Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Re: Unable to upload pics from my PC to my Program:staged.co

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 12:21 am

I never got the request to RUN FIX! I think I still have some malware that I need to get rid of:MySearchDial (clueles as to what THAT is!)
conduit
sweetpacks
I shall try to upload my pictures into the "choose themes" on my one website in which I am having issues: http://www.staged.com
Also my Kudani program says I have plug ins in firefox that prevents it from copying text from my "aggregator" to my blogs: the ONLY plug in I have on firefox is kudani: Avast says that this program has a bda reputation... Their words! So, I may have to get them to help fix THAT issue- they tell me they can do so, but a of yet, I dont have the fre time to go online and let them use a "go to meeting" type program to "check stuff out"...
At any rate- I shall copy and paste the OTL.exe results below (in different pieces so as to not exceed 100,000 characters. BTW: What is:
RUN FIX -- and:
RUn Cleanup?
Not sure if I should run them- so far I have NOT!
Also- how do I replicate all the script you kindly provided that I copy and pasted in the OTL.exe "Cusom Scan./Fixes" space?
Also- when would you recommend I run: Quick Scan or "Run Scan" options in OTL.exe? I assume the ORL.exe is a program I should run periodically?
You know so much- I thank yu so much for your kind sharing f this very valuable knowledge/strategies to get rid of malware! Here is the first portion of the OTL.exe results:

OTL logfile created on: 6/12/2014 10:04:10 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\poc\Desktop\OTL_ADWCLEANER
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 49.87% Memory free
8.00 Gb Paging File | 5.52 Gb Available in Paging File | 69.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 412.62 Gb Free Space | 88.61% Space Free | Partition Type: NTFS
Drive D: | 38.28 Gb Total Space | 19.85 Gb Free Space | 51.87% Space Free | Partition Type: NTFS
Drive E: | 390.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.73 Gb Total Space | 366.05 Gb Free Space | 78.60% Space Free | Partition Type: NTFS

Computer Name: POC-PC | User Name: poc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/09 22:59:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\poc\Desktop\OTL_ADWCLEANER\OTL.com
PRC - [2014/06/05 21:05:52 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/06/05 00:03:41 | 000,109,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/06/04 23:52:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/05/19 18:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\poc\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/05/14 22:55:34 | 000,257,224 | ---- | M] (Microsoft Corporation) -- C:\Users\poc\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2014/05/09 22:36:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/05/09 16:39:04 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2014/05/09 16:23:24 | 005,562,736 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2014/05/09 16:21:56 | 000,295,800 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2014/04/25 14:14:28 | 004,101,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/04/25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/04/25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/12 10:43:39 | 001,876,816 | ---- | M] (SurfRight B.V.) -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
PRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/04/09 11:47:58 | 000,320,000 | ---- | M] (Photobucket) -- C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe
PRC - [2012/05/20 19:33:18 | 001,138,688 | ---- | M] (MAXA Research Int'l Inc.) -- C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe
PRC - [2012/05/16 21:35:54 | 001,913,344 | ---- | M] () -- C:\Program Files (x86)\All-in-One Submission 9.0\All-in-One Submission 9.58.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/12 21:14:19 | 000,043,008 | ---- | M] () -- c:\Users\poc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwczkpv.dll
MOD - [2014/06/04 23:52:29 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/05/15 00:14:13 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll
MOD - [2014/05/15 00:14:13 | 000,785,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\ee550c3d485d44c7fbeeafe12a3e318b\System.EnterpriseServices.ni.dll
MOD - [2014/05/15 00:14:13 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\ee550c3d485d44c7fbeeafe12a3e318b\System.EnterpriseServices.Wrapper.dll
MOD - [2014/05/09 22:36:18 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/04/25 14:11:24 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/04/25 14:11:22 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/04/25 14:11:20 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014/02/26 18:48:45 | 013,901,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\e1a31634a43becfaae07ce060f2d215b\System.Data.Entity.ni.dll
MOD - [2014/02/26 18:48:29 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/02/26 18:48:28 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\c6ab75afe61e2065e65a2faa795abff9\PresentationFramework-SystemCore.ni.dll
MOD - [2014/02/26 18:48:28 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/02/26 18:48:28 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\af02d03484578dbc357d1df8d1b6fd01\PresentationFramework-SystemData.ni.dll
MOD - [2014/02/26 18:47:50 | 000,124,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windc7c43db6#\d41dabb3af6c9f57cf35d4d414591184\System.Windows.Interactivity.ni.dll
MOD - [2014/02/26 18:47:22 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/02/26 18:47:16 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/26 18:47:16 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll
MOD - [2014/02/26 02:27:23 | 001,172,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data86569bbf#\42e4e0c2624e0f686d87fa4011455fac\System.Data.OracleClient.ni.dll
MOD - [2014/02/26 02:27:20 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
MOD - [2014/02/26 02:27:19 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/26 02:27:19 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\2526b5a3ab48717e858a08c3a4a8000c\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/02/26 02:27:17 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014/02/26 02:27:13 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/26 02:27:12 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
MOD - [2014/02/26 02:27:09 | 001,861,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\b71ff7f0fb61d547d06ba13548d68748\System.Deployment.ni.dll
MOD - [2014/02/26 02:27:03 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/26 02:27:02 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/26 02:27:01 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/26 02:27:01 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/02/26 02:27:00 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/02/26 02:26:56 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/26 02:26:56 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/02/26 02:26:54 | 001,632,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\e8f04d39ea7c8991d91498f2867f2c25\Microsoft.CSharp.ni.dll
MOD - [2014/02/26 02:26:54 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\fcffb45098807dbf4f96bb133936789a\System.Security.ni.dll
MOD - [2014/02/26 02:26:54 | 000,394,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\9c792f26e959188b200cd732e1c1d583\System.Dynamic.ni.dll
MOD - [2014/02/26 02:26:53 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/26 02:26:52 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/26 02:26:49 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/26 02:26:48 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/26 02:26:43 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/26 02:26:43 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2014/02/12 21:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 21:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 19:09:26 | 003,610,624 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 13:01:44 | 025,100,288 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/05/16 21:35:54 | 001,913,344 | ---- | M] () -- C:\Program Files (x86)\All-in-One Submission 9.0\All-in-One Submission 9.58.exe
MOD - [2010/12/19 20:19:56 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\MAXA Cookie Manager\DirectCOM.dll
MOD - [2010/12/19 20:16:06 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\MAXA Cookie Manager\sqlite36_engine.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/06/05 00:03:41 | 000,109,048 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2014/06/04 23:52:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/03/29 12:40:53 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/14 00:07:23 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/09 22:36:34 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/09 16:39:04 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2014/05/09 16:21:56 | 000,295,800 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014/04/12 10:43:39 | 001,876,816 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe -- (hmpalertsvc)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/30 22:25:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/06/05 00:04:55 | 000,447,888 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:64bit: - [2014/06/05 00:03:48 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2014/06/04 23:52:58 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/06/04 23:52:58 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/06/04 23:52:58 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/06/04 23:52:31 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/06/04 23:52:30 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/06/04 23:52:30 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/06/04 23:52:30 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/06/04 23:52:30 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/06/04 23:52:18 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:64bit: - [2014/04/28 03:33:58 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2014/04/12 10:43:39 | 000,093,144 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hmpalert.sys -- (hmpalert)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/09/16 22:43:28 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 15:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am
Advertisement
Register to Remove

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 12:23 am

Here is 2nd copy and paste of the script:

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 AA 46 A5 11 FE CE 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_enUS557
IE - HKCU\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKCU\..\SearchScopes\{9A3190D5-77A9-4E05-BC3F-2AEB4E23D2F8}: "URL" = http://ctrlq.org/google/?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultenginename: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultthis.engineName: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search"
FF - prefs.js..browser.search.order.1: "Microsoft (Bing)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: maxacookie%40maxatools.com:5.3.04
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.28
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/06/05 00:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\maxacookie@maxatools.com: C:\Program Files (x86)\MAXA Cookie Manager\extension [2013/07/04 15:01:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\sp2@sp.com: C:\Program Files (x86)\Social Privacy\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/07/25 22:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Extensions
[2014/06/04 23:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions
[2014/05/13 22:34:04 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2014/05/28 00:12:13 | 000,212,462 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\jid0-f3OYUKmtG4wmVwkBHma48wARqig@jetpack.xpi
[2014/05/17 22:21:16 | 000,164,313 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\rankchecker@seobook.com.xpi
[2014/01/04 01:09:24 | 000,024,838 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\sm@submitter.net.xpi
[2014/06/03 23:19:06 | 000,533,636 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/04/30 23:06:18 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/02 20:49:21 | 000,150,579 | ---- | M] () (No name found) -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi
[2014/06/04 23:57:44 | 000,005,830 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\searchplugins\bing-avast.xml
[2014/02/04 00:12:04 | 000,001,935 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\searchplugins\savefromnet---direct-links.xml
[2013/11/23 14:31:33 | 000,001,100 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\searchplugins\sweetpacks-a5-customized-web-search.xml
[2014/05/09 22:36:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 22:36:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/04 15:01:39 | 000,000,000 | ---D | M] (MAXA Cookie Manager) -- C:\PROGRAM FILES (X86)\MAXA COOKIE MANAGER\EXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.conduit.com/?ctid=CT33172 ... 7ED7&SSPV=
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Kudani FeedGrabber = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\behceiemikmgnpbcnbmjidgpkhdoammf\1.0_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: QuickPin = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhogoimaoahmedeeahleijnpljdbammj\0.1_0\
CHR - Extension: YouTube = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DuckDuckGo for Chrome = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\42.5.17_0\
CHR - Extension: Local Rss Reader = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cemddjmmnfebpkpkonmbkdmakilpkcid\0.1.8_0\
CHR - Extension: Google Search = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: FromDocToPDF = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp\8.27.3.62724_0\
CHR - Extension: MozBar = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp\3.0.69_0\
CHR - Extension: MozBar = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp\3.0.71_0\
CHR - Extension: Search All = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.2.20_0\
CHR - Extension: Just Pin It = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eokdcgmibpioegghefegkcdjcbiggefe\1.2.5_0\
CHR - Extension: avast! Online Security = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: SearchPreview = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\3.4_0\
CHR - Extension: Shareaholic for Pinterest = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\2.0.2_0\
CHR - Extension: Find similar images = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\maajjfmghhdilbcfpicokkfaafoapicg\0.1.1_0\
CHR - Extension: Pinner for Pinterest = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndiedfldbpmieeknpleihpglnhgonlni\1.95_0\
CHR - Extension: Google Wallet = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Personal Blocklist (by Google) = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\2.5.1_0\
CHR - Extension: Google Quick Scroll = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\2.2.2_0\
CHR - Extension: Gmail = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Space Planet = C:\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.2_0\

O1 HOSTS File: ([2014/06/04 23:19:51 | 000,450,029 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 updaterspro.com
O1 - Hosts: 127.0.0.1 browsersafeguard.com
O1 - Hosts: 127.0.0.1 thinkcreditreports.com
O1 - Hosts: 127.0.0.1 mindspark.com
O1 - Hosts: 127.0.0.1 loa.teebik.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 15474 more lines...
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Photobucket Backup] C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe (Photobucket)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [DRL Sheduler] C:\Program Files (x86)\All-in-One Submission 9.0\All-in-One Submission 9.58.exe ()
O4 - HKCU..\Run: [MSCS] C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe (MAXA Research Int'l Inc.)
O4 - HKCU..\Run: [SkyDrive] C:\Users\poc\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\poc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\poc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66846920-3138-4505-81DF-830DA6BEFF14}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9538853E-1BA6-4141-9062-9F66CCEEC04E}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9538853E-1BA6-4141-9062-9F66CCEEC04E}: NameServer = 75.126.206.18,184.173.169.186
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/29 15:16:26 | 000,000,113 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 12:24 am

3rd portion of the OUTPUT of OTL.exe:
[CREATERESTOREPOINT]
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/06/12 21:49:54 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/06/12 21:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/06/12 21:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/06/10 23:35:07 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/10 23:35:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/10 23:35:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/10 23:35:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/10 23:35:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/10 23:35:06 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/10 23:35:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/10 23:35:05 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/10 23:35:04 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/10 23:35:04 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/10 23:35:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/10 23:35:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/10 23:35:01 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/10 23:35:01 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/10 23:34:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/10 23:34:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/10 23:34:56 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/10 23:34:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/10 23:34:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/06/10 23:34:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/06/10 23:34:53 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/06/10 23:34:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/06/10 23:34:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/10 23:34:47 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/10 23:34:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/10 23:34:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/10 23:34:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/10 23:34:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/10 23:34:46 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/10 23:34:45 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/10 23:34:43 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/09 23:17:48 | 000,000,000 | ---D | C] -- C:\Users\poc\Desktop\OTL_ADWCLEANER
[2014/06/07 22:56:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/07 22:56:00 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/07 22:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/07 22:55:52 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/06/07 22:55:52 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/06/07 22:55:52 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/07 22:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/06 23:46:14 | 000,000,000 | -HSD | C] -- C:\Jumpshot
[2014/06/06 23:42:21 | 000,000,000 | ---D | C] -- C:\Windows\jumpshot.com
[2014/06/06 22:24:43 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/06 22:18:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/05 00:04:11 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014/06/05 00:03:41 | 000,447,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014/06/04 23:53:36 | 000,000,000 | ---D | C] -- C:\Users\poc\AppData\Roaming\AVAST Software
[2014/06/04 23:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/06/04 23:52:44 | 000,085,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/06/04 23:52:40 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1401947577172
[2014/06/04 23:52:40 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/06/04 23:52:40 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1401947577172
[2014/06/04 23:52:40 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/06/04 23:52:39 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/06/04 23:52:37 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/06/04 23:52:34 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/06/04 23:52:29 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/04 23:52:18 | 000,044,640 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\aswTap.sys
[2014/06/04 23:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/06/04 23:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/06/04 23:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TotalSystemCare
[2014/06/04 22:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/06/04 22:49:31 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/06/04 22:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/06/04 22:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/06/04 22:34:09 | 000,000,000 | ---D | C] -- C:\Users\poc\AppData\Local\WeatherBug
[2014/06/04 22:34:07 | 000,000,000 | ---D | C] -- C:\Users\poc\AppData\Roaming\WeatherBug
[2014/06/04 22:34:02 | 000,000,000 | ---D | C] -- C:\Users\poc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
[2014/06/04 22:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AWS
[2014/06/03 23:17:23 | 000,000,000 | R--D | C] -- C:\Users\poc\My SpeedyBackup SyncFolder
[2014/05/28 12:17:18 | 000,000,000 | ---D | C] -- C:\Users\poc\Desktop\KUDANIBU
[2014/05/28 11:53:09 | 000,000,000 | ---D | C] -- C:\Users\poc\Documents\__MACOSX
[2014/05/28 00:26:14 | 000,000,000 | ---D | C] -- C:\Users\poc\Desktop\kudani-images
[2014/05/28 00:23:44 | 000,000,000 | ---D | C] -- C:\Users\poc\Desktop\kudani-install
[2014/05/27 23:07:20 | 000,000,000 | ---D | C] -- C:\Users\poc\Documents\kudani
[2014/05/26 23:36:59 | 000,000,000 | ---D | C] -- C:\Users\poc\AppData\Roaming\com.pageone.Kudani
[2014/05/26 23:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PageOneTraffic
[2014/05/26 23:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PageOneTraffic
[2014/05/17 22:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All-in-One Submission 9.0
[2014/05/17 22:29:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/05/17 12:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2014/05/15 00:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 20:11:19 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 20:11:18 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 20:11:18 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 20:11:18 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 20:11:17 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 20:11:17 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 20:11:16 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 20:11:16 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 20:11:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 20:11:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 20:11:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 20:11:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 20:11:15 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 20:11:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 20:11:15 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 20:11:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 20:11:15 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 20:11:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 20:11:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 20:11:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 20:11:14 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 20:11:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 20:11:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/13 22:25:03 | 000,000,000 | ---D | C] -- C:\Users\poc\Desktop\STAGEDFRAMESSTAGES
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/12 22:07:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/12 22:02:28 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/12 21:51:01 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-POC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
[2014/06/12 21:49:20 | 000,002,249 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/06/12 21:30:09 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/06/12 21:21:15 | 000,020,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 21:21:15 | 000,020,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 21:17:08 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Startup.job
[2014/06/12 21:14:11 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/12 21:11:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/12 21:11:19 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/10 23:00:04 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Scan.job
[2014/06/10 22:18:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1338860540-2610657624-1817482183-1000UA.job
[2014/06/08 03:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 03:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/07 22:55:39 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/07 22:55:36 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/07 22:55:36 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/06/07 22:55:35 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/06/06 23:46:51 | 008,912,896 | -HS- | M] () -- C:\Users\poc\.ghost-ntfs-3g-00000000000000000009
[2014/06/06 22:34:57 | 000,001,180 | ---- | M] () -- C:\Users\poc\Desktop\adwcleaner_3.212 - Shortcut.lnk
[2014/06/05 23:01:19 | 000,000,787 | ---- | M] () -- C:\Windows\wininit.ini
[2014/06/05 00:39:42 | 000,004,634 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/06/05 00:05:40 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/06/05 00:04:55 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014/06/05 00:03:48 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014/06/04 23:57:44 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/04 23:52:58 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/06/04 23:52:58 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/06/04 23:52:58 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/06/04 23:52:31 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1401947577172
[2014/06/04 23:52:31 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/06/04 23:52:30 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1401947577172
[2014/06/04 23:52:30 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/06/04 23:52:30 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/06/04 23:52:30 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/06/04 23:52:30 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/06/04 23:52:30 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/06/04 23:52:29 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/04 23:52:18 | 000,044,640 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\aswTap.sys
[2014/06/04 23:19:51 | 000,450,029 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/06/04 23:14:40 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/04 22:34:04 | 000,000,812 | ---- | M] () -- C:\Users\poc\Desktop\WeatherBug.lnk
[2014/06/03 23:53:20 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/06/01 21:04:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1338860540-2610657624-1817482183-1000Core.job
[2014/05/30 22:48:41 | 000,000,997 | ---- | M] () -- C:\Users\poc\Desktop\Traffic Travis v4.lnk
[2014/05/28 00:25:01 | 021,608,432 | ---- | M] () -- C:\Users\poc\Documents\kudani-images.zip
[2014/05/28 00:23:30 | 012,953,296 | ---- | M] () -- C:\Users\poc\Desktop\kudani-install.zip
[2014/05/27 21:46:10 | 000,001,009 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/26 23:36:53 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Kudani.lnk
[2014/05/25 22:28:43 | 000,786,474 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/25 22:28:43 | 000,665,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/25 22:28:43 | 000,123,096 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/23 20:48:10 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/05/23 20:46:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/05/23 20:46:42 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/23 20:46:36 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/05/23 20:46:15 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/05/23 20:46:15 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/05/23 20:46:07 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/05/23 20:46:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/05/23 20:46:07 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/05/23 20:46:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/05/23 20:45:46 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/05/23 20:45:46 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/05/23 20:45:26 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/05/23 19:26:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/05/23 19:26:04 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/23 19:25:52 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/05/23 19:25:49 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/05/23 19:25:49 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/05/23 19:25:49 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/05/23 19:25:49 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/05/23 19:25:25 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/05/23 18:13:44 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/05/23 18:06:55 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/05/17 22:29:40 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\All-in-One Submission 9.58 Scheduler.lnk
[2014/05/17 22:29:40 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\All-in-One Submission 9.58.lnk
[2014/05/15 21:33:15 | 000,000,884 | RHS- | M] () -- C:\Users\poc\ntuser.pol
[2014/05/14 00:07:22 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 00:07:22 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/12 21:51:01 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-POC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
[2014/06/12 21:49:20 | 000,002,249 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/06/12 21:15:24 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/06/07 09:57:22 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\SlimCleaner Scan.job
[2014/06/06 22:34:57 | 000,001,180 | ---- | C] () -- C:\Users\poc\Desktop\adwcleaner_3.212 - Shortcut.lnk
[2014/06/05 23:01:12 | 000,000,787 | ---- | C] () -- C:\Windows\wininit.ini
[2014/06/05 00:05:40 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/06/04 23:52:43 | 000,208,416 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/06/04 23:52:40 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/06/04 23:52:39 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/06/04 22:49:40 | 000,001,405 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/06/04 22:34:04 | 000,000,812 | ---- | C] () -- C:\Users\poc\Desktop\WeatherBug.lnk
[2014/06/03 23:53:20 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/06/03 22:46:18 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\SparkTrust Update Version3_triggeronce.job
[2014/05/28 11:52:58 | 021,608,432 | ---- | C] () -- C:\Users\poc\Documents\kudani-images.zip
[2014/05/28 00:23:18 | 012,953,296 | ---- | C] () -- C:\Users\poc\Desktop\kudani-install.zip
[2014/05/26 23:36:53 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Kudani.lnk
[2014/05/17 22:29:40 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\All-in-One Submission 9.58 Scheduler.lnk
[2014/05/17 22:29:40 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\All-in-One Submission 9.58.lnk
[2014/05/17 22:29:37 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\dbrename7.exe
[2014/05/11 23:49:33 | 000,000,062 | ---- | C] () -- C:\Windows\submitequalizer.ini
[2014/04/28 03:33:58 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2013/11/22 23:35:40 | 000,003,072 | ---- | C] () -- C:\Users\poc\AppData\Roaming\ARW.settings
[2013/10/07 23:40:24 | 000,000,485 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/09/14 23:54:46 | 000,000,884 | RHS- | C] () -- C:\Users\poc\ntuser.pol
[2013/09/13 01:31:48 | 000,778,596 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/28 23:54:24 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/05/28 23:54:24 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2140.DAT
[2013/05/28 20:25:33 | 008,912,896 | -HS- | C] () -- C:\Users\poc\.ghost-ntfs-3g-00000000000000000009
[2013/05/28 20:18:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 20:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< :Commands >

< >

< :Reg >

< [-HKEY_CURRENT_USER\"Software\iLivid] >

< [-HKEY_CURRENT_USER\Software\FreeDownloadManager.ORG\Free Download Manager\Settings\Network\Bittorrent] >

< [-HKEY_CURRENT_USER\Software\Trolltech] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(1).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(10).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(11).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(14).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(3).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(4).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r1315-n-bf(6).exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r139-n-bf.exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r418-n-bf.exe] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\FreeDownloadManager.ORG\Free Download Manager\Settings\Network\Bittorrent] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\"Software\iLivid] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Trolltech] >

< [-HKEY_CURRENT_USER\Software\AppDataLow\Software\Installl_Converter_A\toolbar\Settings] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\MySearchDial] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994FB08B-DFF6-40F5-AE7F-D551E534450F}] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com] >

< [-HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\DefaultTab] >

< [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com] >

< [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mysearchdialcdn.com] >

< [HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\AppDataLow\Software\Installl_Converter_A\toolbar\Settings] >

< "SearchFromAddressUrl"=- >

< [HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\AppDataLow\Software\Installl_Converter_A\toolbar\Settings\Search\Settings] >

< "ContextMenuSearchUrl"=- >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\MySearchDial] >

< [-HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\DefaultTab] >

< [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com] >

< [-HKEY_CURRENT_USER\Software\AppDataLow\Software\Installl_Converter_A\toolbar] >

< [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes] >

< "DoNotAskAgain"=- >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E4542C1-99D6-439D-ADBE-75A98FFBB8D8}] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\AppDataLow\Software\Installl_Converter_A\toolbar] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\viraltrafficfrenzy] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\viraltrafficfrenzy] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect] >

< [-HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\DefaultTab] >

< [-HKEY_USERS\.DEFAULT\Software\DefaultTab] >

< [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] >

< [-HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\DefaultTab] >

< [-HKEY_USERS\S-1-5-18\Software\DefaultTab] >

< [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\SweetPacks] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\SweetPacks_A5] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\SweetPacks] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\SweetPacks_A5] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_USERS\S-1-5-21-1338860540-2610657624-1817482183-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com] >

< [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com] >

< >

< :Files >

< C:\Downloads\Video\iLividSetup-r139-n-bf.exe >
[2014/02/04 00:50:23 | 001,751,600 | ---- | M] (Bandoo Media Inc) -- C:\Downloads\Video\iLividSetup-r139-n-bf.exe

< C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\CT3294791\CT3294791.searchProtectorData >
[2014/02/26 20:03:17 | 000,000,000 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\CT3294791\CT3294791.searchProtectorData

< C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll >
[1979/11/30 01:00:00 | 000,254,976 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll

< C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll >
[1979/11/30 01:00:00 | 000,254,976 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll

< C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll >
[1979/11/30 01:00:00 | 000,254,976 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll

< C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\searchplugins\sweetpacks-a5-customized-web-search.xml >
[2013/11/23 14:31:33 | 000,001,100 | ---- | M] () -- C:\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\searchplugins\sweetpacks-a5-customized-web-search.xml

< C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834 >

< C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_en >

< >

< :Commands >

< [EMPTYTEMP] >

< [EMPTYFLASH] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 12:33 am

I still get the same problem- but ONLY in the one wesite: http://www.staged.com

I get this message in Chrome, for example, after I try to upload a pic from my desktop to the websites "Launch theme Chooser):

Oops! Google Chrome could not connect to staged.com

Try reloading: staged.­com

I t freezes up - but ONLY on the staged.com website.. I can still ue the fire fox / chrome browsers OK- but it is only with at that one website I am having this issue... They say I have malware.
Duh!

I think they ar correct- when I replicate this from other locations/ PCs - I do not have this issue...
So, I guess I may need to run the FIX or the RUN L CLEANER in OTL.exe?
Not sure- so will await your suggestions...

I HAVE thought of simply reformating my HD - BUT I really dont have the i time, and if this is the only issue I am having, then I may have to live with this malware..
Anyway---- sorry to be a bother.. You have remained most kind and patient thru out this exchange.
If you dont want to help anymore, I will understand.. Thank you and if you ant to still help- am OK with that (and very grateful)
Courtenay in Albuquerque NM
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Unable to upload pics from my PC to my Program:staged.co

Unread postby nunped » June 13th, 2014, 6:44 am

Hi Courtenay,

I need you to try again with OTL.
You have copy the fix I provided you in my previous reply, paste it on the Custom Scans/Fixes textbox in OTL and then, instead of clicking on Run Scan click on the Run Fix button.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 8:12 pm

No problem: I shall do the Run FIx tonight. Thank you so much (again)! Courtenay :)
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 11:33 pm

I ran the RUN FIX-- However, there is no OTL.txt file that was created. Should I run CLEANUP? I won't do anything until you "give the green light"... I shall see if the problem with the one website, staged.com is "resolved"... IF I do not post a reply tonite- it means it was not resolved... NOT a biggie--- I can live with it if necessary--- until I reformat my HD (whcih I hate ).... Anyway- please have a nice weekend... :)
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 13th, 2014, 11:49 pm

I was at last successful in uploading a picture from my desktop to my stged website.... I can only assume you are responsible for this! Thank you so much!!! Shouild I run CLEANUP? If not- I won't do it... As for the other opti9ns on OTL: Purity Check,etc... do I ever want to run them? I assume "NO"... Would theere ever be a time in the future that I would want to run the ADsCleaer (or AsdCleaner- can't recall which - but I DO have it in a file on my desktop).... I marvel at your wealth of knowledge.... In the future, is there a way I can duplicate what you did, in derving the script for my OTL (scan and Run Fix)? I am a noob when it comes to this business of malware removal.... At any rate, thank you: If I need to do something more- I am open to your guidance... God bless... Courtenay in Albuquerque NM :)
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Unable to upload pics from my PC to my Program:staged.co

Unread postby nunped » June 14th, 2014, 9:20 am

Hi Courtenay,

You are very welcome!

I repeat: please do not try to run adwCleaner unassisted, or OTL or to compile an OTL fix. Those can harm your system when used without the proper training.
If you'd like to learn more about malware fighting, this site as a great school for which you can try to apply. viewtopic.php?f=201&t=61859

But we're not done with the cleaning yet:
ESET NOD32 Online Scan
Note: If using Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted... then right click on it and select "run as administrator" to install.
Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.
Do NOT use the computer while the scan is running... make sure all other programs and windows are closed!


Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.
  • Click the [Run ESET Online Scanner] button.
  • Read the End User License Agreement and check the box: [Yes, I accept the terms of use].
  • Click the green [Start] button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
    If your browser blocks or halts a download, please allow it to download any required files.
  • Under scan settings:
    • Check "Scan archives"
    • Remove found threats is UNCHECKED
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the [Start] button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while (sometimes a few hours) so please be patient. Do NOT use the computer while the scan is running.
  • When the scan completes, press the text: Image
  • Press the text: Image ... then save the file to your desktop as ESETScan.txt.
  • Press the [Back] button, then press the [Finish] button.
  • Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Remember to enable your Anti-virus protection before continuing!
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 14th, 2014, 4:58 pm

Thank you: I shall run the scan as you direct.... Will check out the school link also--- time permitting. Your kindness and sharing of your valuable time and knowledge is very much appreciated. God bless... Courtenay
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 16th, 2014, 8:50 am

IESET found 203 threats:
C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir a variant of MSIL/DomaIQ.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe.vir a variant of MSIL/Adware.iBryte.D application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\hk64tbvira.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\hktbvira.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\ldrtbvira.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\tbvira.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\viraltrafficfrenzyToolbarHelper.exe.vir Win32/Toolbar.Conduit.V potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\hk64tbVafm.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\hktbVafm.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\ldrtbVafm.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\tbVafm.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hk64tbvira.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hktbvira.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\ldrtbvira.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\tbvira.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
C:\Downloads\Video\iLividSetup-r139-n-bf.exe Win32/iLivid.A potentially unwanted application
C:\Program Files (x86)\NCH Software\ClassicFTP\classicftp.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\ClassicFTP\classicftpsetup_v2.31.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\PhotoPad\photopad.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\PhotoPad\photopadsetup_v2.37.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Pixillion\pixillion.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Pixillion\pixillionsetup_v2.59.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Users\poc\AppData\Local\CRE\ogjjgjdbfagcdimmmjbloldfadpcohek.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\hk64tbInst.dll Win64/Toolbar.Conduit.B potentially unwanted application
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\hktbInst.dll Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\ldrtbInst.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\tbInst.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application
C:\Users\poc\AppData\Roaming\52ef2cea0256d01004001266\52ef2cea0256d01004001266.exe Win32/DownWare.V potentially unwanted application
C:\Users\poc\AppData\Roaming\52f0876ae56da16d430011bf\52f0876ae56da16d430011bf.exe Win32/DownWare.V potentially unwanted application
C:\Users\poc\Desktop\BIZINABOX\WinRAR_TSV3BYJI.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\poc\Desktop\UTILITIES\FTP\BANNERSETUP.exe a variant of Win32/AdWare.iBryte.Q application
C:\Users\poc\Desktop\UTILITIES\FTP\cftpfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Users\poc\Desktop\UTILITIES\FTP\DLLHelper.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\poc\Downloads\Auto-Social-Bookmarker-PRO-installer.zip Win32/OpenCandy potentially unsafe application
C:\Users\poc\Downloads\cbsidlm-cbsi188-The_Classified_Connection-ORG-10136534.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\poc\Downloads\ccsetup403.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\poc\Downloads\FreeUltimateFileOpener_Installer.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\poc\Downloads\MassTrafficBlogRSSSubmitter.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\MassTrafficInstantFreeBacklinks.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\MassTrafficSESubmitter.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\MassTrafficURLScraperBigG.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\MassTrafficURLScraperEA.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\MassTrafficURLScraperTube.zip a variant of Win32/Somoto.A potentially unwanted application
C:\Users\poc\Downloads\Proactime_Light-ORG-75147297.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\poc\Downloads\spybot-setup(1).exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\poc\Downloads\spybot-setup.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Windows\Installer\MSI292.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application
D:\IRS_USB\LEXAR\FTP\cftpfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
D:\IRS_USB\LEXAR\FTP\DLLHelper.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
D:\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 2.zip Win32/Toolbar.Conduit potentially unwanted application
D:\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 5.zip a variant of Win32/CNETInstaller.B potentially unwanted application
D:\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 6.zip Win32/Toolbar.Conduit potentially unwanted application
D:\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 7.zip Win32/Toolbar.Conduit potentially unwanted application
D:\STORE N GO\SAFARI\SoftonicToolbar.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
F:\POC-PC\Backup Set 2012-05-28 205603\Backup Files 2012-05-28 205603\Backup files 2.zip Win32/Toolbar.Conduit potentially unwanted application
F:\POC-PC\Backup Set 2012-05-28 205603\Backup Files 2012-05-28 205603\Backup files 5.zip a variant of Win32/CNETInstaller.B potentially unwanted application
F:\POC-PC\Backup Set 2012-05-28 205603\Backup Files 2012-05-28 205603\Backup files 7.zip Win32/Toolbar.Conduit potentially unwanted application
F:\SAFARI\SoftonicDownloader63183.exe Win32/SoftonicDownloader.A potentially unwanted application
F:\SAFARI\SoftonicToolbar.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.1a2c2c44.63f7.11e1.9210.806e6f6e6963\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 2.zip Win32/Toolbar.Conduit potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.1a2c2c44.63f7.11e1.9210.806e6f6e6963\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 5.zip a variant of Win32/CNETInstaller.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.1a2c2c44.63f7.11e1.9210.806e6f6e6963\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 6.zip Win32/Toolbar.Conduit potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.1a2c2c44.63f7.11e1.9210.806e6f6e6963\POC-PC\Backup Set 2012-05-28 114326\Backup Files 2012-05-28 114326\Backup files 7.zip Win32/Toolbar.Conduit potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir a variant of MSIL/DomaIQ.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe.vir a variant of MSIL/Adware.iBryte.D application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\hk64tbvira.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\hktbvira.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\ldrtbvira.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\tbvira.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Program Files (x86)\viraltrafficfrenzy\viraltrafficfrenzyToolbarHelper.exe.vir Win32/Toolbar.Conduit.V potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\hk64tbVafm.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\hktbVafm.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\ldrtbVafm.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\tbVafm.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\Vafmusic8\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hk64tbvira.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hktbvira.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\ldrtbvira.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\tbvira.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\AdwCleaner\Quarantine\C\Users\poc\AppData\LocalLow\viraltrafficfrenzy\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Downloads\Video\iLividSetup-r139-n-bf.exe Win32/iLivid.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files\Uninstaller\Uninstall.exe a variant of MSIL/DomaIQ.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe a variant of MSIL/Adware.iBryte.D application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\Community Alerts\Alert0.dll Win32/Toolbar.Conduit.Y potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3289663\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3289847\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3294791\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3298573\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3303001\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3310511\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Conduit\CT3311668\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js Win32/Conduit.SearchProtect.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\ClassicFTP\classicftp.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\ClassicFTP\classicftpsetup_v2.31.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\PhotoPad\photopad.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\PhotoPad\photopadsetup_v2.37.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\Pixillion\pixillion.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\NCH Software\Pixillion\pixillionsetup_v2.59.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\bin\ChromeModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\bin\SPRunner.exe a variant of Win32/Conduit.SearchProtect.D potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js Win32/Conduit.SearchProtect.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\The Classified Connection Demo\ccmain.exe a variant of Win32/Packed.Themida potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\The Classified Connection Demo\updst.exe a variant of Win32/Packed.Themida potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\hk64tbVafm.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\hktbVafm.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\ldrtbVafm.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\prxtbVafm.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\tbVafm.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\Vafmusic8\Vafmusic8ToolbarHelper.exe Win32/Toolbar.Conduit.V potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\viraltrafficfrenzy\hk64tbvira.dll Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\viraltrafficfrenzy\hktbvira.dll Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\viraltrafficfrenzy\ldrtbvira.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\viraltrafficfrenzy\tbvira.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Program Files (x86)\viraltrafficfrenzy\viraltrafficfrenzyToolbarHelper.exe Win32/Toolbar.Conduit.V potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll Win32/Toolbar.Conduit.Y potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll Win32/Toolbar.Conduit.Y potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll Win32/Toolbar.Conduit.Y potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\CRE\mogmppbjfkngfoaecoialclfiabnpndg.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\CRE\ogjjgjdbfagcdimmmjbloldfadpcohek.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd\10.22.5.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd\10.22.5.510_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibleipkbineaadpnemmalkahodjhdbd\10.22.5.510_0\TBHostSupport\TBHostSupport.dll a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogmppbjfkngfoaecoialclfiabnpndg\10.22.5.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogmppbjfkngfoaecoialclfiabnpndg\10.22.5.510_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogmppbjfkngfoaecoialclfiabnpndg\10.22.5.510_0\TBHostSupport\TBHostSupport.dll a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjjgjdbfagcdimmmjbloldfadpcohek\10.31.0.526_0\APISupport\APISupport.dll Win32/Conduit.SearchProtect potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjjgjdbfagcdimmmjbloldfadpcohek\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjjgjdbfagcdimmmjbloldfadpcohek\10.31.0.526_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Local\NativeMessaging\CT3314312\1_0_0_2\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Installl_Converter_A\hk64tbInst.dll Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Installl_Converter_A\hktbInst.dll Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Installl_Converter_A\ldrtbInst.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Installl_Converter_A\tbInst.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\61154ec1-70001bcc Java/Exploit.Agent.OOW trojan
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Vafmusic8\hk64tbVafm.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Vafmusic8\hktbVafm.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Vafmusic8\ldrtbVafm.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Vafmusic8\tbVafm.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\Vafmusic8\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hk64tbvira.dll Win64/Toolbar.Conduit.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\viraltrafficfrenzy\hktbvira.dll Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\viraltrafficfrenzy\ldrtbvira.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\viraltrafficfrenzy\tbvira.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\LocalLow\viraltrafficfrenzy\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\52ef2cea0256d01004001266\52ef2cea0256d01004001266.exe Win32/DownWare.V potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\52f0876ae56da16d430011bf\52f0876ae56da16d430011bf.exe Win32/DownWare.V potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\Mozilla\Firefox\Profiles\5ncp2a6q.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\Plugins\npConduitFirefoxPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\bin\ChromeModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\bin\SPRunner.exe a variant of Win32/Conduit.SearchProtect.D potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js Win32/Conduit.SearchProtect.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\BIZINABOX\WinRAR_TSV3BYJI.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\FTP\BANNERSETUP.exe a variant of Win32/AdWare.iBryte.Q application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\FTP\cftpfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\FTP\DLLHelper.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\UTILITIES\FTP\BANNERSETUP.exe a variant of Win32/AdWare.iBryte.Q application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\UTILITIES\FTP\cftpfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Desktop\UTILITIES\FTP\DLLHelper.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\angry-birds-space.exe a variant of Win32/InstallCore.CH potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\Auto-Social-Bookmarker-PRO-installer.zip Win32/OpenCandy potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\cbsidlm-cbsi183-TrafficBoosterPro_RSS_Submitter-SEO-10671369.exe a variant of Win32/CNETInstaller.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\cbsidlm-cbsi188-The_Classified_Connection-ORG-10136534.exe a variant of Win32/CNETInstaller.B potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\ccsetup403.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\CodecPackage.exe a variant of Win32/InstallCore.GZ potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\FreeUltimateFileOpener_Installer.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\InstallConverter.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\InstallConverter_TSV258R7B.exe Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\InstallConverter_TSV258R99.exe Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\kindleforpc-setup.exe Win32/DownloadAdmin.G potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficBlogRSSSubmitter.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficInstantFreeBacklinks.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficSESubmitter.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficURLScraperBigG.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficURLScraperEA.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\MassTrafficURLScraperTube.zip a variant of Win32/Somoto.A potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\Proactime_Light-ORG-75147297.exe Win32/DownloadAdmin.G potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\Setup.exe a variant of Win32/AdWare.iBryte.Q application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\spybot-setup(1).exe Win32/DownloadAdmin.G potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\spybot-setup.exe Win32/DownloadAdmin.G potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\tb_viraltrafficfrenzy_brff.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\Video_Converter(1).exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\Video_Converter.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\WinRAR_TSV3BYJI.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
F:\WD SmartWare.swstor\POC-PC\Volume.9a502707.c805.11e2.aaec.806e6f6e6963\Users\poc\Downloads\ZipSetup.exe a variant of Win32/InstallCore.KC potentially unwanted application
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 16th, 2014, 8:53 am

I noticed that quite a few items were previously not found by Avast! A number of items were indeed found by AdwCleaner. Am I correct in assuming that ESET would be a better choice ofr me to use as a real-time anti-virus program (in lieu of Acast?). Also- is ESET compatible with Malware bytes Antimalware Pro? I bought the lifetime license (2013 version)- some users felt it is a better program than the one where you have to pay an annual fee to keep using it. Thnak you.
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Unable to upload pics from my PC to my Program:staged.co

Unread postby nunped » June 16th, 2014, 10:25 am

Hi Courteney,

Online scans as this one by ESET are useful because they scan your drives without being messed up by malware you have running. However, they are prone to find lots of false positives and you shouldn't remove everything it founds.
When we finish the cleaning, I'll give you some advise to keep safe while surfing. If you also have an updated antivirus (it's hard to say what's the best, none is perfect and none will prevent you from being infected if you are a reckless internet "downloader"), you should be safe. I personally use avast! with no issues...
Malwarebytes anti-malware is a great program, and I also use it myself.

Most of the files found by ESET are backup files. If you don't need your previous backups, I advise you to delete them and create new ones when we finish. If you'd like to keep them, I advise you to scan them with any antivirus if you ever need to use them.

Let's clear some more remnants and please tell me how the computer is behaving afterwards.
Fix with OTL
  • Right click OTL.exe and select "Run as Administrator" to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Do not include the words "Code: Select all". Press "Select all" to automatically select all the text on the box.
Code: Select all
:commands
[createrestorepoint]

:files
ipconfig /flushdns /c
C:\Downloads\Video\iLividSetup-r139-n-bf.exe
C:\Users\poc\AppData\Local\CRE\ogjjgjdbfagcdimmmjbloldfadpcohek.crx
C:\Users\poc\AppData\LocalLow\Installl_Converter_A
C:\Users\poc\AppData\Roaming\52ef2cea0256d01004001266\52ef2cea0256d01004001266.exe
C:\Users\poc\AppData\Roaming\52f0876ae56da16d430011bf\52f0876ae56da16d430011bf.exe
C:\Users\poc\Desktop\BIZINABOX\WinRAR_TSV3BYJI.exe
C:\Users\poc\Desktop\UTILITIES\FTP\BANNERSETUP.exe
C:\Users\poc\Desktop\UTILITIES\FTP\cftpfree.exe
C:\Users\poc\Desktop\UTILITIES\FTP\DLLHelper.exe
C:\Users\poc\Downloads\Auto-Social-Bookmarker-PRO-installer.zip
C:\Users\poc\Downloads\cbsidlm-cbsi188-The_Classified_Connection-ORG-10136534.exe
C:\Users\poc\Downloads\ccsetup403.exe
C:\Users\poc\Downloads\FreeUltimateFileOpener_Installer.exe
C:\Users\poc\Downloads\MassTrafficBlogRSSSubmitter.zip
C:\Users\poc\Downloads\MassTrafficInstantFreeBacklinks.zip
C:\Users\poc\Downloads\MassTrafficSESubmitter.zip
C:\Users\poc\Downloads\MassTrafficURLScraperBigG.zip
C:\Users\poc\Downloads\MassTrafficURLScraperEA.zip
C:\Users\poc\Downloads\MassTrafficURLScraperTube.zip
C:\Users\poc\Downloads\Proactime_Light-ORG-75147297.exe
C:\Windows\Installer\MSI292.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 16th, 2014, 7:55 pm

OK - will do! Get back to you soon! :)
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am

Re: Re: Unable to upload pics from my PC to my Program:stage

Unread postby theprofitteam » June 17th, 2014, 1:46 am

Here is the print out of the OTL after I ran RUN FIX--- the computer appears to run very well at this stage.. Let me know if I need to do some clean up though.... Will want to delte the backups that ESET previously found... Asume that at the end of the fixes, I would then run ESET with the objective to delete the backups.... Thank you again:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\poc\Desktop\OTL_ADWCLEANER\cmd.bat deleted successfully.
C:\Users\poc\Desktop\OTL_ADWCLEANER\cmd.txt deleted successfully.
C:\Downloads\Video\iLividSetup-r139-n-bf.exe moved successfully.
C:\Users\poc\AppData\Local\CRE\ogjjgjdbfagcdimmmjbloldfadpcohek.crx moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\UserDefinedItems folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_en\ToolbarTranslation folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_en folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834\ToolbarSettings folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834\ToolbarLogin folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834\ToolbarHiddenSettings folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834\DynamicDialogs folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834\AppsMetaData folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository\conduit_CT3311834_CT3311834 folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Repository folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\RadioPlayer folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12 folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B} folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\plugins folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\MyStuffApps folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\Logs folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\ExternalComponent folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\EmailNotifier folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A\CacheIcons folder moved successfully.
C:\Users\poc\AppData\LocalLow\Installl_Converter_A folder moved successfully.
C:\Users\poc\AppData\Roaming\52ef2cea0256d01004001266\52ef2cea0256d01004001266.exe moved successfully.
C:\Users\poc\AppData\Roaming\52f0876ae56da16d430011bf\52f0876ae56da16d430011bf.exe moved successfully.
C:\Users\poc\Desktop\BIZINABOX\WinRAR_TSV3BYJI.exe moved successfully.
C:\Users\poc\Desktop\UTILITIES\FTP\BANNERSETUP.exe moved successfully.
C:\Users\poc\Desktop\UTILITIES\FTP\cftpfree.exe moved successfully.
C:\Users\poc\Desktop\UTILITIES\FTP\DLLHelper.exe moved successfully.
C:\Users\poc\Downloads\Auto-Social-Bookmarker-PRO-installer.zip moved successfully.
C:\Users\poc\Downloads\cbsidlm-cbsi188-The_Classified_Connection-ORG-10136534.exe moved successfully.
C:\Users\poc\Downloads\ccsetup403.exe moved successfully.
C:\Users\poc\Downloads\FreeUltimateFileOpener_Installer.exe moved successfully.
C:\Users\poc\Downloads\MassTrafficBlogRSSSubmitter.zip moved successfully.
C:\Users\poc\Downloads\MassTrafficInstantFreeBacklinks.zip moved successfully.
C:\Users\poc\Downloads\MassTrafficSESubmitter.zip moved successfully.
C:\Users\poc\Downloads\MassTrafficURLScraperBigG.zip moved successfully.
C:\Users\poc\Downloads\MassTrafficURLScraperEA.zip moved successfully.
C:\Users\poc\Downloads\MassTrafficURLScraperTube.zip moved successfully.
C:\Users\poc\Downloads\Proactime_Light-ORG-75147297.exe moved successfully.
C:\Windows\Installer\MSI292.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll moved successfully.
File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll not found.
File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll not found.
File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: poc
->Temp folder emptied: 17487398 bytes
->Temporary Internet Files folder emptied: 3571849 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14545992 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 57316 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170940301 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1619432 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42380931 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 239.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06162014_232216

Files\Folders moved on Reboot...
C:\Users\poc\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\poc\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\poc\AppData\Local\Temp\~DF822CAFAF325ADB41.TMP not found!
File\Folder C:\Users\poc\AppData\Local\Temp\~DF92E4639ADE99C984.TMP not found!
File\Folder C:\Users\poc\AppData\Local\Temp\~DF9799C54086915086.TMP not found!
File\Folder C:\Users\poc\AppData\Local\Temp\~DFA4ABD903222365FB.TMP not found!
File\Folder C:\Users\poc\AppData\Local\Temp\~DFC571E05B39A9A377.TMP not found!
File\Folder C:\Users\poc\AppData\Local\Temp\~DFDCE993AE15599DDF.TMP not found!
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQ83ZW8Z\0[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQ83ZW8Z\frame2[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQ83ZW8Z\Home[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQ83ZW8Z\pre[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PQ83ZW8Z\rs=AItRSTPwHL-aloGlQ2J1yjFjQFFgM1apMw[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L203LF39\hscv[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L203LF39\msnhomepagehistory[1].js moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L203LF39\sck[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L203LF39\transportevents[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\frame2[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\hscv[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\msn_com[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\postmessageRelay[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\proxy[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E9K3K5LZ\proxy[2].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\0[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\0[2].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\65698178[1].js moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\chat[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\flex[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\frame[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\incoming_message_eb39ce414e3ffba41a8e173581dc7248[1].dat moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\incoming_video_long_e5df1b5146e9cbdba78af43d60005200[1].dat moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\incoming_video_long_e5df1b5146e9cbdba78af43d60005200[1].mp3 moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\incoming_video_short_5abdd7c1c7fa8bbd5d6b4733de315c59[1].dat moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\postmessageRelay[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\recentposts[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\sck[1].htm moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ET453US\trilla[1].dat moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\poc\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\etilqs_HctiTUnoYY4N9Ef not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
theprofitteam
Regular Member
 
Posts: 28
Joined: June 4th, 2014, 12:19 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 17 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware