Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Messi10fcb (administrator) on MESSI10FCB-PC on 17-09-2013 20:30:06
Running from C:\Users\Messi10fcb\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Winlogon: [Userinit] 
HKLM-x32\...\Winlogon: [Userinit]  [x]
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-09-23] (Microsoft Corporation)
HKCU\...\Run: [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Rxa1gKilRsOh] - C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe [130048 2013-09-12] ()
HKCU\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Messi10fcb\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {a0f7b156-0cd7-11e3-99ac-002713a4e937} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {aad44800-48fe-11df-b3ab-806e6f6e6963} - F:\SETUP.EXE
HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [15544 2009-08-26] ()
HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
URLSearchHook: (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
SearchScopes: HKLM-x32 - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {043C5167-00BB-4324-AF7E-62013FAEDACF} URL = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=PSI&o=15116&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=L6&apn_dtid=YYYYYYYYGB&apn_uid=D25BF169-9A8D-4F7D-8C56-2DA45763D26F&apn_sauid=BF380C38-E2F3-4E0B-A8F0-91C1E3AB7741
SearchScopes: HKCU - {79A68B4C-78CD-4B26-8862-B78C8FB28C57} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={7D85759C-AB7B-4652-8A9F-2E226A60C73E}&mid=41112fbda0bd47d1a04bd16e554000c4-f0e791b6ac310a435de6cbadb8e867b0aa23ed39&lang=pl&ds=AVG&pr=fr&d=2011-12-13 20:01:10&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Giant Savings Extension - {11111111-1111-1111-1111-110211181110} - C:\Program Files (x86)\Giant Savings Extension\Giant Savings Extension.dll (215 Apps)
BHO-x32: PlaySushi - {21608B66-026F-4DCB-9244-0DACA328DCED} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
Toolbar: HKLM-x32 -  No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU -  No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -  No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU -  No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU -  No Name - {043C5167-00BB-4324-AF7E-62013FAEDACF} -  No File
Toolbar: HKCU -  No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU -  No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52272 2010-01-09] (EasyBits Software Corp.)

FireFox:
========
FF ProfilePath: C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default
FF user.js: detected! => C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default\user.js
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071713&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Messi10fcb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Default Manager - C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default\Extensions\DefaultManager@Microsoft
FF Extension: Delta Toolbar - C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\66r2ixbk.default\Extensions\ffxtlbr@delta.com
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

==================== Services (Whitelisted) =================

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1428472 2013-04-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Nokia)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-17 20:25 - 2013-09-17 20:25 - 01950524 _____ (Farbar) C:\Users\Messi10fcb\Downloads\FRST64.exe
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\FRST
2013-09-17 20:07 - 2013-09-17 20:07 - 00085128 _____ C:\Users\Messi10fcb\Downloads\Extras.Txt
2013-09-17 20:06 - 2013-09-17 20:06 - 00120654 _____ C:\Users\Messi10fcb\Downloads\OTL.Txt
2013-09-17 19:40 - 2013-09-17 19:40 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180)(1).exe
2013-09-17 19:39 - 2013-09-17 19:39 - 00001884 _____ C:\Users\Messi10fcb\Desktop\Search.lnk
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\BabSolution
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-17 19:39 - 2013-09-17 19:38 - 00602112 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\OTL.exe
2013-09-17 19:37 - 2013-09-17 19:37 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180).exe
2013-09-13 18:16 - 2013-09-13 18:16 - 00007024 ____N C:\bootsqm.dat
2013-09-12 10:28 - 2013-09-12 10:28 - 00153605 _____ C:\Users\Messi10fcb\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f
2013-09-12 10:28 - 2013-09-12 10:28 - 00130048 _____ C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe
2013-09-06 07:46 - 2013-09-06 09:32 - 00000553 _____ C:\Users\Messi10fcb\Desktop\New Text Document.txt
2013-09-05 06:39 - 2013-09-05 06:39 - 00016095 _____ C:\Users\Messi10fcb\Desktop\hs_err_pid15444.log
2013-08-31 23:38 - 2013-08-31 23:38 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC Sync
2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC
2013-08-25 19:58 - 2013-09-13 18:41 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\HTC MediaHub
2013-08-25 19:58 - 2013-08-25 20:01 - 00000000 ____D C:\Users\Messi10fcb\Documents\HTC
2013-08-25 19:58 - 2013-08-25 19:58 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Apple Computer
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\.android
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\ProgramData\Motorola
2013-08-25 19:57 - 2013-08-25 19:57 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-08-25 19:08 - 2013-08-25 19:58 - 00000000 ____D C:\Program Files (x86)\HTC
2013-08-25 19:08 - 2013-08-25 19:08 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Downloaded Installations
2013-08-25 19:07 - 2013-08-25 19:07 - 00000000 ____D C:\ProgramData\HTC
2013-08-25 18:46 - 2013-08-25 18:48 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Wiola

==================== One Month Modified Files and Folders =======

2013-09-17 20:25 - 2013-09-17 20:25 - 01950524 _____ (Farbar) C:\Users\Messi10fcb\Downloads\FRST64.exe
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\FRST
2013-09-17 20:07 - 2013-09-17 20:07 - 00085128 _____ C:\Users\Messi10fcb\Downloads\Extras.Txt
2013-09-17 20:06 - 2013-09-17 20:06 - 00120654 _____ C:\Users\Messi10fcb\Downloads\OTL.Txt
2013-09-17 20:00 - 2010-04-15 20:53 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Skype
2013-09-17 19:40 - 2013-09-17 19:40 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180)(1).exe
2013-09-17 19:39 - 2013-09-17 19:39 - 00001884 _____ C:\Users\Messi10fcb\Desktop\Search.lnk
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\BabSolution
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-17 19:39 - 2013-09-17 19:39 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-17 19:38 - 2013-09-17 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\OTL.exe
2013-09-17 19:37 - 2013-09-17 19:37 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180).exe
2013-09-13 21:30 - 2012-06-29 20:26 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\LogMeIn Hamachi
2013-09-13 21:30 - 2010-04-16 09:34 - 00000000 ____D C:\Users\Messi10fcb\Tracing
2013-09-13 21:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-13 21:29 - 2009-07-14 05:51 - 00120926 _____ C:\Windows\setupact.log
2013-09-13 18:44 - 2010-03-19 10:18 - 01138120 _____ C:\Windows\WindowsUpdate.log
2013-09-13 18:41 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\HTC MediaHub
2013-09-13 18:16 - 2013-09-13 18:16 - 00007024 ____N C:\bootsqm.dat
2013-09-12 12:43 - 2011-04-24 20:07 - 00000000 ____D C:\ProgramData\MFAData
2013-09-12 12:39 - 2013-03-07 09:32 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Windows Live
2013-09-12 10:28 - 2013-09-12 10:28 - 00153605 _____ C:\Users\Messi10fcb\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f
2013-09-12 10:28 - 2013-09-12 10:28 - 00130048 _____ C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe
2013-09-12 10:11 - 2012-11-06 13:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 09:42 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 09:42 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-11 19:23 - 2011-05-06 21:18 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{064D516E-97D4-423E-A9C6-1E9E432C00C0}
2013-09-10 19:11 - 2012-11-06 13:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-10 19:11 - 2012-11-06 13:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 19:11 - 2011-08-07 10:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-06 09:32 - 2013-09-06 07:46 - 00000553 _____ C:\Users\Messi10fcb\Desktop\New Text Document.txt
2013-09-05 06:39 - 2013-09-05 06:39 - 00016095 _____ C:\Users\Messi10fcb\Desktop\hs_err_pid15444.log
2013-08-31 23:38 - 2013-08-31 23:38 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2013-08-30 17:20 - 2012-06-04 22:09 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-26 17:41 - 2009-07-14 05:45 - 00375088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC Sync
2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC
2013-08-25 20:01 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\Documents\HTC
2013-08-25 20:01 - 2010-04-15 20:28 - 00098264 _____ C:\Users\Messi10fcb\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 19:58 - 2013-08-25 19:58 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Apple Computer
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\.android
2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\ProgramData\Motorola
2013-08-25 19:58 - 2013-08-25 19:08 - 00000000 ____D C:\Program Files (x86)\HTC
2013-08-25 19:58 - 2011-01-09 01:09 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Apple Computer
2013-08-25 19:58 - 2010-04-15 20:24 - 00000000 ____D C:\Users\Messi10fcb
2013-08-25 19:57 - 2013-08-25 19:57 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-08-25 19:57 - 2010-03-19 10:17 - 00045254 _____ C:\Windows\DPINST.LOG
2013-08-25 19:08 - 2013-08-25 19:08 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Downloaded Installations
2013-08-25 19:07 - 2013-08-25 19:07 - 00000000 ____D C:\ProgramData\HTC
2013-08-25 18:48 - 2013-08-25 18:46 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Wiola
2013-08-24 17:10 - 2012-12-30 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

Files to move or delete:
====================
C:\ProgramData\fodofojm.dat
C:\ProgramData\mjofodof.pad


Some content of TEMP:
====================
C:\Users\Messi10fcb\AppData\Local\Temp\56665uninstall.exe
C:\Users\Messi10fcb\AppData\Local\Temp\askbundle.exe
C:\Users\Messi10fcb\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Messi10fcb\AppData\Local\Temp\contentDATs.exe
C:\Users\Messi10fcb\AppData\Local\Temp\dx0h2ans.exe
C:\Users\Messi10fcb\AppData\Local\Temp\EAD6DFE.exe
C:\Users\Messi10fcb\AppData\Local\Temp\EAD7E91.exe
C:\Users\Messi10fcb\AppData\Local\Temp\EAD9C9D.exe
C:\Users\Messi10fcb\AppData\Local\Temp\EADFDB0.exe
C:\Users\Messi10fcb\AppData\Local\Temp\Extract.exe
C:\Users\Messi10fcb\AppData\Local\Temp\gg10_upgr_to_11790_from_11070.exe
C:\Users\Messi10fcb\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Messi10fcb\AppData\Local\Temp\googleupdate.dll
C:\Users\Messi10fcb\AppData\Local\Temp\gtb.exe
C:\Users\Messi10fcb\AppData\Local\Temp\HPQSi.exe
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll23960287.dll
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll23962970.dll
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll23973141.dll
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll23995995.dll
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll311955.dll
C:\Users\Messi10fcb\AppData\Local\Temp\installerdll322391.dll
C:\Users\Messi10fcb\AppData\Local\Temp\ipl10B2.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\ipl3368.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\ipl8729.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\iplB4B3.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\java.dll
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Messi10fcb\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Messi10fcb\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Messi10fcb\AppData\Local\Temp\NEW347F.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\NEW54C8.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\NEW54E6.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\NEW8893.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\NEWFA19.tmp.exe
C:\Users\Messi10fcb\AppData\Local\Temp\OberonStub.exe
C:\Users\Messi10fcb\AppData\Local\Temp\OriginLauncher23960287.exe
C:\Users\Messi10fcb\AppData\Local\Temp\PCCheckupInstaller.exe
C:\Users\Messi10fcb\AppData\Local\Temp\rootsupd.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Messi10fcb\AppData\Local\Temp\setup.exe
C:\Users\Messi10fcb\AppData\Local\Temp\setupa2.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SetupAC.exe
C:\Users\Messi10fcb\AppData\Local\Temp\Shortcut_sweetimsetup.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SIntf16.dll
C:\Users\Messi10fcb\AppData\Local\Temp\SIntf32.dll
C:\Users\Messi10fcb\AppData\Local\Temp\SIntfNT.dll
C:\Users\Messi10fcb\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Messi10fcb\AppData\Local\Temp\SP48591.exe
C:\Users\Messi10fcb\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Messi10fcb\AppData\Local\Temp\Sqlite3.dll
C:\Users\Messi10fcb\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Messi10fcb\AppData\Local\Temp\Turbo_Pizza-setup[2].exe
C:\Users\Messi10fcb\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Messi10fcb\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Messi10fcb\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Messi10fcb\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Messi10fcb\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Messi10fcb\AppData\Local\Temp\_D166.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 13:09

==================== End Of Log ============================