OTL logfile created on: 17/09/2013 19:57:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Messi10fcb\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.93 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 81.05% Memory free
7.86 Gb Paging File | 7.17 Gb Available in Paging File | 91.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.87 Gb Total Space | 305.42 Gb Free Space | 68.04% Space Free | Partition Type: NTFS
Drive D: | 16.60 Gb Total Space | 2.70 Gb Free Space | 16.24% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.42 Mb Free Space | 93.34% Space Free | Partition Type: FAT32
Drive F: | 1.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MESSI10FCB-PC | User Name: Messi10fcb | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/09/17 19:38:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Messi10fcb\Downloads\OTL.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/09/17 10:15:37 | 000,216,560 | ---- | M] () -- C:\Users\Messi10fcb\AppData\Roaming\BabSolution\Shared\enhancedNT.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009/09/04 21:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2013/09/10 19:11:15 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/28 22:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/17 14:50:19 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/04/12 15:11:56 | 000,087,368 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2013/04/10 11:07:36 | 001,428,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013/02/27 14:22:42 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2009/02/22 21:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Stopped] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/07/24 19:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/03/29 02:53:48 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2013/02/18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/02/08 04:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2013/02/08 04:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:[b]64bit:[/b] - [2013/02/08 04:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2013/02/08 04:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2013/02/08 04:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2012/09/04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:[b]64bit:[/b] - [2011/08/17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:[b]64bit:[/b] - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/04 15:44:06 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2009/11/02 10:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:[b]64bit:[/b] - [2009/10/13 04:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/10/03 04:58:12 | 000,258,560 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/09/17 21:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/09/17 21:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009/09/17 21:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009/09/17 21:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009/08/08 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/07/21 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:[b]64bit:[/b] - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/04/29 17:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2008/05/02 10:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{79A68B4C-78CD-4B26-8862-B78C8FB28C57}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{79A68B4C-78CD-4B26-8862-B78C8FB28C57}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PSI&o=15116&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=L6&apn_dtid=YYYYYYYYGB&apn_uid=D25BF169-9A8D-4F7D-8C56-2DA45763D26F&apn_sauid=BF380C38-E2F3-4E0B-A8F0-91C1E3AB7741
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_en
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{772E8281-29AF-41CD-8A88-6A7DE92CAA0A}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071713&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={7D85759C-AB7B-4652-8A9F-2E226A60C73E}&mid=41112fbda0bd47d1a04bd16e554000c4-f0e791b6ac310a435de6cbadb8e867b0aa23ed39&lang=pl&ds=AVG&pr=fr&d=2011-12-13 20:01:10&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtByBzyzzzyzyzytB0EtBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=2075026274
IE - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "http://www2.delta-search.com/?babsrc=HP_ss&mntrId=8296F07BCB279899&affID=119357&tt=150913_enh&tsp=5008"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071713&q="
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Messi10fcb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2010/08/28 09:58:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\Extensions
[2013/09/17 19:42:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\Firefox\Profiles\66r2ixbk.default\extensions
[2013/03/28 19:54:13 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\Firefox\Profiles\66r2ixbk.default\extensions\DefaultManager@Microsoft
[2013/09/17 19:39:47 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\Firefox\Profiles\66r2ixbk.default\extensions\ffxtlbr@delta.com
[2013/02/09 03:59:58 | 000,002,302 | ---- | M] () -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\firefox\profiles\66r2ixbk.default\searchplugins\amazon.xml
[2013/07/17 19:12:01 | 000,002,402 | ---- | M] () -- C:\Users\Messi10fcb\AppData\Roaming\mozilla\firefox\profiles\66r2ixbk.default\searchplugins\bingp.xml
[2013/08/17 14:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 14:50:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/18 18:18:10 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Giant Savings Extension) - {11111111-1111-1111-1111-110211181110} - C:\Program Files (x86)\Giant Savings Extension\Giant Savings Extension.dll (215 Apps)
O2 - BHO: (no name) - {21608B66-026F-4DCB-9244-0DACA328DCED} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001..\Run: [NTRedirect] C:\Users\Messi10fcb\AppData\Roaming\BabSolution\Shared\enhancedNT.dll ()
O4 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001..\Run: [Rxa1gKilRsOh] C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - Reg Error: Key error. File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5E9D30A-5633-40FF-B22C-8525F68FF53B}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\vsharechrome - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/21 14:45:00 | 000,000,044 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{a0f7b156-0cd7-11e3-99ac-002713a4e937}\Shell - "" = AutoRun
O33 - MountPoints2\{a0f7b156-0cd7-11e3-99ac-002713a4e937}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{aad44800-48fe-11df-b3ab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{aad44800-48fe-11df-b3ab-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011/06/21 14:45:00 | 000,355,920 | ---- | M] (Valve Corporation)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2124888012-658144502-3341782043-1001\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/09/17 19:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013/09/17 19:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DSearchLink
[2013/09/17 19:39:43 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Roaming\BabSolution
[2013/08/31 23:38:54 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/08/25 20:02:00 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Roaming\HTC Sync
[2013/08/25 20:02:00 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Roaming\HTC
[2013/08/25 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Local\Apple Computer
[2013/08/25 19:58:47 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Local\HTC MediaHub
[2013/08/25 19:58:47 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\Documents\HTC
[2013/08/25 19:58:42 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\.android
[2013/08/25 19:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Motorola
[2013/08/25 19:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2013/08/25 19:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2013/08/25 19:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2013/08/25 19:08:53 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\AppData\Local\Downloaded Installations
[2013/08/25 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2013/08/25 19:07:57 | 000,000,000 | ---D | C] -- C:\Temp
[2013/08/25 19:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2013/08/25 18:46:05 | 000,000,000 | ---D | C] -- C:\Users\Messi10fcb\Desktop\Wiola
[2013/05/16 12:33:58 | 000,128,000 | ---- | C] (Hilgraeve, Inc.) -- C:\ProgramData\fodofojm.dat
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/09/17 19:39:43 | 000,001,884 | ---- | M] () -- C:\Users\Messi10fcb\Desktop\Search.lnk
[2013/09/17 18:57:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/17 18:57:49 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/13 18:16:59 | 000,007,024 | ---- | M] () -- C:\bootsqm.dat
[2013/09/12 10:28:35 | 000,153,605 | ---- | M] () -- C:\Users\Messi10fcb\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f
[2013/09/12 10:28:26 | 000,130,048 | ---- | M] () -- C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe
[2013/09/12 10:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/12 09:42:39 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/12 09:42:39 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/10 19:11:15 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/10 19:11:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/02 21:16:53 | 000,315,228 | ---- | M] () -- C:\Users\Messi10fcb\Desktop\249116_547214492013098_1637055155_n.png
[2013/09/01 20:12:47 | 000,348,142 | ---- | M] () -- C:\Users\Messi10fcb\Desktop\IMG_01092013_211237.png
[2013/08/31 21:41:19 | 000,098,429 | ---- | M] () -- C:\Users\Messi10fcb\Desktop\1186305_680030078691886_908009344_n.jpg
[2013/08/31 21:41:10 | 000,104,235 | ---- | M] () -- C:\Users\Messi10fcb\Desktop\565012_680030138691880_1598232757_n.jpg
[2013/08/26 17:41:41 | 000,375,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/25 19:58:26 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync Manager.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/09/17 19:39:43 | 000,001,884 | ---- | C] () -- C:\Users\Messi10fcb\Desktop\Search.lnk
[2013/09/13 18:16:59 | 000,007,024 | ---- | C] () -- C:\bootsqm.dat
[2013/09/12 10:28:35 | 000,153,605 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\e5d9ade3-6325-4fdb-922f-38d35a21b99f
[2013/09/12 10:28:31 | 000,130,048 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\MoLBCRy.exe
[2013/09/02 21:16:51 | 000,315,228 | ---- | C] () -- C:\Users\Messi10fcb\Desktop\249116_547214492013098_1637055155_n.png
[2013/09/01 20:12:45 | 000,348,142 | ---- | C] () -- C:\Users\Messi10fcb\Desktop\IMG_01092013_211237.png
[2013/08/31 21:41:18 | 000,098,429 | ---- | C] () -- C:\Users\Messi10fcb\Desktop\1186305_680030078691886_908009344_n.jpg
[2013/08/31 21:41:08 | 000,104,235 | ---- | C] () -- C:\Users\Messi10fcb\Desktop\565012_680030138691880_1598232757_n.jpg
[2013/08/25 19:58:26 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync Manager.lnk
[2013/05/27 20:22:55 | 000,031,122 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpSNAPSHOT_20111220.1
[2013/05/27 20:22:54 | 000,040,945 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpSNAPSHOT_20111220.0
[2013/05/27 20:22:54 | 000,030,601 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpSNAPSHOT_20111220.JPG
[2013/05/27 07:26:56 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/05/16 12:34:03 | 095,023,320 | ---- | C] () -- C:\ProgramData\mjofodof.pad
[2013/01/29 23:07:31 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/12/30 20:33:05 | 000,368,102 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\funmoods-speeddial_sf.crx
[2012/12/30 20:33:04 | 000,031,465 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\funmoods.crx
[2012/04/10 21:27:53 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/03/08 23:23:33 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/24 09:01:06 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempRM6084.html
[2011/09/19 20:04:07 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempbC5280.html
[2011/09/19 20:04:07 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempBJ5280.html
[2011/08/09 17:57:45 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempTGy640.html
[2011/06/06 20:21:14 | 117,182,464 | ---- | C] () -- C:\Users\Messi10fcb\kavkis.msi
[2011/06/04 19:40:39 | 000,010,458 | -HS- | C] () -- C:\Users\Messi10fcb\AppData\Local\vil230ta1hyo6
[2011/06/04 19:40:39 | 000,010,352 | -HS- | C] () -- C:\ProgramData\vil230ta1hyo6
[2010/12/31 09:17:32 | 000,001,854 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Roaming\GhostObjGAFix.xml
[2010/11/20 16:12:24 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempnv1252.html
[2010/11/15 15:07:02 | 000,001,760 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Roaming\wklnhst.dat
[2010/11/15 13:57:19 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempFp1456.html
[2010/10/13 18:56:34 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempEO5212.html
[2010/08/27 18:39:01 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Temppu3196.html
[2010/08/25 08:03:32 | 002,320,213 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpP1070636.0
[2010/08/25 08:03:32 | 000,532,884 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpP1070636.JPG
[2010/08/13 09:45:15 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempOD3272.html
[2010/07/14 23:08:38 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempPOH624.html
[2010/07/14 08:46:44 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempjx1044.html
[2010/07/13 08:39:41 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempTs1160.html
[2010/07/12 08:51:24 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempig1344.html
[2010/07/11 08:10:22 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempJu1380.html
[2010/07/10 08:54:43 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempHN2536.html
[2010/07/09 07:29:42 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempzf1568.html
[2010/07/08 12:32:58 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempHN1864.html
[2010/07/06 08:03:03 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempub2948.html
[2010/07/05 07:35:24 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempcG2204.html
[2010/07/04 09:00:47 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempja5876.html
[2010/07/04 08:09:56 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempoD2216.html
[2010/07/03 08:13:13 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempgm2608.html
[2010/07/02 08:38:57 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempai2524.html
[2010/06/30 14:11:17 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempkS2932.html
[2010/06/29 20:25:54 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempCD1648.html
[2010/06/29 14:50:33 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempDe1676.html
[2010/06/28 19:25:46 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempIT1352.html
[2010/06/27 17:05:32 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempCE1580.html
[2010/06/26 14:42:19 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempEh4592.html
[2010/06/26 08:37:30 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempyd3428.html
[2010/06/25 08:08:59 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempIK3836.html
[2010/06/23 08:23:33 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempLl3272.html
[2010/06/21 13:22:56 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempmEC832.html
[2010/06/21 01:56:14 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempFl4008.html
[2010/06/21 01:56:14 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempBp4008.html
[2010/06/20 21:04:34 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempHM2908.html
[2010/06/17 21:12:19 | 002,592,472 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpDSC09377.0
[2010/06/17 21:12:19 | 000,522,249 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpDSC09377.JPG
[2010/06/17 08:20:00 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempzD3116.html
[2010/06/16 07:45:30 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempYw3748.html
[2010/06/15 08:03:35 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempVi3344.html
[2010/06/14 07:37:42 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempJB2704.html
[2010/06/13 22:00:01 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempLW3788.html
[2010/06/13 21:02:17 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempb10844.html
[2010/06/13 21:02:17 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempM10844.html
[2010/06/13 20:53:56 | 000,003,584 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/13 20:49:22 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/06/13 08:14:08 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempbd3308.html
[2010/05/17 07:13:14 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempzl3540.html
[2010/05/16 23:19:13 | 001,886,203 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpDSCF0301.0
[2010/05/16 23:19:13 | 001,119,228 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpDSCF0301.JPG
[2010/05/16 18:51:35 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempqx1872.html
[2010/05/16 16:34:47 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempOp2320.html
[2010/05/16 16:34:47 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempEL2320.html
[2010/05/15 07:15:21 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempsf3540.html
[2010/05/14 08:04:58 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Temppy3468.html
[2010/05/13 08:59:21 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempDC3288.html
[2010/05/12 21:41:12 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TemppI4044.html
[2010/05/12 08:08:29 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempCJ3380.html
[2010/05/12 08:08:29 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempiU3380.html
[2010/05/11 21:44:24 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempaK3816.html
[2010/05/11 19:46:29 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Temppd3504.html
[2010/05/09 13:00:14 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempST1880.html
[2010/05/07 09:20:37 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempjG1544.html
[2010/05/07 07:51:12 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempbT1592.html
[2010/05/06 13:52:37 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempDa1400.html
[2010/05/06 07:53:22 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempgc1016.html
[2010/05/05 08:10:57 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempqM2700.html
[2010/05/04 21:34:42 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempcZ1520.html
[2010/05/04 21:17:13 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempuM1616.html
[2010/05/04 21:17:13 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempAM1616.html
[2010/05/04 11:32:36 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempCw3236.html
[2010/05/04 11:32:36 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempOL3236.html
[2010/05/03 21:08:58 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempFA3512.html
[2010/05/03 19:40:37 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempaQ3164.html
[2010/05/03 08:00:44 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempet1528.html
[2010/05/02 14:15:57 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempad3580.html
[2010/05/02 08:35:48 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempFX3188.html
[2010/05/01 08:11:01 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempau3596.html
[2010/04/30 22:27:19 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempsU5384.html
[2010/04/30 19:42:20 | 000,376,024 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpBACK.JPG
[2010/04/30 17:48:50 | 000,615,311 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\tmpBACK.0
[2010/04/30 08:16:50 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempqx3852.html
[2010/04/29 08:48:40 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempQw3344.html
[2010/04/28 22:37:00 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempIh4744.html
[2010/04/28 22:37:00 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempDo4744.html
[2010/04/28 20:17:38 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempqv3364.html
[2010/04/28 20:17:38 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempvD3364.html
[2010/04/28 08:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Templl3144.html
[2010/04/28 08:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempzL3144.html
[2010/04/27 10:34:37 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempMS3484.html
[2010/04/25 08:57:15 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempRh3248.html
[2010/04/24 11:16:29 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\Tempqgc724.html
[2010/04/23 17:47:26 | 000,002,432 | ---- | C] () -- C:\Users\Messi10fcb\AppData\Local\TempNf2396.html
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/12/11 18:25:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/12/11 18:25:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012/10/31 20:40:10 | 000,000,000 | -HSD | M] -- C:\Users\Messi10fcb\AppData\Roaming\.#
[2013/01/29 23:07:43 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Atari
[2011/04/24 20:16:08 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\AVG10
[2013/05/25 10:55:29 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\AVG2013
[2013/09/17 19:39:43 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\BabSolution
[2011/09/16 19:46:19 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Babylon
[2012/08/31 20:07:53 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\funkitron
[2012/12/30 20:33:07 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Funmoods
[2010/07/14 23:35:02 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Gadu-Gadu 10
[2013/08/25 20:02:00 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\HTC
[2013/08/25 20:02:00 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\HTC Sync
[2012/12/27 21:38:41 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\ipla
[2010/11/01 08:54:31 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Leadertech
[2010/04/23 21:41:20 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\OpenFM
[2013/05/24 17:33:14 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Opera
[2012/10/07 12:06:25 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Origin
[2010/11/17 13:24:03 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\RDRM
[2013/08/14 02:31:48 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\SoftGrid Client
[2012/06/04 22:54:01 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Sports Interactive
[2010/11/15 15:07:04 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Template
[2013/01/18 08:18:03 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\TP
[2013/05/25 10:54:13 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\TuneUp Software
[2012/03/11 20:37:56 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\wargaming.net
[2010/04/16 09:36:06 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\WildTangent
[2013/03/07 21:00:25 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\Windows Live Writer
[2010/04/16 22:10:33 | 000,000,000 | ---D | M] -- C:\Users\Messi10fcb\AppData\Roaming\_MDLogs
[2012/12/11 18:25:37 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\TuneUp Software
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >