43107197E65}
O43 - CFD: 30/04/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{289A8D1A-4ED5-46FB-9512-7AA14407EBF4}
O43 - CFD: 01/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2928FE85-5EAB-4AFE-BBDA-4A2BA32CDF28}
O43 - CFD: 14/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{29AEB9FC-9E6A-4CCC-B591-64ED0BE1BA14}
O43 - CFD: 05/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2B4B14E2-35AC-45A4-8577-0419845F8844}
O43 - CFD: 08/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2B4B150A-72F9-44CC-A6BD-5F163EDA1085}
O43 - CFD: 15/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{2BBDD1A5-D57A-4B44-A92B-4042D965BEDF}
O43 - CFD: 31/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2C513948-6C67-4A6A-9735-B2C4C462D5BA}
O43 - CFD: 02/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2C96D95E-CE20-43E1-AC3F-B7340A27D65F}
O43 - CFD: 02/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2D28612C-1208-4B6C-BD59-3BE4B35BA621}
O43 - CFD: 28/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2DCED498-5772-4B47-818B-789EAAB9251B}
O43 - CFD: 14/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2E137C74-CB0E-424A-B5A9-AE1E5B9693E9}
O43 - CFD: 16/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{2E6EA9FB-DDF0-4E18-A216-7C2B5A18500A}
O43 - CFD: 25/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2EA68CD8-2112-4B75-842B-F36AA9B48A33}
O43 - CFD: 30/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{2EF8432E-F4E1-4F97-AC08-A032C88F460E}
O43 - CFD: 10/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{2F665FE1-EA93-48DC-9FC6-DAF1ACB89C6F}
O43 - CFD: 05/01/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{30CA5D8A-7CCA-4D8C-8847-AC510684565D}
O43 - CFD: 10/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{30F739A3-5720-432C-9585-56A89DDA153C}
O43 - CFD: 26/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{31B611B2-2BF9-472E-A9C2-F9EE7BF2B9E6}
O43 - CFD: 17/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{326EDBDC-3B6D-466A-8888-F87A3945F101}
O43 - CFD: 14/05/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{3433351A-620E-4786-872B-B7B7030EE168}
O43 - CFD: 10/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{344832EB-A7BB-481C-9833-673CA413158A}
O43 - CFD: 03/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{35F36142-5F39-4BF0-B72A-BB5F2AF9BDEC}
O43 - CFD: 10/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{35F68C9F-0982-4841-8AF1-1DAE6B29F5ED}
O43 - CFD: 04/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{36EC3D4C-6CD1-4C7D-AA23-AD362CFFAB09}
O43 - CFD: 10/09/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{37521761-CFF4-4619-966C-4E2EDFA31828}
O43 - CFD: 29/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{38B52371-5AE8-4FA8-8844-98C258AB6CEE}
O43 - CFD: 06/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{391F8D04-57BA-489B-8BE9-7A9F971BD168}
O43 - CFD: 26/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{39DA8DFC-9E09-4AA0-8E87-45398ECA073F}
O43 - CFD: 11/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{3B679A39-BBBE-4E88-A387-881AF792B31E}
O43 - CFD: 13/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{3DCB802C-F0EF-4A89-A1AB-C7A3325D3B9B}
O43 - CFD: 15/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{3DDCFB09-B450-4454-9C35-D3AEC75C498B}
O43 - CFD: 01/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{3E397A14-B66F-49B8-BE11-1F2706B15D93}
O43 - CFD: 15/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{3E7FF150-2D6D-4359-9019-9CAC5F62AA34}
O43 - CFD: 12/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{3FB46013-2D80-45D0-BD37-0AD0755A9573}
O43 - CFD: 28/10/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4158D2E0-7A6B-4D9B-9EF2-9F9A6E41E993}
O43 - CFD: 09/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{42DE1A65-0DC4-49A2-9F97-39D48AB6B999}
O43 - CFD: 17/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{433FBE62-0D1E-4216-8592-A697BD25CF81}
O43 - CFD: 26/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{43812283-2DC9-46AC-85C9-BEEA2368B72B}
O43 - CFD: 30/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{43E3DD2F-9738-47EC-A172-A8ED5AEDD784}
O43 - CFD: 28/07/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{44C2F6E7-1D11-42D4-8636-0E95EA4040C1}
O43 - CFD: 29/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4526FF50-3BA9-4B6B-BAD3-1F56CE01DFC3}
O43 - CFD: 02/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{47209E4A-2838-400A-B42C-058D7DE54E33}
O43 - CFD: 21/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{47B68EF6-635B-4C0E-970A-5AD2F4C4D3FA}
O43 - CFD: 05/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{481EAE8A-D618-4761-B305-7879E05F5426}
O43 - CFD: 25/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{484F3E8A-7E07-4BAA-A45A-8008F420C3D5}
O43 - CFD: 30/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{48B36CC7-1741-4A15-8FBE-4B4BCFE3E91A}
O43 - CFD: 05/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{49D19D94-94B3-4DEC-886F-120ADA170C7F}
O43 - CFD: 29/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4B18AE59-D462-42EE-A334-D7C86205C6CB}
O43 - CFD: 21/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4D4C4535-D003-4674-8FF1-CD6FF506E207}
O43 - CFD: 24/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4E3B937F-50AD-4B48-9583-93AAEFD89342}
O43 - CFD: 14/10/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{4ECEDA8E-72EE-4E3E-AF1E-573E756EF5E3}
O43 - CFD: 25/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{4ED0EE2A-2E78-4E52-AEEF-F3AE6D5A3319}
O43 - CFD: 14/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{5109C457-3A11-4E19-90F3-E606DFDC2C61}
O43 - CFD: 11/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{51886486-F02E-4D11-B596-FAEB2B7E56D3}
O43 - CFD: 01/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{54B50556-B696-48CC-8EB9-82AFA73EC22C}
O43 - CFD: 07/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{556918E7-60E7-4181-B4B0-EBA96578DEB3}
O43 - CFD: 06/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{55D10492-76F5-4535-B6AC-B50D64F69FF7}
O43 - CFD: 30/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{56E0393F-E8FA-46D8-B26F-094C3201D682}
O43 - CFD: 21/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{5723E2C6-8B4F-4195-9D79-C9E80BE9C37C}
O43 - CFD: 18/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{58B42EFF-FDAF-4C58-A8CB-C127BC5215D6}
O43 - CFD: 19/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{5CEC81AC-CA52-4856-B096-15986ABBD6E8}
O43 - CFD: 11/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{5ED44040-D966-4A71-A5FF-4D2A36BA3283}
O43 - CFD: 02/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{61CD3CE8-5A69-4345-9393-4AD32D4F328C}
O43 - CFD: 06/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{61EB0954-606C-492F-A6A4-6F82D73374DB}
O43 - CFD: 25/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6438B6FD-F891-4A51-B442-4150E18552C7}
O43 - CFD: 16/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6464A4D9-1E70-40EA-83AB-C5B5CEFF8348}
O43 - CFD: 11/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{64901FE6-D74C-4EFE-9919-AC70BDF41DD3}
O43 - CFD: 30/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{64D8B68A-DCCA-40CD-B4E6-6598B9938414}
O43 - CFD: 02/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{64DAAA99-CE5F-4061-8EDF-52491DA626E9}
O43 - CFD: 11/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{6600ABA5-BF96-4ECE-9487-459B8322B2D0}
O43 - CFD: 27/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{663A5725-8214-415E-A1BB-D85681BDE675}
O43 - CFD: 27/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{670DDC2C-77B7-4453-8E28-AB6332406C78}
O43 - CFD: 22/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6760E759-913F-4303-9FF5-089868928F28}
O43 - CFD: 23/10/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{6852181C-DB03-46E9-BCB4-2B132D5FEDF9}
O43 - CFD: 21/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{68D00C2B-C9CE-491A-B50B-E052A81A8912}
O43 - CFD: 04/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6AA243A0-91C3-4166-98C5-DF7F09BA5BDA}
O43 - CFD: 28/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6B2E76DB-071E-483E-9D8E-1CCE369F3EAF}
O43 - CFD: 20/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6B30A0D7-312D-487E-811F-F50E7EAAE1C5}
O43 - CFD: 27/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6B3AE2E8-0771-4A34-8C6D-A32A13EAD9D7}
O43 - CFD: 13/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{6BB58117-AE86-4FAC-9064-AEC099269E3C}
O43 - CFD: 09/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6C4877D0-7330-4AAF-B188-03BB605BA444}
O43 - CFD: 15/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6D8D6E6A-33C9-4519-B0A1-8612D649C024}
O43 - CFD: 04/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{6E1A7A32-BA94-417F-9288-7BD8FD33FA48}
O43 - CFD: 14/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{6F5D4941-D1F4-4109-9810-8E4EC473543C}
O43 - CFD: 17/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{70499969-5055-4EC5-AF0C-AEE259CFA596}
O43 - CFD: 04/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7215F470-FBE9-494E-9A78-664A0DD8E19A}
O43 - CFD: 02/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7216802F-3529-42DF-9E6A-A85E31032EFB}
O43 - CFD: 13/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7429E7F4-4DAF-400B-870E-0741A0331B78}
O43 - CFD: 30/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{74582D7C-2CA0-4541-ADCE-B72D5B878881}
O43 - CFD: 21/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{748EA8C0-02EB-4B1A-BE8A-5013846896AF}
O43 - CFD: 12/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{74A63F56-7570-442F-BD74-F09BE682BB0C}
O43 - CFD: 05/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{74F30726-761C-4A77-A4D4-E4B3D581165A}
O43 - CFD: 30/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7631C4D7-35E0-4FA7-8F65-57CF5BDDABAC}
O43 - CFD: 03/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{768DF711-0D0C-48DF-A951-F9F376191E31}
O43 - CFD: 01/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{775994BC-E0C2-40B9-ADDB-D9D414C15DA0}
O43 - CFD: 29/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{788D0966-858C-4FA9-9309-47607ED942C2}
O43 - CFD: 17/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{78C1A636-25B4-49DB-8F4C-D49B128655A4}
O43 - CFD: 18/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{79C8220A-91AA-484B-8C57-6D756B0F88DC}
O43 - CFD: 07/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7B0C8E2D-CE95-47A0-AE5E-497A39A3E496}
O43 - CFD: 21/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7C11F249-C337-44E4-A9F2-F0B1E5CA1840}
O43 - CFD: 30/01/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{7D535E28-2E82-476B-9A7E-A7730BBD488F}
O43 - CFD: 30/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7E7BCE8E-489B-4A9C-9657-DB0720CEFE45}
O43 - CFD: 17/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{7EB8FE6E-B9EC-4261-8F1A-8CA1E699282A}
O43 - CFD: 13/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{80E297D9-FE74-4D3F-8390-BFE56F13EFB6}
O43 - CFD: 08/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{81415B62-346B-436E-AD69-1E79D956AE7F}
O43 - CFD: 10/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8174EDA3-2EB9-4673-9CB8-D7845A5DB61B}
O43 - CFD: 23/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{84C1E617-CB1D-4D82-8187-BF89872A2672}
O43 - CFD: 18/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8523AB76-F556-4227-9A0E-5D5422F9BB29}
O43 - CFD: 13/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{8591C4FE-ED39-49FA-A7BA-E44B36EAFD1C}
O43 - CFD: 26/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{86BC7194-5D42-44C6-8EBC-0F7C234E7D81}
O43 - CFD: 19/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8738D004-15D1-44C1-8CC6-0031CBA782DA}
O43 - CFD: 15/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{8769A156-57A5-4BA2-BEBF-2F74ED327762}
O43 - CFD: 24/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{87B559B7-0EF0-4B44-9004-210963EFADD0}
O43 - CFD: 13/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{87C39B25-2C33-4DB1-A7EB-CA97143430C0}
O43 - CFD: 15/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{89216B78-5F7A-41E7-B98D-3EFE57DBE40B}
O43 - CFD: 04/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{8A29A778-58A3-4266-A395-4B34F638A997}
O43 - CFD: 28/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{8A70070B-E56C-4E69-8974-0760074AF0FC}
O43 - CFD: 27/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8B0133E8-C971-43DD-8533-959ECBCC6732}
O43 - CFD: 14/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{8B4C60F6-557D-4477-9EE6-381D7AF971B8}
O43 - CFD: 01/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8BC5366B-668C-401C-994E-6A3B3784C0AB}
O43 - CFD: 19/11/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8D420D17-9105-4E00-BB35-6C0A52859C11}
O43 - CFD: 29/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8D912E2C-4616-42C3-8FD6-7491DBFFBF11}
O43 - CFD: 19/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{8DCD8957-FC5C-4730-AEBB-FF0989238EB8}
O43 - CFD: 20/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8DD2FF23-2A32-4D8F-88DB-6A249328E93F}
O43 - CFD: 18/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8E7ED4BA-C754-4828-95B0-D7C4041A3582}
O43 - CFD: 13/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8E85157F-0DCD-43C5-9926-1076EB2747C4}
O43 - CFD: 25/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8EEF7546-8146-480F-9DD2-29BCB051B4A9}
O43 - CFD: 24/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{8FAE769F-DF9F-40E5-9C77-A742DB3755EE}
O43 - CFD: 18/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{92B6668C-B723-4409-BD8C-5F9BD22F30E3}
O43 - CFD: 26/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{93C02B0A-92FA-4A0E-9A08-A5639FD41617}
O43 - CFD: 16/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{948AAB8A-63CD-44DC-915B-EA2F0B4C81ED}
O43 - CFD: 26/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{97BC4F17-D631-44EF-BBD5-69F37DF098D1}
O43 - CFD: 22/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{98A42D44-DD66-4EA4-8D5A-78848F48FC37}
O43 - CFD: 03/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{98C58F1F-D47E-482A-B3F1-1A011103996E}
O43 - CFD: 10/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{9984E125-65A0-44E8-8F31-6E96B4A27DF2}
O43 - CFD: 12/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{99AA1CBE-F3EB-4EEF-A2F3-D0FA7A84F50B}
O43 - CFD: 30/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9A09852F-D562-4A80-8C50-A5D3D52C2452}
O43 - CFD: 15/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{9B33789A-5A39-4F33-96D2-35BDBB734BDC}
O43 - CFD: 13/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{9C253A43-30DB-41CD-BC6C-C14D90BD8384}
O43 - CFD: 07/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9C9DC1DC-B56B-49EF-8787-0985D4F1C816}
O43 - CFD: 14/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9CF5DCB8-A390-4759-9EF9-1BBDDE1FC468}
O43 - CFD: 12/11/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9D026DE2-D467-4ADD-8580-2A00264EDC27}
O43 - CFD: 17/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9D67EDFC-492E-4224-9FDC-43E57B9DE83C}
O43 - CFD: 04/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9E414BA5-3934-4194-891D-12D59CC07D5E}
O43 - CFD: 12/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9E41B9DE-F704-4C5E-92AC-4B13CFC7BF0D}
O43 - CFD: 12/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9E51A13C-E32B-42A1-80A8-84F028B6736E}
O43 - CFD: 27/02/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{9E67415E-605E-4A5F-954D-40DF08E44750}
O43 - CFD: 19/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{9FC425EA-CE43-4327-8815-2371F4D26D48}
O43 - CFD: 03/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{A11A871C-31A7-4053-8E9C-2FADDB8DCAC1}
O43 - CFD: 05/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A3BE7ED9-AB93-4C83-AE81-447BF23A6583}
O43 - CFD: 31/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A544076A-9ED2-4A92-91AF-00A70B9AC2AB}
O43 - CFD: 20/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A547CB29-837B-4BBA-B7C9-F7294753F685}
O43 - CFD: 08/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{A582F1F8-342B-47D8-A9D9-83F231017D64}
O43 - CFD: 05/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{A5C2D3E0-C7BF-4521-9D9E-BC020D66DA0A}
O43 - CFD: 05/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{A5E89F99-DCC1-417F-894C-488129235934}
O43 - CFD: 01/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A77F64AA-9198-4C51-9AB4-49D30CC6B72A}
O43 - CFD: 23/05/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{A78B99C8-C566-47FA-AC2E-DAC5D8B352B8}
O43 - CFD: 31/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A7B6C4BE-F7A6-41CD-B76C-A3069CBD9DE0}
O43 - CFD: 22/08/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{A7E77679-AC96-43C1-849A-9B6CDF3A1634}
O43 - CFD: 19/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{A926BF22-3518-455F-8CBE-C27B49BBD666}
O43 - CFD: 01/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{AA2614FE-AD07-4587-8F8A-44FCD60585C4}
O43 - CFD: 11/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{AA7ADA8E-7B31-4BD7-AAA2-CF10DB08D309}
O43 - CFD: 01/11/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{AA9FA76D-E702-4C15-8CBE-2CE750784307}
O43 - CFD: 04/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{AB72A0F0-32A0-4313-B475-38821EAF2B40}
O43 - CFD: 27/10/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{AD173B1F-74B8-4161-838B-EA4D37AFD516}
O43 - CFD: 16/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{AF19845A-E795-4384-93B9-27C0F94FE7DE}
O43 - CFD: 16/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{AFDCDD38-99F4-4B50-AB79-0A5C63975C34}
O43 - CFD: 25/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B1B7BBBB-5D44-491C-920F-1DC2CE7B536C}
O43 - CFD: 03/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B25F49FA-8A20-441A-B49F-9B5A1A589A99}
O43 - CFD: 03/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B36B0949-806E-4AD6-B84F-A5980143F026}
O43 - CFD: 20/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{B3A1A0B7-017D-487C-A146-D34DB7CB27A0}
O43 - CFD: 09/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B5B7EDD1-D034-48EB-9B69-2C0EF2EF6FD7}
O43 - CFD: 14/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B98D8E25-D044-40EC-A367-2F06AFE884C7}
O43 - CFD: 29/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B9A31E8E-EE52-464C-9710-B87F9529D94F}
O43 - CFD: 27/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{B9C7B194-2689-42CF-807F-E39629A8DAB5}
O43 - CFD: 08/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BA2220E1-96F9-4CA4-B6CC-03CFA3A691AB}
O43 - CFD: 06/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BA4A7596-45B0-46B4-9F5E-52C8690B47C1}
O43 - CFD: 27/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BA6FB585-3508-4D81-A18C-E993055C3651}
O43 - CFD: 10/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BC3313AB-6AB1-4BEB-9A21-C05C9AD155FA}
O43 - CFD: 30/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BCDEEA61-2FFD-4191-A694-C98C8E15418F}
O43 - CFD: 29/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BD1FD711-BEB1-4D47-9483-4A1E5558E6CF}
O43 - CFD: 03/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BDE5B2DD-3036-4488-AE62-C371028FA403}
O43 - CFD: 20/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{BDE80CDF-B501-474B-82D2-25DA94B9C757}
O43 - CFD: 03/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{C0E4FD6A-DB2D-480C-90F9-0B4C70A67887}
O43 - CFD: 04/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C19A2889-491B-46D3-907C-379DFCBD7B8C}
O43 - CFD: 22/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C20B1DB5-91E5-4E51-A726-62E125F264F3}
O43 - CFD: 23/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{C3416870-0551-43F6-A57F-873B0D7CAFC8}
O43 - CFD: 02/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{C48B0F8A-9A07-4031-AF2B-D32FC8F77101}
O43 - CFD: 17/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C5C25A45-2BA0-4C7C-BC25-806D60ED016C}
O43 - CFD: 09/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C5F2F5F8-FF7F-4CB0-B486-113FF58DAD6D}
O43 - CFD: 15/03/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{C64AC4A6-F8C9-45DA-AC25-7B59934F0A4C}
O43 - CFD: 02/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{C6E75EA2-563F-48D7-B4DA-D744CBA76532}
O43 - CFD: 06/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{C7280417-2753-4B12-B84F-66C5EC3DF0B7}
O43 - CFD: 21/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C747BDF8-5257-49C8-AE99-D4D64195CB0A}
O43 - CFD: 05/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C7D11C81-21A4-4900-A83D-ADEC901D31C5}
O43 - CFD: 30/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C83EB5B9-8AE2-4334-B373-266535E201E6}
O43 - CFD: 09/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{C85CCBE0-7FE4-418D-8DAB-D3363FCE05FF}
O43 - CFD: 21/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C9046C89-17B9-4A49-8C05-8AD4AC144640}
O43 - CFD: 02/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{C9B8D352-EE71-4525-B6B0-BDD088F1F499}
O43 - CFD: 14/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{C9E60B41-DF32-4869-AA5E-96CB288C43E6}
O43 - CFD: 10/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{CAD99C31-6A50-41D1-91B4-E8A7C59113D9}
O43 - CFD: 12/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{CB0F96D6-4E6C-40F7-A7F8-DB5F26C31CAF}
O43 - CFD: 20/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{CB32B541-3830-4965-9D47-F6EE2D535E8F}
O43 - CFD: 03/01/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{CC9CC80E-22DC-4A61-A94E-099F803DA9E1}
O43 - CFD: 28/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{CD1271B8-E539-4421-A915-3FBEFB9B812D}
O43 - CFD: 02/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{CD3EDD08-3A40-4E55-8B5E-8B21F9DC28F0}
O43 - CFD: 14/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{CEDB08FF-62C9-4D0E-8504-A28A3631617E}
O43 - CFD: 29/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{CF92A1CC-AEF6-459D-B395-A79F31819848}
O43 - CFD: 11/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D058E899-CEB3-4621-BB61-92AB9F328F8E}
O43 - CFD: 23/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D1994E42-F10A-4E99-A761-733AB88AFC5F}
O43 - CFD: 13/03/2015 - [0] D -- C:\Users\toshiba\AppData\Local\{D1A014DF-74F5-4045-9F6A-24B46C895874}
O43 - CFD: 24/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D22F4085-BB22-4D62-9455-E9FC2CFAC047}
O43 - CFD: 14/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{D2987040-3505-4544-9DA3-49A421DE962B}
O43 - CFD: 13/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D34FA4C4-9A62-4936-8698-0AAE814730A1}
O43 - CFD: 22/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D39CDC5A-7414-444E-ADE1-B075B60CFBDD}
O43 - CFD: 19/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D44D8290-8030-4E19-828A-F50403693A67}
O43 - CFD: 07/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D4D56F74-0D61-4EA7-8427-1FA652AA17FB}
O43 - CFD: 05/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{D4FC2ECB-FE04-4F68-A0A6-DB46B909130C}
O43 - CFD: 28/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D6784B85-6FFB-43D9-9530-897BECDC52EE}
O43 - CFD: 06/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{D744A8EB-0139-4FB1-B920-6E006BDA8682}
O43 - CFD: 03/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{DAB92C58-4522-4576-99AF-197672C104BD}
O43 - CFD: 30/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{DC4ED1FC-38EB-4364-A5FA-9913D23A2E80}
O43 - CFD: 08/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E0CCF36D-43DB-4B35-8A80-3E1BD37754AF}
O43 - CFD: 22/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E1AAABA6-4F5F-4B57-AAD2-7B1D89666AEF}
O43 - CFD: 18/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E2138606-47FF-403B-B29F-3754242812B4}
O43 - CFD: 13/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E33B6702-6A95-4654-A18B-82ECC22379A3}
O43 - CFD: 13/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{E377AED6-3565-4CFB-AC49-AC8E4CB3AA39}
O43 - CFD: 03/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E51FC53E-4403-4739-9878-7CFE6B5E0ABB}
O43 - CFD: 24/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E5390975-2992-4E15-89AC-B93A82E2D24D}
O43 - CFD: 26/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{E55C41AA-C1DF-4547-BC2A-BADB2012A373}
O43 - CFD: 06/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E718A017-B3F9-4AA4-B177-7A8E41E0CE3A}
O43 - CFD: 30/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{E75FFAC3-0A65-4855-97A2-DAAEA5999897}
O43 - CFD: 06/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E81F5140-78BF-4DEC-9D36-052D4931AF8F}
O43 - CFD: 13/11/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{E918CA12-DF92-4B35-BC68-A22ABCC7D892}
O43 - CFD: 12/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{E972218B-CC23-41B7-9642-F639C15FB0E9}
O43 - CFD: 04/03/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{E97F94F4-FE05-4FA1-BF97-9EC170AF9CB6}
O43 - CFD: 04/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{EB403A1A-9450-455A-B655-926CC4D01D13}
O43 - CFD: 15/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{EB62EDD1-C8C7-420F-A306-8A83262F5BE5}
O43 - CFD: 30/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{EB8FEC40-D9F0-4681-AF7F-82CC7CCD3994}
O43 - CFD: 16/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{EC0CF832-F38C-4C92-BC53-92859E6A6D95}
O43 - CFD: 04/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{EC3FBB46-8082-416C-B6B2-C4612349A2EB}
O43 - CFD: 03/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{ED09BB50-7DA6-4D6A-BA7A-18C9CCE7B1E3}
O43 - CFD: 18/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{ED4DCC75-C294-47D4-8747-3508B8A3A87D}
O43 - CFD: 01/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{ED8A17D6-BF36-48D0-A8E1-21C6485C79E4}
O43 - CFD: 17/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{EDBBF82E-13A5-41C3-87AE-24AF40CA4D7F}
O43 - CFD: 03/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{EE388F10-B214-42D5-82B5-93DE49B58A12}
O43 - CFD: 08/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F066883E-F9DA-491D-8A76-08DB77E85A87}
O43 - CFD: 19/07/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F08066F8-2DA2-49E8-8315-3C3D6920692C}
O43 - CFD: 27/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F09792EF-FBFF-4129-BA67-2FCDC0717495}
O43 - CFD: 20/12/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{F1DE5C4D-F9F3-431D-8B77-2B1BEDA37B22}
O43 - CFD: 28/12/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F274B0C6-7C5C-4EBE-8462-B0D7DA9F1767}
O43 - CFD: 14/06/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{F320A7BE-EAB9-4467-B9C5-E1760455899C}
O43 - CFD: 14/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F36B28C5-0D04-4957-9F1C-636846EC8C44}
O43 - CFD: 01/03/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{F4C65C5A-0ECB-4577-A742-9419E56883A6}
O43 - CFD: 19/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F67D67A5-0E35-4995-923E-3CE79910F093}
O43 - CFD: 31/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F698C063-B2D3-42FA-AD7E-E8DB53583F00}
O43 - CFD: 26/04/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F6F615AC-AD34-43C7-8410-61B5CFD17DC8}
O43 - CFD: 22/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F7AD6EC5-F378-470F-B9F6-56656EE8F577}
O43 - CFD: 12/02/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F90EFC7E-72CF-4B99-AA74-07FC582AD185}
O43 - CFD: 11/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{F9AB5DC6-BF2C-46DC-86E8-7E19A7DBE113}
O43 - CFD: 05/05/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{FB4C690D-5946-455F-90A0-FD2E1229AEFA}
O43 - CFD: 11/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{FC13ADA4-2AF4-41A3-B83D-5AE2B674AD3F}
O43 - CFD: 03/01/2014 - [0] D -- C:\Users\toshiba\AppData\Local\{FC81CB7A-8C13-46C1-BBA5-8886454DCE30}
O43 - CFD: 27/08/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{FD10F9DB-7EC5-478D-A419-08FB200BE5B0}
O43 - CFD: 07/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{FE0FEEDB-C00B-473A-B997-66A6BCD2D7C2}
O43 - CFD: 19/10/2012 - [0] D -- C:\Users\toshiba\AppData\Local\{FF1F6231-7163-4D00-A4ED-00426CAAB422}
O43 - CFD: 24/06/2013 - [0] D -- C:\Users\toshiba\AppData\Local\{FF8C25C0-3298-441E-B6F4-EB251D5CCFE1}
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/10/2015 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager  =>PUP.Optional.eFixPro
O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Books Download
O43 - CFD: 14/05/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hemera Products
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
O43 - CFD: 15/10/2015 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/04/2014 - [0] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warper

---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll ©

---\\ System Drivers List (65) - 104s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [491088] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [339536] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys   [182864] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [15440] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [107904] ©
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [194128] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [27008] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [87632] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [97856] ©
O58 - SDL:2013/10/31 07:46:12 A . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\System32\drivers\aswFW.sys   [131232] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys   [28656] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys   [90968] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys   [93528] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys   [65224] ©
O58 - SDL:2015/09/24 19:19:05 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys   [1049880] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys   [448968] ©
O58 - SDL:2015/09/24 19:19:31 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys   [153744] ©
O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys   [274808] ©
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys   [270848] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [18432] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [8704] ©
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [286720] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [47104] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [14976] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [14720] ©
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys   [468480] ©
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [17488] ©
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [530496] ©
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys   [3286016] ©
O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [31232] ©
O58 - SDL:2009/09/17 11:54:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys   [56344] ©
O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [78720] ©
O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys   [410496] ©
O58 - SDL:2012/01/10 21:28:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys   [12311904] ©
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [44112] ©
O58 - SDL:2011/04/20 08:24:56 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys   [169584] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [114752] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [106560] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [65600] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [115776] ©
O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys   [25816] ©
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys   [109272] ©
O58 - SDL:2015/11/03 19:46:08 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys   [192216] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [35392] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [284736] ©
O58 - SDL:2015/10/05 09:50:18 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys   [63704] ©
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [51264] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [148352] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [166272] ©
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1524816] ©
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [128592] ©
O58 - SDL:2009/02/12 14:11:26 A . (.EldoS Corporation - RawDisk Driver. Allows write access to file.) -- C:\Windows\System32\drivers\rsdrvx64.sys   [26024] ©
O58 - SDL:2010/04/26 16:23:08 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys   [1103904] ©
O58 - SDL:2010/02/01 09:29:48 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys   [232992] ©
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [23040] ©
O58 - SDL:2009/07/14 01:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys   [94208] ©
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [43584] ©
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [80464] ©
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys   [110720] ©
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys   [206080] ©
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [24656] ©
O58 - SDL:2008/08/14 09:40:44 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys   [260144] ©
O58 - SDL:2007/11/09 04:00:30 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS   [26968] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [17488] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [161872] ©

---\\ Last modified or created user files (1) - 82s
O61 - LFC: 2015/11/03 19:38:31 A . (..) -- C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [674082]

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (12) - 1s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  ©
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Search Browser Infection (5) - 5s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {1DBE0AD4-FA60-40B5-AB48-CEA8BC0BF0FD} - ((www.google.com) Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {3649DA9A-8CBA-49CB-BFCB-00EA1C49A9BD} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] - (Yahoo! (Avast)) - http://fr.search.yahoo.com/

---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [859648] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll   [680960] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll   [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll   [683520] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [2607104] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [569344] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll   [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [70656] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll   [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll   [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll   [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL   [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll   [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [210432] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [44544] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [100864] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll   [193536] ©

---\\ Firewall Active Exception List (4) - 2s
O87 - FAEL: "TCP Query User{EDAB181D-5EAE-4EDE-9F04-E417DC3442B6}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe (.not file.)
O87 - FAEL: "UDP Query User{8C8587E5-11C9-4275-8EC1-A8E5D9AE3681}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe (.not file.)
O87 - FAEL: "TCP Query User{6F5B74B3-3104-437C-908D-371EAD32C089}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe (.not file.)
O87 - FAEL: "UDP Query User{7936B6DE-FF58-4BE8-BCCE-3F2B16BDEA81}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe (.not file.)

---\\ Product Upgrade Codes (1) - 2s
O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico  =>PUP.Optional.Boxore

---\\ Services not Microsoft (SR=Run, SS=Stop) (17) - 30s

SR - Auto   [28/10/2015] [   82128]  Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [16/10/2015] [  269000]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto   [24/09/2015] [  146600]  Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SS - Auto   [09/09/2015] [  144200]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [09/09/2015] [  144200]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [13/10/2012] [  194032]  Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe ©
SR - Auto   [27/07/2012] [   49664]   (Homepage) . (.TheBestMatch.) - C:\Program Files (x86)\TheBestMatch\Homepage\Homepage.exe  =>PUP.Optional.Proxy
SR - Auto   [27/07/2012] [   30720]  HPMonitor (HPMonitor) . (.TheBestMatch.) - C:\Program Files (x86)\TheBestMatch\Homepage\HPMonitor.exe  =>PUP.Optional.Proxy
SR - Auto   [03/03/2010] [  268824]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SR - Auto   [05/10/2015] [ 1513784]   (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SR - Auto   [05/10/2015] [ 1135416]   (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [31/07/2015] [  289256]  McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe ©
SS - Auto   [09/07/2015] [  327296]  Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SS - Demand [10/06/2015] [  155520]  Sony PC Companion (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe ©
SR - Auto   [21/05/2015] [  743688]  SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe ©
SR - Auto   [03/03/2010] [ 2320920]  Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©

---\\ Search Tracing Registry Key (46) - 6s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32  =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS  =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32  =>PUP.Optional.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS  =>PUP.Optional.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32  =>PUP.Optional.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS  =>PUP.Optional.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock AddonsUI_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock AddonsUI_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASAPI32  =>PUP.Optional.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASMANCS  =>PUP.Optional.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FLVPlayerSetup_RASAPI32  =>PUP.Optional.FLVPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FLVPlayerSetup_RASMANCS  =>PUP.Optional.FLVPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iminent_RASAPI32  =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iminent_RASMANCS  =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASAPI32  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASMANCS  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASAPI32  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASMANCS  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_RASAPI32  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_RASMANCS  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASAPI32  =>PUP.Optional.PricePeep
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASMANCS  =>PUP.Optional.PricePeep
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricora-bg_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricora-bg_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-chromeinstaller_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-chromeinstaller_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-codedownloader_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-codedownloader_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-updater_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-updater_RASMANCS  =>PUP.Optional.Pricora

---\\ Additional Scan (O88) (97) - 0s
C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe  =>PUP.Optional.Proxy
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe  =>PUP.Optional.DriverToolkit
C:\Program Files (x86)\TheBestMatch\Homepage\Homepage.exe  =>PUP.Optional.Proxy
C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe  =>PUP.Optional.Pirrit
C:\Program Files (x86)\TheBestMatch\Homepage\HPMonitor.exe  =>PUP.Optional.Proxy
HKLM\SYSTEM\CurrentControlSet\Services\Homepage  =>PUP.Optional.Proxy
HKLM\SYSTEM\CurrentControlSet\Services\HPMonitor  =>PUP.Optional.Proxy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}  =>PUP.Optional.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}  =>PUP.Optional.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1  =>PUP.Optional.DriverToolkit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094}  =>PUP.Optional.SocialSkinz
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MySearchDial  =>PUP.Optional.MySearchDial
HKLM\SOFTWARE\Wow6432Node\5dedad0b034ee47  =>PUP.Optional.Heuristic
HKLM\SOFTWARE\Wow6432Node\Babylon  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Conduit  =>PUP.Optional.Conduit
HKLM\SOFTWARE\Wow6432Node\OfferBox  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Pricora  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Systweak  =>PUP.Optional.Systweak
HKCU\SOFTWARE\5dedad0b034ee47  =>PUP.Optional.Heuristic
HKCU\SOFTWARE\Appscion  =>PUP.Optional.LiveSoftAction
HKCU\SOFTWARE\DriverToolkit  =>PUP.Optional.DriverToolkit
HKCU\SOFTWARE\DriverTuner  =>PUP.Optional.DriverTuner
HKCU\SOFTWARE\DriverTuner_Init  =>PUP.Optional.DriverTuner
HKCU\SOFTWARE\ImInstaller  =>Toolbar.IncrediMail
HKCU\SOFTWARE\InstalledBrowserExtensions  =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\OfferBox  =>PUP.Optional.OfferBox
HKCU\SOFTWARE\AppDataLow\Software\Conduit  =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow\Software\Pricora  =>PUP.Optional.Pricora
HKCU\SOFTWARE\AppDataLow\Software\Smartbar  =>PUP.Optional.SmartBar
C:\Program Files (x86)\DriverToolkit  =>PUP.Optional.DriverToolkit
C:\Program Files (x86)\DriverTuner  =>PUP.Optional.DriverTuner
C:\Program Files (x86)\OfferBox  =>PUP.Optional.OfferBox
C:\Program Files (x86)\Software  =>PUP.Optional.Boxore
C:\Program Files (x86)\TheBestMatch  =>PUP.Optional.Proxy
C:\Program Files (x86)\WebPlayer  =>PUP.Optional.WebPlayer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit  =>PUP.Optional.DriverToolkit
C:\ProgramData\APN  =>Toolbar.Ask
C:\ProgramData\Babylon  =>PUP.Optional.Babylon
C:\ProgramData\BoxUpdChk  =>PUP.Optional.Boxore
C:\Users\toshiba\AppData\Roaming\DriverTurbo  =>PUP.Optional.DriverTurbo
C:\Users\toshiba\AppData\Roaming\OfferBox  =>PUP.Optional.OfferBox
C:\Users\toshiba\AppData\Local\DriverToolkit  =>PUP.Optional.DriverToolkit
C:\Users\toshiba\AppData\Local\DriverTuner  =>PUP.Optional.DriverTuner
C:\Users\toshiba\AppData\Local\genienext  =>PUP.Optional.NextLive
C:\Users\toshiba\AppData\Local\Mobogenie  =>PUP.Optional.Mobogenie
C:\Users\toshiba\AppData\Local\Software  =>PUP.Optional.Boxore
C:\Users\toshiba\AppData\Local\TheBestMatch  =>PUP.Optional.Proxy
C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager  =>PUP.Optional.eFixPro
C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico  =>PUP.Optional.Boxore
HKLM\Software\Classes\Installer\Products\DF42B2AC01EE9B240B94AA0862E8E712  =>PUP.Optional.Boxore
HKLM\Software\Classes\Installer\Features\DF42B2AC01EE9B240B94AA0862E8E712  =>PUP.Optional.Boxore
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32  =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS  =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32  =>PUP.Optional.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS  =>PUP.Optional.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32  =>PUP.Optional.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS  =>PUP.Optional.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock AddonsUI_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock AddonsUI_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS  =>PUP.Optional.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASAPI32  =>PUP.Optional.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASMANCS  =>PUP.Optional.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FLVPlayerSetup_RASAPI32  =>PUP.Optional.FLVPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FLVPlayerSetup_RASMANCS  =>PUP.Optional.FLVPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iminent_RASAPI32  =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iminent_RASMANCS  =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASAPI32  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASMANCS  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASAPI32  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASMANCS  =>PUP.Optional.IncrediBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_RASAPI32  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_RASMANCS  =>PUP.Optional.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS  =>PUP.Optional.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS  =>PUP.Optional.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASAPI32  =>PUP.Optional.PricePeep
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASMANCS  =>PUP.Optional.PricePeep
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricora-bg_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricora-bg_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-chromeinstaller_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-chromeinstaller_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-codedownloader_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-codedownloader_RASMANCS  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-updater_RASAPI32  =>PUP.Optional.Pricora
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Pricora-updater_RASMANCS  =>PUP.Optional.Pricora

---\\ Summary of the elements found (32) - 0s
http://www.nicolascoolman.fr/hijacker-proxy/  =>PUP.Optional.Proxy
http://www.nicolascoolman.fr/blog  =>PUP.Optional.DriverToolkit
http://www.nicolascoolman.fr/pup-pirritsuggestor/  =>PUP.Optional.Pirrit
http://www.nicolascoolman.fr/pup-offerbox/  =>PUP.Optional.OfferBox
http://www.nicolascoolman.fr/pup-bubbledock/  =>PUP.Optional.BubbleDock
http://www.nicolascoolman.fr/adware-boxore/  =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/pup-sweetim/  =>PUP.Optional.SweetIM
http://www.nicolascoolman.fr/adware-socialskinz/  =>PUP.Optional.SocialSkinz
http://www.nicolascoolman.fr/blog  =>PUP.Optional.MySearchDial
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Heuristic
http://www.nicolascoolman.fr/pup-babylon/  =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/toolbar-conduit/  =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/adware-pricora/  =>PUP.Optional.Pricora
http://www.nicolascoolman.fr/pup-systweak/  =>PUP.Optional.Systweak
http://www.nicolascoolman.fr/blog  =>PUP.Optional.LiveSoftAction
http://www.nicolascoolman.fr/blog  =>PUP.Optional.DriverTuner
http://www.nicolascoolman.fr/blog  =>Toolbar.IncrediMail
http://www.nicolascoolman.fr/blog  =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/hijacker-smartbar/  =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/blog  =>PUP.Optional.WebPlayer
http://www.nicolascoolman.fr/toolbar-ask/  =>Toolbar.Ask
http://www.nicolascoolman.fr/blog  =>PUP.Optional.DriverTurbo
http://www.nicolascoolman.fr/pup-nextlive/  =>PUP.Optional.NextLive
http://www.nicolascoolman.fr/pup-mobogenie/  =>PUP.Optional.Mobogenie
http://www.nicolascoolman.fr/blog  =>PUP.Optional.eFixPro
http://www.nicolascoolman.fr/pup-mypcbackup/  =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/adware-megasearch/  =>PUP.Optional.MegaSearch
http://www.nicolascoolman.fr/blog  =>PUP.Optional.FLVPlayer
http://www.nicolascoolman.fr/adware-imbooster/  =>PUP.Optional.IMBooster
http://www.nicolascoolman.fr/adware-incredibar/  =>PUP.Optional.IncrediBar
http://www.nicolascoolman.fr/adware-lollipop/  =>PUP.Optional.Lollipop
http://www.nicolascoolman.fr/blog  =>PUP.Optional.PricePeep

~ End of the scan, 23275 items in 376 seconds (1267)(0)