OTL logfile created on: 8/25/2015 1:04:27 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 270.49 Gb Free Space | 90.75% Space Free | Partition Type: NTFS
Drive D: | 1.86 Gb Total Space | 0.70 Gb Free Space | 37.81% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto] --  -- (NvUpdSrv)
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [Disabled] --  -- (GamingWonderlandService)
SRV - File not found [On_Demand] --  -- (ACDaemon)
SRV - [2014/08/14 13:12:42 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) [Auto] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2014/04/26 21:46:04 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2007/05/03 13:18:02 | 000,407,072 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | System] --  -- (pjsyagmu)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (panprbcs)
DRV - File not found [Kernel | System] --  -- (nlwptgwt)
DRV - File not found [Kernel | System] --  -- (mpkxlzig)
DRV - File not found [Kernel | On_Demand] --  -- (lmimirr)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (jzqptwgz)
DRV - File not found [Kernel | System] --  -- (ixapywld)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (hmbfolgc)
DRV - File not found [Kernel | System] --  -- (gwboshei)
DRV - File not found [Kernel | System] --  -- (flaltlmh)
DRV - File not found [Kernel | System] --  -- (ffoxeeez)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | System] --  -- (cbqimngj)
DRV - File not found [Kernel | On_Demand] --  -- (BS2293111566)
DRV - File not found [Kernel | System] --  -- (bcgzvftl)
DRV - [2014/11/08 18:07:26 | 000,061,728 | ---- | M] () [File_System | Auto] -- C:\Program Files\HomeTab\stdmfpam.dll -- (stdmfpam)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/01/11 21:39:45 | 000,395,744 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011/01/11 21:39:45 | 000,040,064 | ---- | M] (Acronis) [File_System | Auto] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011/01/11 21:39:39 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2006/02/14 20:02:56 | 000,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/08/03 18:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2003/12/09 17:43:00 | 000,045,568 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SiSRaid.sys -- (SiSRaid)
DRV - [2003/08/08 20:00:28 | 000,032,640 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = about:newtab
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=62606&tid=6533&ver=7.3&ts=1375722357078.000004&tguid=62606-6533-1375722357078.000004-159D4844AF3640D2A4E66BF1F02FD1EA&st=chrome&q=
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKU\Parts_ON_C\Software\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKU\Parts_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Parts_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://cdn1.browsersecurity.net/safe/cloud.js?si=62606&tid=6533
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2011/05/19 20:19:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/29 21:20:24 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2013/08/05 13:06:50 | 000,003,307 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
 
O1 HOSTS File: ([2012/04/16 18:06:36 | 000,000,855 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 94.63.147.17	www.bing.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (HomeTab) - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Program Files\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (HomeTab) - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Program Files\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
O3 - HKU\Parts_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\SonicWALL\SonicWALL Bare Metal Recovery and Local Archiving\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\SonicWALL\SonicWALL Bare Metal Recovery and Local Archiving\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\Parts_ON_C..\Run: [bddffedct]  File not found
O4 - HKU\Parts_ON_C..\Run: [hugwssoqsl]  File not found
O4 - HKU\Parts_ON_C..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\owner_ON_C..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\owner_ON_C..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SideACT!.lnk = C:\Program Files\ACT\SideACT.exe (Interact Commerce Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LogMeInRemoteUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Parts_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1294697405953 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1294697594375 (MUWebControl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/10 18:50:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015/08/25 01:03:49 | 000,095,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ATAPI.SYS
[2015/08/24 16:20:41 | 000,000,000 | ---D | C] -- C:\RescueCD Logs
[2015/08/23 19:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\aaa
[2015/08/23 19:49:07 | 005,635,234 | R--- | C] (Swearware) -- C:\ComboFix(1).exe
[2015/08/23 19:47:54 | 000,000,000 | ---D | C] -- C:\FRST
[2015/08/23 17:32:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/08/21 13:10:52 | 024,345,872 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\mbam-setup-2.1.8.1057.exe
[2015/08/21 13:10:24 | 002,019,656 | ---- | C] (Bleeping Computer, LLC) -- C:\iExplore.exe
[2015/08/21 13:09:50 | 005,635,234 | R--- | C] (Swearware) -- C:\ComboFix.exe
[2015/08/20 13:36:47 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2015/08/20 11:28:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015/08/23 17:20:28 | 005,635,234 | R--- | M] (Swearware) -- C:\ComboFix(1).exe
[2015/08/21 13:11:12 | 024,345,872 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\mbam-setup-2.1.8.1057.exe
[2015/08/21 13:10:25 | 002,019,656 | ---- | M] (Bleeping Computer, LLC) -- C:\iExplore.exe
[2015/08/21 13:09:54 | 005,635,234 | R--- | M] (Swearware) -- C:\ComboFix.exe
[2015/08/20 11:28:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/08/20 11:28:35 | 000,000,229 | -HS- | M] () -- C:\boot.ini
[2015/08/20 11:22:56 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2015/08/20 11:22:54 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2015/08/20 11:22:51 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Parts\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/08/20 11:22:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/20 11:22:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/08/20 11:22:49 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1767777339-682003330-1004.job
[2015/08/20 11:21:45 | 2146,643,968 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/19 03:02:03 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\SystemSockets.job
[2015/08/19 03:02:03 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\Protected Search.job
[2015/08/19 02:51:07 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/08/19 02:45:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/08/19 02:42:01 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job
[2015/08/18 23:11:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Browser Updater.job
[2015/08/18 19:42:43 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job
[2015/08/12 06:20:26 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Parts\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014/12/20 00:08:34 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Parts\Local Settings\Application Data\d3d9caps.dat
[2014/12/09 18:15:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/08/05 13:06:57 | 000,034,368 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013/01/23 19:44:38 | 002,250,054 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.bmp
[2013/01/23 19:42:05 | 000,350,795 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.jpg
[2012/11/08 00:07:33 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2012/02/16 12:16:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/12 17:10:01 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Parts\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/19 14:11:38 | 000,011,292 | -HS- | C] () -- C:\Documents and Settings\Parts\Local Settings\Application Data\sxt1vr6s1615w5it762o5b64u2x70448n7t78252d5l
[2011/05/19 14:11:38 | 000,011,292 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\sxt1vr6s1615w5it762o5b64u2x70448n7t78252d5l
[2011/05/18 22:57:54 | 000,011,404 | -HS- | C] () -- C:\Documents and Settings\Parts\Local Settings\Application Data\405a481v1p73r00sd4854fqwg0637xef60j3i2n5xlhy
[2011/05/18 22:57:54 | 000,011,404 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\405a481v1p73r00sd4854fqwg0637xef60j3i2n5xlhy
[2011/01/11 21:18:59 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/01/11 21:14:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/01/11 21:14:54 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2011/01/11 20:43:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2011/01/10 19:37:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/10 19:29:49 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/01/10 18:52:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/01/10 18:47:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/10 10:43:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/10 10:41:55 | 000,149,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/25 14:58:06 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/10/22 14:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 14:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/22 14:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 14:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/22 14:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 14:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 14:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 14:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/22 14:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/22 14:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 14:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/22 11:30:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PTQL5F.DLL
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,433,162 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,067,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/02/28 07:00:00 | 000,000,230 | ---- | C] () -- C:\Documents and Settings\Parts\Application Data\PBS2293111566.ini
[2006/02/28 07:00:00 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\PBS2293111566.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014/09/20 17:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\SimplyTech
[2012/02/29 21:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\BabylonToolbar
[2014/09/19 12:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Complitly
[2011/11/21 12:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Cooqci
[2013/01/13 05:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\FilmFanatic
[2013/11/25 06:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\HomeTab
[2013/07/25 21:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\JAM Software
[2011/01/16 18:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\OpenOffice.org
[2013/08/05 13:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\SimplyTech
[2012/11/07 23:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Skinux
[2012/12/23 04:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Spotify
[2011/11/17 18:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Utpo
[2012/08/02 16:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Wondershare
[2012/10/18 02:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parts\Application Data\Wuiqor
[2014/04/06 21:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/10/09 01:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2015/08/18 23:11:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\Browser Updater.job
[2015/08/19 03:02:03 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\Protected Search.job
[2015/08/19 03:02:03 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\SystemSockets.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >