~ ZHPDiag v2015.7.10.87 By Nicolas Coolman (2015/07/10)
~ Run by FamillYHachlaF (Administrator)  (2015/07/11 08:30:00)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\FamillYHachlaF\Desktop\ZHPDiag.txt
~ Report: C:\Users\FamillYHachlaF\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Windows Product Information (3) - 29s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Activation Technologies : OK

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 3074996
~ System Restore: Activé (Enable)
~ System drive C: has 18 GB free of 39 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: 1
~ User Name: FamillYHachlaF
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 18 GB free of 39 GB  (System)
~ Drive D: has 139 GB free of 265 GB
~ Drive F: has 6 GB free of 7 GB

---\\ Search Generic System Files (23) - 11s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1950720]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Process running (8) - 40s
[MD5.BB00CDD82F9DA262F83199CD6A10C12F] - (...) -- C:\Program Files\MeditelInternet\MeditelInternet_Service.exe [346680] [PID.1580]
[MD5.CD180A9701D5259E4A30CE25CFF56181] - (...) -- C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224] [PID.1624]
[MD5.A903E5C565A2677F3960E4AAB7B42280] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056] [PID.1744]
[MD5.E40FEB48AB3512A24BF194FBE746E556] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe [17905424] [PID.2808]
[MD5.8B3487B1FDB95A444A7B9880012041DA] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\tv_w32.exe [229136] [PID.2912]
[MD5.BE14563A5C1C66DEB3D73733EFB68E63] - (...) -- C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe [928312] [PID.3108]
[MD5.E57E2B81EF0463738007CF89664F78CD] - (.Skillbrains - Lightshot.) -- C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe [477184] [PID.3144]  =>PUP.Optional.SkillBrains
[MD5.77A7519F29E8A4B06FA02F54DE9FE556] - (.Symantec Corporation - Norton Power Eraser.) -- C:\Users\FamillYHachlaF\Downloads\NPE (5).exe [3088296] [PID.192]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (10) - 1s
G2 - GCE: Extension [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [albbiglcfndaaphglmeaejkhepckkfgf] Hide My IP
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (1) - 0s
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.1] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (10) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Auto loading programs from Registry and folders (O4) (8) - 1s
O4 - HKLM\..\Run: [MeditelInternet_MeditelInternet_Launcher.exe] . (...) -- C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe
O4 - HKLM\..\Run: [Lightshot] . (.Copyright 2009 - Starter Module.) -- C:\Program Files\Skillbrains\lightshot\Lightshot.exe  =>PUP.Optional.SkillBrains
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4081805832-3828776474-1963003265-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe

---\\ Lop.com/Domain Hijackers (O17) (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8 41.214.140.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8 41.214.140.5
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8 41.214.140.5
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (4) - 0s
O23 - Service: ÎÏãÉ Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Meditel Internet Service (MeditelInternet_Service) . (...) - C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
O23 - Service: MyPublicWiFi Service (MyPublicWiFiService) . (...) - C:\Program Files\MyPublicWiFi\PublicWiFiService.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe

---\\ Task Planned Automatically (O39) (9) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [826]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [830]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\update-S-1-5-21-4081805832-3828776474-1963003265-1000.job   [394]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\update-sys.job   [394]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [3574]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [3826]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1436478704   [3812]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\update-S-1-5-21-4081805832-3828776474-1963003265-1000   [3286]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\update-sys   [3290]

---\\ Software installed (O42) (14) - 5s
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM] -- ASIO4ALL
O42 - Logiciel: FL Studio 10 - (.Image-Line.) [HKLM] -- FL Studio 10
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager
O42 - Logiciel: Meditel Internet - (.Meditel Internet.) [HKLM] -- MeditelInternet
O42 - Logiciel: Opera Stable 30.0.1835.88 - (.Opera Software.) [HKLM] -- Opera 30.0.1835.88
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Google Chrome - (.Google, Inc..) [HKLM] -- {2CF484F9-A0CD-3AD9-84A6-DFFE749FC71F}
O42 - Logiciel: Lightshot-5.2.1.1 - (.Skillbrains.) [HKLM] -- {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1  =>PUP.Optional.SkillBrains
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: MyPublicWiFi 5.1 - (.TRUE Software.) [HKLM] -- {C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1
O42 - Logiciel: Vegas Pro 11.0 - (.Sony.) [HKLM] -- {E6F012B0-E930-11E0-A67A-F04DA23A5C58}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {E9627240-E930-11E0-8690-F04DA23A5C58}

---\\ HKCU & HKLM Software Keys (45) - 5s
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ASIO
HKLM\SOFTWARE\ASIO4ALL
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\Image-Line
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Norton
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Outsim
HKLM\SOFTWARE\Propellerhead Software
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Screaming Bee
HKLM\SOFTWARE\Skillbrains  =>PUP.Optional.SkillBrains
HKLM\SOFTWARE\SoftVoice
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Sony Creative Software
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VST
HKLM\SOFTWARE\WebToGo
HKLM\SOFTWARE\WinRAR
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\SkillBrains  =>PUP.Optional.SkillBrains
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WebToGo
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (O43) (90) - 6s
O43 - CFD: 2015/07/09 20:55:20 - [] D -- C:\Program Files\ASIO4ALL v2
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2010/11/21 01:47:26 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/07/08 21:21:27 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/07/09 20:54:58 - [] D -- C:\Program Files\Image-Line
O43 - CFD: 2015/07/11 03:56:42 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/07/08 19:58:25 - [] D -- C:\Program Files\MeditelInternet
O43 - CFD: 2015/07/11 03:54:51 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2015/07/09 01:07:25 - [] D -- C:\Program Files\MyPublicWiFi
O43 - CFD: 2015/07/10 00:32:26 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/07/09 20:54:33 - [] D -- C:\Program Files\Outsim
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/07/09 05:31:10 - [] D -- C:\Program Files\Skillbrains  =>PUP.Optional.SkillBrains
O43 - CFD: 2015/07/11 08:28:58 - [] D -- C:\Program Files\Sony
O43 - CFD: 2015/07/09 07:24:33 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 2009/07/14 05:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/07/08 21:56:16 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/07/09 20:55:01 - [] D -- C:\Program Files\Vstplugins
O43 - CFD: 2015/07/10 06:09:30 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/07/10 06:10:00 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2010/11/21 01:38:49 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/07/10 06:09:39 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2010/11/21 01:38:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2010/11/20 22:33:48 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2010/11/21 01:38:50 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/07/08 21:22:34 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/07/08 19:27:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/08 19:27:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2010/11/21 01:47:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/08 21:21:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/09 20:54:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/07/09 05:31:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
O43 - CFD: 2009/07/14 05:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/08 19:58:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Meditel Internet
O43 - CFD: 2015/07/09 01:07:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublicWiFi
O43 - CFD: 2015/07/08 20:36:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 2009/07/14 05:41:57 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2010/11/21 01:47:05 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/08 21:56:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/08 21:22:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/11 08:22:09 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/07/10 06:10:28 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/10 00:13:32 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2015/07/10 00:25:47 - [] D -- C:\ProgramData\SMR501
O43 - CFD: 2015/07/08 20:40:42 - [] D -- C:\ProgramData\Sony
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2010/11/21 01:38:49 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/07/10 21:40:14 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/07/10 21:43:20 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Adobe
O43 - CFD: 2015/07/08 19:34:42 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Identities
O43 - CFD: 2010/11/21 01:47:05 - [0] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/07/08 20:12:11 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\MeditelInternet
O43 - CFD: 2015/07/09 23:06:54 - [] SD -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/09 20:55:02 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\OpenCandy  =>PUP.Optional.OpenCandy
O43 - CFD: 2015/07/09 22:51:57 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Opera Software
O43 - CFD: 2015/07/08 20:40:40 - [0] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Publish Providers
O43 - CFD: 2015/07/08 20:40:36 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Sony
O43 - CFD: 2015/07/09 05:18:49 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\TeamViewer
O43 - CFD: 2015/07/11 08:31:42 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\vlc
O43 - CFD: 2015/07/09 06:57:50 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/11 08:31:47 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\ZHP
O43 - CFD: 2015/07/08 19:34:20 - [0] SHD -- C:\Users\FamillYHachlaF\AppData\Local\Application Data
O43 - CFD: 2015/07/10 07:26:42 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\CrashDumps
O43 - CFD: 2015/07/09 01:01:01 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Google
O43 - CFD: 2015/07/08 19:34:20 - [0] SHD -- C:\Users\FamillYHachlaF\AppData\Local\History
O43 - CFD: 2015/07/10 21:43:20 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Microsoft
O43 - CFD: 2015/07/11 08:20:28 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\NPE
O43 - CFD: 2015/07/09 22:51:59 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Opera Software
O43 - CFD: 2015/07/09 05:31:05 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Programs
O43 - CFD: 2015/07/08 20:40:32 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Sony
O43 - CFD: 2015/07/10 03:19:27 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\TeamViewer
O43 - CFD: 2015/07/11 08:31:52 - [] D -- C:\Users\FamillYHachlaF\AppData\Local\Temp
O43 - CFD: 2015/07/08 19:34:20 - [0] SHD -- C:\Users\FamillYHachlaF\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/07/08 19:34:23 - [0] D -- C:\Users\FamillYHachlaF\AppData\Local\VirtualStore
O43 - CFD: 2009/07/14 05:42:04 - [] RD -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/10 06:17:39 - [] RD -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/09 20:55:20 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 2015/07/09 20:55:00 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2009/07/14 05:37:42 - [] RD -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/10 06:17:39 - [] RD -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/08 21:22:35 - [] D -- C:\Users\FamillYHachlaF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ System Drivers List (SDL) (O58) (75) - 16s
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [422976]
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [297552]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [146512]
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [14400]
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [159312]
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [76368]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [86608]
O58 - SDL:2009/07/13 23:02:46 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athr.sys   [1096704]
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys   [229888]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [13568]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [5248]
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [272128]
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [62336]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [12160]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [11904]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [430080]
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [15952]
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [70720]
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [453712]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [3100160]
O58 - SDL:2010/10/08 16:55:06 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys   [25856]
O58 - SDL:2013/03/04 16:20:26 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys   [199168]
O58 - SDL:2013/09/02 15:48:58 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys   [381952]
O58 - SDL:2013/10/23 11:42:00 A . (.Huawei Technologies Co., Ltd. - ew_cdcacm Driver.) -- C:\Windows\System32\drivers\ew_cdcacm.sys   [108032]
O58 - SDL:2010/09/26 18:09:22 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys   [19200]
O58 - SDL:2013/01/25 09:16:32 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys   [95232]
O58 - SDL:2013/03/04 16:31:10 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys   [77824]
O58 - SDL:2013/03/04 16:31:10 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys   [101248]
O58 - SDL:2013/03/04 16:31:10 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys   [70528]
O58 - SDL:2013/03/04 16:31:10 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys   [27776]
O58 - SDL:2013/06/29 17:16:12 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys   [208384]
O58 - SDL:2012/12/22 09:46:02 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys   [11904]
O58 - SDL:2013/11/01 10:24:08 A . (.Huawei Technologies Co., Ltd. - ew_cdcndis Driver.) -- C:\Windows\System32\drivers\ew_wwanecm.sys   [316544]
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [26624]
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [67152]
O58 - SDL:2011/03/11 06:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]
O58 - SDL:2009/06/10 22:19:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys   [4756480]
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [41040]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [95824]
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [89168]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [54864]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [96848]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [30800]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [235584]
O58 - SDL:2012/12/07 11:34:48 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\Windows\System32\drivers\ndiskhaz.sys   [25416]
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [44624]
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1383488]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [106064]
O58 - SDL:2009/07/13 23:02:52 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys   [139776]
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [20480]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [40016]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [77888]
O58 - SDL:2015/07/11 08:20:49 A . (.Symantec Corporation - SMR.) -- C:\Windows\System32\drivers\SMR501.SYS   [106680]
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [21072]
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [16976]
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [141904]
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]

---\\ Last modified or created user files (O61) (17) - 21s
O61 - LFC: 2015/07/11 08:22:02 A . (.Avast Software s.r.o..) -- C:\Users\FamillYHachlaF\Downloads\avast_internet_security_setup (1).exe   [1820000]
O61 - LFC: 2015/07/10 11:02:24 A . (..) -- C:\Users\FamillYHachlaF\Downloads\avast_internet_security_setup.exe   [463400]
O61 - LFC: 2015/07/09 20:01:11 A . (.Secure By Design Inc..) -- C:\Users\FamillYHachlaF\Downloads\Ninite Avast Installer (1).exe   [305664]
O61 - LFC: 2015/07/09 19:59:30 A . (.Secure By Design Inc..) -- C:\Users\FamillYHachlaF\Downloads\Ninite Avast Installer.exe   [305664]
O61 - LFC: 2015/07/09 04:22:11 A . (.Secure By Design Inc..) -- C:\Users\FamillYHachlaF\Downloads\Ninite Avast TeamViewer Installer.exe   [305664]
O61 - LFC: 2015/07/09 22:14:38 A . (..) -- C:\Users\FamillYHachlaF\Downloads\NPE (1).exe   [465862]
O61 - LFC: 2015/07/09 22:17:51 A . (..) -- C:\Users\FamillYHachlaF\Downloads\NPE (2).exe   [930322]
O61 - LFC: 2015/07/09 22:22:45 A . (..) -- C:\Users\FamillYHachlaF\Downloads\NPE (3).exe   [1394782]
O61 - LFC: 2015/07/09 22:26:09 A . (..) -- C:\Users\FamillYHachlaF\Downloads\NPE (4).exe   [2427641]
O61 - LFC: 2015/07/10 00:13:16 A . (.Symantec Corporation.) -- C:\Users\FamillYHachlaF\Downloads\NPE (5).exe   [3088296]
O61 - LFC: 2015/07/09 22:10:52 A . (..) -- C:\Users\FamillYHachlaF\Downloads\NPE.exe   [849800]
O61 - LFC: 2015/07/09 05:30:08 A . (.Skillbrains.) -- C:\Users\FamillYHachlaF\Downloads\setup-lightshot.exe   [2511360]  =>PUP.Optional.SkillBrains
O61 - LFC: 2015/07/08 20:54:36 A . (..) -- C:\Users\FamillYHachlaF\AppData\Local\Sony\Vegas Pro\11.0\plugin_manager_cache.bin   [74192]
O61 - LFC: 2015/07/08 20:40:36 A . (..) -- C:\Users\FamillYHachlaF\AppData\Local\Sony\Vegas Pro\11.0\svfx_plugin_cache.bin   [17498]
O61 - LFC: 2015/07/11 02:07:39 A . (..) -- C:\Users\FamillYHachlaF\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin   [297531]
O61 - LFC: 2015/07/11 08:27:16 A . (..) -- C:\Users\FamillYHachlaF\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin   [0]
O61 - LFC: 2015/07/11 04:01:26 A . (..) -- C:\Users\FamillYHachlaF\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]

---\\ File Associations Shell Spawning (O67) (8) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (12) - 1s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe 
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe 
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe

---\\ Search Browser Infection (SBI) (O69) (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (SSS) (O83) (33) - 3s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll   [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll   [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [2020864]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll   [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll   [149504]

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (5) - 15s
SS - Auto   [2015/07/08 21:20:58] [  107848]  ÎÏãÉ Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2015/07/08 21:20:58] [  107848]  ÎÏãÉ Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Auto   [2014/05/22 17:53:40] [  346680]  Meditel Internet Service (MeditelInternet_Service) . (...) - C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
SR - Auto   [2013/04/03 15:09:10] [  756224]  MyPublicWiFi Service (MyPublicWiFiService) . (...) - C:\Program Files\MyPublicWiFi\PublicWiFiService.exe
SR - Auto   [2015/06/18 11:55:23] [ 5495056]  TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe

---\\ Additional Scan (O88) (8) - 0s
C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe  =>PUP.Optional.SkillBrains
C:\Program Files\Skillbrains\lightshot\Lightshot.exe  =>PUP.Optional.SkillBrains
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1  =>PUP.Optional.SkillBrains
HKLM\SOFTWARE\Skillbrains  =>PUP.Optional.SkillBrains
HKCU\SOFTWARE\SkillBrains  =>PUP.Optional.SkillBrains
C:\Program Files\Skillbrains  =>PUP.Optional.SkillBrains
C:\Users\FamillYHachlaF\AppData\Roaming\OpenCandy  =>PUP.Optional.OpenCandy
C:\Users\FamillYHachlaF\Downloads\setup-lightshot.exe  =>PUP.Optional.SkillBrains

---\\ Summary of the detections found on your workstation (2) - 0s
http://www.nicolascoolman.fr/blog  =>PUP.Optional.SkillBrains
http://www.nicolascoolman.fr/adware-opencandy/  =>PUP.Optional.OpenCandy

~ End of the scan, 11456 items in 178 seconds (439)(0)()