Antivirus 2010 removal help needed

Every time I open my PC a message always popped out saying "The application or DLL c:\program files\settings manager\smdmf\x64\syapcrt.dll is not a valid Windows image. Please check this against your installation diskette.

How can I fixed this? Hope you'd help me. Thanks a lot!

OTL logfile created on: 1/8/2015 3:34:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = e:\Documents and Settings\Neneng Ebarle\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.98 Mb Total Physical Memory | 146.23 Mb Available Physical Memory | 28.62% Memory free

1.41 Gb Paging File | 0.68 Gb Available in Paging File | 48.63% Paging File free

Paging file location(s): C:\pagefile.sys 960 1920 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37.24 Gb Total Space | 18.39 Gb Free Space | 49.36% Space Free | Partition Type: NTFS

Drive E: | 37.26 Gb Total Space | 14.61 Gb Free Space | 39.22% Space Free | Partition Type: NTFS

Computer Name: WINDFIEL-2299EC | User Name: Neneng Ebarle | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/01/08 15:34:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- e:\Documents and Settings\Neneng Ebarle\My Documents\Downloads\OTL.scr

PRC - [2015/01/08 15:28:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- e:\Documents and Settings\Neneng Ebarle\My Documents\Downloads\OTL.exe

PRC - [2014/12/24 18:27:11 | 002,665,984 | ---- | M] () -- C:\Program Files\Search Extensions\Client.exe

PRC - [2014/12/06 09:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2014/10/05 21:01:25 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe

PRC - [2014/10/03 20:58:24 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2014/09/22 15:19:43 | 003,587,088 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\smdmf\smdmfu.exe

PRC - [2014/09/22 15:19:39 | 003,572,240 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\smdmf\SmdmFService.exe

PRC - [2012/06/22 21:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

PRC - [2011/10/28 12:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe

PRC - [2010/09/03 04:18:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe

PRC - [2010/07/27 19:11:18 | 000,991,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe

PRC - [2009/03/10 22:18:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe

PRC - [2008/11/26 03:58:40 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe

PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008/06/24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

PRC - [2008/04/14 13:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/07/23 11:25:06 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

PRC - [2003/12/13 08:50:34 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

PRC - [2003/02/11 08:10:00 | 000,106,560 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZQKPICK.EXE

========== Modules (No Company Name) ==========

MOD - [2015/01/08 10:42:36 | 002,909,696 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\15010701\algo.dll

MOD - [2014/12/24 18:27:11 | 002,665,984 | ---- | M] () -- C:\Program Files\Search Extensions\Client.exe

MOD - [2014/12/06 09:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll

MOD - [2014/12/06 09:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

MOD - [2014/10/05 17:30:13 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll

MOD - [2014/10/03 20:58:39 | 019,329,904 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll

MOD - [2014/10/03 20:58:30 | 000,301,152 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswProperty.dll

MOD - [2014/10/02 14:48:36 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll

MOD - [2014/10/01 14:17:44 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll

MOD - [2014/10/01 14:14:43 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll

MOD - [2014/09/30 16:34:18 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll

MOD - [2014/09/30 16:31:42 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll

MOD - [2014/09/22 15:19:47 | 000,489,488 | ---- | M] () -- C:\Program Files\Settings Manager\smdmf\sysapcrt.dll

MOD - [2014/09/22 15:19:41 | 000,019,472 | ---- | M] () -- C:\Program Files\Settings Manager\smdmf\smdmfldr.dll

MOD - [2012/06/22 21:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll

MOD - [2009/12/09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll

MOD - [2008/11/26 03:58:40 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe

MOD - [2008/04/14 13:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/14 13:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2007/07/12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\acAuth.dll

MOD - [2003/12/13 08:50:34 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

========== Services (SafeList) ==========

SRV - [2014/12/29 15:41:09 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/10/03 20:58:24 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2014/09/22 15:19:39 | 003,572,240 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\smdmf\SmdmFService.exe -- (SmdmFService)

SRV - [2012/06/22 21:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)

SRV - [2010/09/03 04:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)

SRV - [2008/11/26 03:58:40 | 000,081,920 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor)

SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2014/11/22 11:29:14 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)

DRV - [2014/10/05 21:01:18 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)

DRV - [2014/10/03 20:58:46 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)

DRV - [2014/10/03 20:58:46 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2014/10/03 20:58:45 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2014/10/03 20:58:45 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2014/10/03 20:58:45 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)

DRV - [2014/10/03 20:58:45 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)

DRV - [2014/09/22 15:19:40 | 000,034,192 | ---- | M] (Aztec Media Inc) [Kernel | System | Running] -- C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)

DRV - [2010/08/06 14:45:28 | 000,907,496 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8192cu.sys -- (RTL8192cu)

DRV - [2009/10/13 20:00:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV - [2009/10/13 19:59:34 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV - [2009/10/13 19:59:22 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV - [2008/04/14 08:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/14 08:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2008/04/13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2001/08/23 22:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2001/08/23 22:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2001/08/17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-s...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.startn...ion=5.1-x86-SP3

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/

IE - HKCU\..\SearchScopes,DefaultScope = {ABD93EAF-D775-BC54-E63B-2804F22FD156}

IE - HKCU\..\SearchScopes\{04B15F68-2B31-4830-8945-3791D4C79520}: "URL" = https://ph.search.ya...p={searchTerms}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC

IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://ph.search.yah...p={searchTerms}

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-s...p={searchTerms}

IE - HKCU\..\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}: "URL" = http://search.startn...eferrer:source}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:1053;https=127.0.0.1:1053;

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "default-search.net"

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="

FF - prefs.js..browser.search.isUS: false

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"

FF - prefs.js..browser.search.selectedEngine: "StartNow "

FF - prefs.js..browser.startup.homepage: "http://search.startn...on=5.1-x86-SP3"

FF - prefs.js..extensions.enabledAddons: %7B4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93%7D:1.5

FF - prefs.js..extensions.enabledAddons: %7B5911488E-9D1E-40ec-8CBB-06B231CC153F%7D:2.5.3

FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655

FF - prefs.js..extensions.enabledItems: [email protected]:5.4

FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.3.0

FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00

FF - prefs.js..keyword.URL: "http://search.startn...on=5.1-x86-SP3"

FF - prefs.js..browser.search.order.1: "StartNow "

FF - prefs.js..browser.search.useDBForOrder: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014/10/03 20:58:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/12/29 15:40:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/12/29 15:40:36 | 000,000,000 | ---D | M]

[2011/03/12 09:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Extensions

[2015/01/08 11:20:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions

[2014/10/19 18:24:17 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93}

[2012/08/20 15:43:54 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}

[2014/10/07 19:59:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2015/01/08 11:20:34 | 000,000,000 | ---D | M] (Linkey for Firefox) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\[email protected]

[2014/08/31 16:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\[email protected]\content

[2014/08/31 16:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\extensions\[email protected]\skin

[2011/10/02 17:33:27 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\searchplugins\bing-zugo.xml

[2015/01/08 11:19:53 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\searchplugins\default-search.xml

[2015/01/08 15:06:34 | 000,000,940 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\searchplugins\startnow.xml

[2013/06/18 20:02:24 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\searchplugins\yahoo.xml

[2014/12/24 11:00:02 | 000,008,139 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Mozilla\Firefox\Profiles\01ba0utr.default\searchplugins\yahoo_ff.xml

[2014/12/29 15:40:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2014/12/29 15:40:27 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2014/12/29 15:40:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2014/12/29 15:41:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url = ,

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.95\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: MicrosoftÂ® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: MicrosoftÂ® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: No name found = C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\1.0.0.5_0\

CHR - Extension: No name found = C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\

CHR - Extension: No name found = C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2001/08/23 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll File not found

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll File not found

O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Linkey\IEExtension\iedll.dll (Aztec Media Inc)

O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll File not found

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll File not found

O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll File not found

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll File not found

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()

O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKCU..\Run: [StartNow Search Protect] C:\Program Files\StartNow Toolbar\search_protect.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Edimax 11n USB Wireless LAN Utility.lnk = C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)

O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00E2E920-3FF5-4B00-8604-B7EBE84B9962}: DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66

O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O20 - AppInit_DLLs: (C:\DOCUME~1\NENENG~1\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\iedll.dll) - C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Linkey\IEExtension\iedll.dll (Aztec Media Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/03/12 10:05:49 | 000,000,051 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{06d3378c-4c8e-11e0-a1cf-00e04c800192}\Shell\AutoRun\command - "" = SafeDrvll.exe

O33 - MountPoints2\{06d3378c-4c8e-11e0-a1cf-00e04c800192}\Shell\Explore\Command - "" = SafeDrvll.exe

O33 - MountPoints2\{06d3378c-4c8e-11e0-a1cf-00e04c800192}\Shell\Open\Command - "" = SafeDrvll.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - c:\Program Files\Settings Manager\smdmf\x64\sysapcrt.dll ()

O36 - AppCertDlls: x86 - (C:\Program Files\Settings Manager\smdmf\sysapcrt.dll) - C:\Program Files\Settings Manager\smdmf\sysapcrt.dll ()

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2015/01/08 12:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014

[2015/01/08 11:50:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\TuneUp Software

[2015/01/08 11:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Application Data\TuneUp Software

[2015/01/08 11:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2014

[2015/01/08 11:41:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2015/01/08 11:27:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

[2015/01/08 11:26:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2015/01/08 11:26:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2015/01/08 11:20:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\Linkey

[2015/01/08 11:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Application Data\FirefoxToolbar

[2015/01/08 11:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Settings Manager

[2015/01/08 11:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\smdmf

[2015/01/08 11:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Application Data\How Inc

[2015/01/08 11:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\My Documents

[2014/12/29 15:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2014/12/24 11:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Neneng Ebarle\Desktop\New Folder

[2014/12/24 10:41:27 | 000,000,000 | ---D | C] -- C:\5004c7c220667a7c81

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[2 C:\Documents and Settings\Neneng Ebarle\Desktop\*.tmp files -> C:\Documents and Settings\Neneng Ebarle\Desktop\*.tmp -> ]

[1 e:\Documents and Settings\Neneng Ebarle\My Documents\*.tmp files -> e:\Documents and Settings\Neneng Ebarle\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/01/08 16:13:58 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2015/01/08 15:10:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2015/01/08 15:05:27 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job

[2015/01/08 15:02:42 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk

[2015/01/08 15:02:37 | 000,000,774 | ---- | M] () -- C:\WINDOWS\tasks\RocketTab Update Task.job

[2015/01/08 15:01:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2015/01/08 15:01:25 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2015/01/08 14:59:38 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\RocketTab.job

[2015/01/08 14:59:38 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job

[2015/01/08 14:58:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2015/01/08 14:58:32 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys

[2015/01/08 12:03:05 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk

[2015/01/08 12:03:05 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2014.lnk

[2015/01/08 12:02:51 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2014.lnk

[2015/01/05 20:40:20 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At2.job

[2015/01/04 10:10:03 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At1.job

[2015/01/04 09:23:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At3.job

[2015/01/04 08:15:42 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Desktop\Microsoft Office Excel 2007 (2).lnk

[2015/01/04 08:13:16 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Desktop\Microsoft Office Word 2007.lnk

[2015/01/04 08:12:46 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Desktop\Microsoft Office Publisher 2007.lnk

[2015/01/04 08:07:01 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Desktop\Microsoft Office PowerPoint 2007.lnk

[2015/01/04 08:06:47 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Neneng Ebarle\Desktop\Microsoft Office Excel 2007.lnk

[2015/01/03 14:00:41 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At4.job

[2015/01/01 22:46:20 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2014/12/24 11:50:19 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2014/12/23 18:52:56 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat

[2014/12/23 18:22:33 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[1 e:\Documents and Settings\Neneng Ebarle\My Documents\*.tmp files -> e:\Documents and Settings\Neneng Ebarle\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/01/08 12:03:05 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk

[2015/01/08 12:03:04 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2014.lnk

[2015/01/08 12:02:52 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014.lnk

[2015/01/08 12:02:47 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2014.lnk

[2014/10/13 09:20:46 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini

[2014/10/03 20:59:40 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys

[2014/10/03 20:30:14 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys

[2014/10/03 20:30:13 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys

[2013/04/09 17:56:34 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2013/04/08 21:14:14 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe

[2011/05/31 21:36:22 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\Neneng Ebarle\Application Data\default.pls

[2011/03/12 09:53:50 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Neneng Ebarle\.rnd

[2011/03/12 06:14:33 | 000,051,200 | ---- | C] () -- C:\Documents and Settings\Neneng Ebarle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2011/03/12 00:18:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2011/12/19 16:53:33 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 20:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2011/03/11 23:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2014/10/03 20:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2012/05/01 20:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games

[2015/01/08 11:26:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2011/04/27 18:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games

[2015/01/08 16:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\smdmf

[2012/03/30 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2015/01/08 11:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2014/10/13 09:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan

[2014/09/28 19:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader

[2015/01/08 11:29:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

[2014/10/05 16:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\AVAST Software

[2012/02/05 18:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant

[2015/01/08 11:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\FirefoxToolbar

[2015/01/08 15:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\How Inc

[2011/03/11 23:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\InterTrust

[2011/10/02 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\OpenCandy

[2012/08/23 15:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\PhotoScape

[2012/04/17 21:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\Rovio

[2012/08/20 15:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\StartNow Toolbar

[2015/01/08 11:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\TuneUp Software

[2012/10/25 14:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\Wildfire

[2012/06/21 19:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\wtxpcom

[2012/08/05 10:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Neneng Ebarle\Application Data\YTD

========== Purity Check ==========

< End of report >

#1
shiena

Posted 08 January 2015 - 05:06 AM

Advertisements

#2
RKinner

Posted 08 January 2015 - 04:30 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us