OTL. log
OTL logfile created on: 25/03/2014 06:26:28 - Run 10
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hightorque UK\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19507)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.97 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 43.01% Memory free
6.14 Gb Paging File | 4.10 Gb Available in Paging File | 66.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 113.35 Gb Free Space | 39.36% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.93 Gb Free Space | 49.34% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 163.88 Gb Free Space | 54.98% Space Free | Partition Type: NTFS
Computer Name: HIGHTORQUEUK-PC | User Name: Hightorque UK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/07 11:29:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hightorque UK\Downloads\OTL.exe
PRC - [2013/12/18 18:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/10/18 07:47:14 | 003,795,160 | ---- | M] (Speedbit Ltd.) -- C:\Programs\DAP\DAP.exe
PRC - [2013/09/07 17:20:56 | 000,071,224 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\waol.exe
PRC - [2013/09/07 17:20:48 | 000,045,624 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\shellmon.exe
PRC - [2013/09/07 03:53:15 | 002,368,568 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7c\AOLBrowser\aolbrowser.exe
PRC - [2013/08/27 15:57:34 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/08/27 15:57:32 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/28 15:53:14 | 000,036,744 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2012/01/13 15:22:10 | 001,493,288 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
PRC - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/11/02 02:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/03/16 15:18:28 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
PRC - [2011/03/16 15:17:57 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2010/03/08 07:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/11 15:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 15:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/08/19 06:19:40 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/08/19 06:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2008/08/15 16:53:36 | 000,099,568 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldtserv.exe
PRC - [2008/02/25 10:38:12 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldtcoms.exe
PRC - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/17 16:45:26 | 000,040,960 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
========== Modules (No Company Name) ==========
MOD - [2014/03/12 14:38:10 | 016,276,872 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014/02/14 07:39:50 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\032ab8e56366d48dc3f04b6eb7bc8c9f\System.Runtime.Serialization.ni.dll
MOD - [2014/02/14 07:39:46 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\a8726347d3e5269f6d4fcb972341898c\SMDiagnostics.ni.dll
MOD - [2014/02/14 07:39:45 | 017,403,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1120b79bc6e03a4c84832103d1f05b67\System.ServiceModel.ni.dll
MOD - [2014/02/14 07:38:32 | 011,909,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2183861863b3c98036f0d75f303d2a65\System.Web.ni.dll
MOD - [2014/02/14 07:37:49 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/14 06:59:40 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/14 06:58:56 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/14 06:58:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/13 22:47:33 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/13 22:47:11 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2014/01/17 06:56:24 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2014/01/17 06:56:22 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2014/01/17 06:56:15 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2014/01/17 06:56:07 | 000,010,240 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2014/01/17 06:56:03 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/10/21 07:44:45 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2013/09/07 17:20:57 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\zlib.dll
MOD - [2013/09/07 17:19:37 | 021,117,440 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libcef.dll
MOD - [2013/09/07 17:19:35 | 000,648,704 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libGLESv2.dll
MOD - [2013/09/07 17:19:35 | 000,122,880 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\libEGL.dll
MOD - [2013/09/07 17:19:22 | 000,094,208 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\components\Tier2Svc.dll
MOD - [2013/09/07 17:19:22 | 000,060,928 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7c\components\DataSvcs.dll
MOD - [2011/11/25 08:15:36 | 000,057,344 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSLOG.DLL
MOD - [2006/07/17 16:56:52 | 000,077,824 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSEVENT.DLL
MOD - [2006/07/17 16:56:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSERROR.DLL
MOD - [2006/07/17 16:45:26 | 000,040,960 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE
MOD - [2006/07/17 16:44:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SDSREG.DLL
MOD - [2006/07/17 16:40:50 | 000,016,384 | ---- | M] () -- C:\Program Files\Royal Mail\SmartStamp\BINARY\SMSG.DLL
========== Services (SafeList) ==========
SRV - [2014/03/12 14:38:14 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/18 18:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/27 15:57:34 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/16 15:18:28 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV - [2010/01/18 13:21:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/11 15:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/08/19 06:19:38 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008/08/15 16:53:36 | 000,099,568 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2008/02/25 10:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldtcoms.exe -- (dldt_device)
SRV - [2008/01/21 02:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\netfilter.sys -- (netfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\HIGHTO~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/12/13 06:33:17 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2013/10/25 02:34:18 | 000,230,448 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/10/25 02:34:18 | 000,157,264 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/10/25 02:34:18 | 000,108,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/12/01 10:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 10:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2009/12/31 15:56:38 | 000,177,748 | ---- | M] (Divio Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcam.sys -- (DCamUSBNW802)
DRV - [2009/11/16 03:13:14 | 000,216,576 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/10/21 06:38:35 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/26 17:55:14 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/08/19 07:03:28 | 000,079,960 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2008/08/19 07:02:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/02/05 00:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008/01/21 02:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/29 22:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
DRV - [2006/11/02 07:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{86789896-718A-4BDD-93BC-10B967B0B5FC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{09BF01E0-CFE9-4104-B0BB-B5724D999A05}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{09BF01E0-CFE9-4104-B0BB-B5724D999A05}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 8A F6 F7 95 A3 CC 01 [binary data]
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..\SearchScopes\{7382B45C-D8A1-4143-8EE6-B25852BFA719}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..\SearchScopes\FFF9366C2DEB4E6B8AE77F135949B1E9: "URL" = http://search.speedb...q={searchTerms}
IE - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/02 09:20:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programs\DAP\daplinkchecker [2013/10/18 07:50:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Programs\DAP\DAPFireFox [2013/10/18 07:50:48 | 000,000,000 | ---D | M]
[2010/07/23 10:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hightorque UK\AppData\Roaming\Mozilla\Extensions
[2010/07/23 10:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hightorque UK\AppData\Roaming\Mozilla\Extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DAP Link Checker = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.1.2_1\
CHR - Extension: Google Search = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: Google Wallet = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Hightorque UK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2011/09/01 12:17:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AOL Broadband Toolbar Loader) - {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Programs\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programs\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Broadband Toolbar) - {e6ed7f95-e571-4f81-8757-5eb11252703d} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Broadband Toolbar) - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Broadband Toolbar) - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..\Toolbar\WebBrowser: (AOL Broadband Toolbar) - {E6ED7F95-E571-4F81-8757-5EB11252703D} - C:\Program Files\AOL Broadband Toolbar\aolbbtb.dll (AOL LLC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1255507870\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [OLP-Tray] C:\Program Files\Royal Mail\SmartStamp\BINARY\STRAY.EXE ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000..\Run: [DAP10] C:\Programs\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000..\Run: [DownloadAccelerator] C:\Programs\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Programs\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Programs\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Programs\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Programs\DAP\dapextie2.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..Trusted Domains: rapidgator.net ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\..Trusted Domains: rapidgator.net ([www] http in Trusted sites)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{625F0475-6EA3-4FEA-B9C8-224019DDD165}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-3090621729-691808380-2464640456-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/03/22 07:10:49 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Desktop\HDPCU2_DriveNavi_102 - Copy
[2014/03/17 08:17:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/17 08:06:17 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Hightorque UK\Desktop\JRT.exe
[2014/03/16 07:06:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/15 20:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB
[2014/03/15 05:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareWatcher bundle
[2014/03/12 06:41:47 | 000,000,000 | ---D | C] -- C:\FRST
[2014/03/10 08:55:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/03/08 09:39:55 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\iPubsoft files
[2014/03/08 09:39:55 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\iPubsoft
[2014/03/08 09:39:55 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\iPubsoft
[2014/03/06 13:34:51 | 000,000,000 | ---D | C] -- C:\eBooks
[2014/03/04 17:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/04 17:33:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/03/03 11:19:45 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\Documents\damaged_parcel
[2014/03/01 06:54:44 | 000,000,000 | -HSD | C] -- C:\found.001
[2014/02/25 13:34:48 | 000,000,000 | ---D | C] -- C:\Users\Hightorque UK\AppData\Roaming\Roxio Log Files
[2013/12/07 01:02:43 | 017,968,344 | ---- | C] (Steganos Software GmbH) -- C:\Users\Hightorque UK\safe2012int_nero.exe
[2012/09/03 12:10:50 | 436,342,856 | ---- | C] (Nero AG) -- C:\Users\Hightorque UK\Nero-11.2.00600.exe
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Hightorque UK\*.tmp files -> C:\Users\Hightorque UK\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/03/25 06:34:30 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{95D5E3F6-1BC2-48DA-87DA-387FB7EB0FB8}.job
[2014/03/25 06:32:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1187167D-694A-4D97-9748-C1A6B331311F}.job
[2014/03/25 06:20:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/25 06:07:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/25 06:05:22 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 06:05:22 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 06:05:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/25 06:05:09 | 3184,513,024 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/24 21:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/24 13:48:41 | 000,031,232 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/03/24 10:35:48 | 000,649,822 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/24 10:35:48 | 000,125,862 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/24 08:56:37 | 000,058,824 | ---- | M] () -- C:\Users\Hightorque UK\Documents\inv141723.pdf
[2014/03/24 06:43:03 | 000,000,285 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\New Volume (F) - Shortcut.lnk
[2014/03/24 06:29:57 | 000,002,435 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Betting Assistant.lnk
[2014/03/23 09:55:32 | 000,002,060 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\Kindle.lnk
[2014/03/18 11:15:42 | 000,058,029 | ---- | M] () -- C:\Users\Hightorque UK\Documents\inv141693.pdf
[2014/03/17 08:12:53 | 000,000,878 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\msseces.exe - Shortcut.lnk
[2014/03/17 08:06:20 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Hightorque UK\Desktop\JRT.exe
[2014/03/16 07:04:31 | 001,950,720 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\AdwCleaner.exe
[2014/03/15 20:44:20 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/15 03:23:32 | 000,786,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/14 16:15:24 | 000,000,513 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\OTL.exe - Shortcut.lnk
[2014/03/14 12:27:54 | 000,000,512 | ---- | M] () -- C:\Users\Hightorque UK\Documents\MBR.dat
[2014/03/14 07:08:28 | 000,000,624 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\TFC.exe - Shortcut.lnk
[2014/03/14 07:07:55 | 000,000,631 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\FRST.exe - Shortcut.lnk
[2014/03/08 10:19:44 | 383,168,038 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/07 09:10:14 | 000,070,664 | ---- | M] () -- C:\Users\Hightorque UK\Documents\Inv141667.pdf
[2014/03/06 12:13:43 | 000,000,680 | ---- | M] () -- C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
[2014/03/04 17:34:16 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 11:04:12 | 000,000,524 | ---- | M] () -- C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
[2014/03/03 11:19:45 | 006,754,680 | ---- | M] () -- C:\Users\Hightorque UK\Documents\damaged_parcel.zip
[2014/02/25 13:38:18 | 000,000,181 | ---- | M] () -- C:\Windows\WININIT.INI
[2014/02/23 08:29:04 | 000,001,957 | ---- | M] () -- C:\Users\Hightorque UK\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[34 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Hightorque UK\*.tmp files -> C:\Users\Hightorque UK\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/24 08:56:36 | 000,058,824 | ---- | C] () -- C:\Users\Hightorque UK\Documents\inv141723.pdf
[2014/03/24 06:43:03 | 000,000,285 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\New Volume (F) - Shortcut.lnk
[2014/03/22 07:10:48 | 000,001,644 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\The Staking Machine V4.0 - Copy.lnk
[2014/03/22 07:10:48 | 000,001,096 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\WebPlus - Shortcut - Copy.lnk
[2014/03/22 07:10:48 | 000,000,766 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\REGSERVO - Copy.lnk
[2014/03/22 07:10:48 | 000,000,575 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\Sage Line 50 (2) - Copy.lnk
[2014/03/18 11:15:41 | 000,058,029 | ---- | C] () -- C:\Users\Hightorque UK\Documents\inv141693.pdf
[2014/03/17 08:12:53 | 000,000,878 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\msseces.exe - Shortcut.lnk
[2014/03/17 07:57:05 | 3184,513,024 | -HS- | C] () -- C:\hiberfil.sys
[2014/03/16 07:04:23 | 001,950,720 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\AdwCleaner.exe
[2014/03/14 16:15:24 | 000,000,513 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\OTL.exe - Shortcut.lnk
[2014/03/14 12:27:54 | 000,000,512 | ---- | C] () -- C:\Users\Hightorque UK\Documents\MBR.dat
[2014/03/14 07:08:31 | 000,000,624 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\TFC.exe - Shortcut.lnk
[2014/03/14 07:08:00 | 000,000,631 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\FRST.exe - Shortcut.lnk
[2014/03/07 09:10:12 | 000,070,664 | ---- | C] () -- C:\Users\Hightorque UK\Documents\Inv141667.pdf
[2014/03/04 17:34:15 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 11:04:26 | 000,000,524 | ---- | C] () -- C:\Users\Hightorque UK\Desktop\New - Shortcut.lnk
[2014/03/04 08:06:54 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/03/03 11:18:52 | 006,754,680 | ---- | C] () -- C:\Users\Hightorque UK\Documents\damaged_parcel.zip
[2014/02/25 13:38:16 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2013/08/11 19:07:17 | 000,224,041 | ---- | C] () -- C:\Users\Hightorque UK\Northampton_Milton_Keynes_Leighton_Buzzard_London.pdf
[2013/08/05 08:34:37 | 030,914,760 | ---- | C] () -- C:\Users\Hightorque UK\TomTomHOME2winlatest_1.exe
[2013/08/05 08:33:37 | 030,914,760 | ---- | C] () -- C:\Users\Hightorque UK\TomTomHOME2winlatest.exe
[2013/04/30 13:32:14 | 000,282,624 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\SettingsDB.sdf
[2012/11/22 08:19:20 | 000,013,399 | ---- | C] () -- C:\Users\Hightorque UK\248.pdf
[2012/11/19 16:19:07 | 000,013,535 | ---- | C] () -- C:\Users\Hightorque UK\247.pdf
[2012/11/19 09:15:24 | 000,013,456 | ---- | C] () -- C:\Users\Hightorque UK\246.pdf
[2012/11/19 08:05:09 | 000,013,446 | ---- | C] () -- C:\Users\Hightorque UK\245.pdf
[2012/11/11 19:29:13 | 000,013,438 | ---- | C] () -- C:\Users\Hightorque UK\243.pdf
[2012/11/05 20:36:21 | 000,013,412 | ---- | C] () -- C:\Users\Hightorque UK\242.pdf
[2012/10/27 08:53:01 | 000,013,419 | ---- | C] () -- C:\Users\Hightorque UK\241.pdf
[2012/10/24 08:08:34 | 000,013,434 | ---- | C] () -- C:\Users\Hightorque UK\240.pdf
[2012/10/20 06:53:25 | 000,000,000 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\.NANotifyHere
[2012/10/05 15:42:42 | 000,013,395 | ---- | C] () -- C:\Users\Hightorque UK\237.pdf
[2012/10/05 15:42:26 | 000,013,393 | ---- | C] () -- C:\Users\Hightorque UK\236.pdf
[2012/09/29 06:53:56 | 000,013,400 | ---- | C] () -- C:\Users\Hightorque UK\235.pdf
[2012/09/20 14:40:24 | 000,013,497 | ---- | C] () -- C:\Users\Hightorque UK\234.pdf
[2012/09/18 07:37:21 | 000,013,549 | ---- | C] () -- C:\Users\Hightorque UK\233.pdf
[2012/09/15 18:48:01 | 000,013,382 | ---- | C] () -- C:\Users\Hightorque UK\232.pdf
[2012/09/05 09:49:38 | 000,013,481 | ---- | C] () -- C:\Users\Hightorque UK\231.pdf
[2012/09/04 12:20:38 | 000,005,102 | ---- | C] () -- C:\Users\Hightorque UK\page.pdf
[2012/09/03 12:16:39 | 000,060,285 | ---- | C] () -- C:\Users\Hightorque UK\RE-1201012735.pdf
[2012/03/16 11:02:58 | 000,014,412 | ---- | C] () -- C:\Users\Hightorque UK\Invoice R Gorry.pdf
[2012/02/10 09:30:35 | 000,000,000 | ---- | C] () -- C:\Users\Hightorque UK\chkdsk
[2011/09/01 15:29:54 | 009,395,499 | ---- | C] () -- C:\Users\Hightorque UK\smartstampsetup3.0.0.8XP.zip
[2010/08/25 09:54:17 | 000,000,780 | ---- | C] () -- C:\Users\Hightorque UK\.recently-used.xbel
[2010/06/18 14:40:14 | 000,000,340 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\wklnhst.dat
[2009/12/09 11:43:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/24 08:39:59 | 000,178,688 | ---- | C] () -- C:\Program Files\hjsplit.exe
[2009/10/22 15:21:53 | 008,801,704 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe
[2009/10/14 09:24:51 | 000,000,680 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Local\d3d9caps.dat
[2009/10/13 13:50:47 | 000,031,232 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/13 11:05:29 | 000,000,008 | ---- | C] () -- C:\Users\Hightorque UK\AppData\Roaming\usb.dat.bin
========== ZeroAccess Check ==========
[2006/11/02 12:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/04/01 07:22:53 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Genie-Soft
[2010/02/24 13:28:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2011/04/01 07:22:53 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Genie-Soft
[2010/02/24 13:28:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2012/04/27 07:04:15 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\1Million Ltd
[2010/05/08 11:31:06 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\8941552A24D5D328DC13B138230BD8B4
[2011/02/18 14:22:54 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\acccore
[2011/05/03 10:45:38 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Alibre Design
[2011/06/26 09:48:03 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Betting Assistant
[2010/03/01 11:20:08 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Chinaweal Longteng
[2010/02/16 14:33:22 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/03/31 12:01:37 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\CrashPlan
[2011/04/05 13:09:31 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\DraftSight
[2012/02/10 09:36:48 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\EMCO
[2011/04/01 07:23:44 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Genie-Soft
[2014/02/18 23:35:04 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\go
[2009/10/27 11:46:31 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\GoodSync
[2013/12/11 13:06:48 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Gruss Software
[2009/11/24 11:36:38 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Infacta
[2010/06/21 11:56:04 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\inkscape
[2014/03/08 09:39:55 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\iPubsoft
[2013/02/07 14:14:25 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Research In Motion
[2009/10/13 13:02:16 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Serif
[2010/06/18 14:40:16 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Template
[2010/07/23 10:19:12 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\TomTom
[2009/12/18 09:45:40 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Trusteer
[2011/04/17 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\Hightorque UK\AppData\Roaming\Windows Live Writer
[2009/12/23 16:18:02 | 000,000,000 | ---D | M] -- C:\Users\Neville\AppData\Roaming\Blitware
[2009/10/27 17:21:07 | 000,000,000 | ---D | M] -- C:\Users\Neville\AppData\Roaming\GoodSync
[2009/12/23 16:17:48 | 000,000,000 | ---D | M] -- C:\Users\Neville\AppData\Roaming\Infacta
[2009/12/19 10:07:39 | 000,000,000 | ---D | M] -- C:\Users\Neville\AppData\Roaming\Trusteer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 929 bytes -> C:\Users\Hightorque UK\Documents\Ricevutadeltuopagamentoahightorqueuk@aol_com.eml:OECustomProperty
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
< End of report >