Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdChoices is over taking my PC


  • This topic is locked This topic is locked
7 replies to this topic

#1 ptiinc

ptiinc

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phila
  • Local time:07:31 AM

Posted 06 July 2014 - 08:35 PM

Hi Everyone'

I know my problem, isn't as severe as many posted here.

But' for all of us dealing with the AdChoice popping up..

I thought this was just a Google Chrome problem, but I,m also having

issues with this on Fire Fox..

 

Thanks in advance' for any advice on how to get rid of or control this issue.

 



BC AdBot (Login to Remove)

 


m

#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:31 AM

Posted 06 July 2014 - 09:14 PM

Hello 

ptiinc

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

2.

Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next Reply.

 

3.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 ptiinc

ptiinc
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phila
  • Local time:07:31 AM

Posted 07 July 2014 - 05:27 AM

Hi Fireman' Thanks for responding! Here are my results...I will now Download, run Junkware remover.. I will post that next. # AdwCleaner v3.214 - Report created 07/07/2014 at 06:14:21 # Updated 29/06/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : PTIINC - PTIINC-HP # Running from : C:\Users\PTIINC\Downloads\AdwCleaner (1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\NetCrawl Folder Deleted : C:\Program Files (x86)\Skillbrains Folder Deleted : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1} Folder Deleted : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219} Folder Deleted : C:\Users\PTIINC\AppData\Local\Skillbrains Folder Deleted : C:\Users\PTIINC\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z Folder Deleted : C:\Users\PTIINC\AppData\Roaming\DigitalSites Folder Deleted : C:\Users\PTIINC\AppData\Roaming\RocketUpdater File Deleted : C:\Users\PTIINC\daemonprocess.txt File Deleted : C:\Users\PTIINC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay.lnk File Deleted : C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\user.js File Deleted : C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage File Deleted : C:\Windows\Tasks\Digital Sites.job File Deleted : C:\Windows\Tasks\update-sys.job ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Deleted : HKCU\Software\SkillBrains Key Deleted : HKCU\Software\WSE Rocket Key Deleted : HKLM\Software\SkillBrains Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1} Key Deleted : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D Key Deleted : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91 Key Deleted : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D Key Deleted : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\prefs.js ] Line Deleted : user_pref("extensions.irmysearch.aflt", "dsites"); Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDzztB0EyD0FzzzzyEzz0C0A0A0EyEyCtN0D0Tzu0SyBzyyBtN1L2XzutBtFtCyBtFtDtFtDtN1L1CzutDtBtCtC1V1QtN1L1G1B1V1N2Y1L1Qzu2StByDyBtA0EyDyEzztG0DyBzztDtGzz0[...] Line Deleted : user_pref("extensions.irmysearch.cr", "764539360"); Line Deleted : user_pref("extensions.irmysearch.instlRef", "0211_d"); -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms} Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms} Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP4D513C28-169A-47D3-B1E8-36167C1CD59F&q={searchTerms}&SSPV= Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm069YYus&ptb=F7791CA7-3D01-42B8-AD80-8E579224E369&ind=2012042501&ptnrS=YKxdm069YYus&si=&n=77ed5505&psa=&st=sb&searchfor={searchTerms} Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=21&locale=en_US&gct=sb&qsrc=2869 Deleted [Search Provider] : hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ch&cd=2XzuyEtN2Y1L1QzuyE0C0E0ByEtBtC0AtAyDtD0A0A0EyEyCtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StB0EyC0EyCyCzytCtGtB0BtB0DtGzzyEyByEtGzyzztC0AtGyE0AyD0EyE0DzzyCyBzztC0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByByD0DyB0A0CtGyBtC0D0CtGyCtCyDzytGyCtAyC0DtGtByDzz0CtAtB0EtAyBtBtB0C2Q&cr=1981171507&ir= Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo Deleted [Extension] : ngaeinfoeljecnggcbonnohnjpepenmb Deleted [Extension] : pbjikboenpfhbbejgkoklgkhjpfogcam ************************* AdwCleaner[R5].txt - [3795 octets] - [07/07/2014 06:12:06] AdwCleaner[S5].txt - [4867 octets] - [07/07/2014 06:14:21] ########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [4927 octets] ##########

#4 ptiinc

ptiinc
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phila
  • Local time:07:31 AM

Posted 07 July 2014 - 07:56 AM

Junkware Removal Tool (JRT) by Thisisu
Version: 6
 
.1.4 (04.06.2014:1)
OS: Windows 7
 
Home Premium x64
Ran by PTIINC on Mon 07/07/2014 at  6:34:37.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{1F5B97BB-021A-4BB9-9B67-47AAF1514994}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{40F246ED-8D69-47E3-AE95-0C92FEFF89DF}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{6060831E-1C17-40D9-88A6-F9494622E7C5}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{7DAD4023-3055-455D-A4B0-6AB770F04517}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{7FE1E06F-464E-4EE8-8BFF-97539608D9C9}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{9864A929-25E0-4C7F-B1A0-9CD73AA2FE44}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{A523F380-EEC6-4A85-8E3A-A3ADB97EF122}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{E2DAEB5A-48D1-42D8-A335-E4BC779EB5DB}
Successfully deleted: [Empty Folder] C:\Users\PTIINC\appdata\local\{F56AF9F7-2425-4BD3-A7E1-1FA4EBC1493D}
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\PTIINC\AppData\Roaming\mozilla\firefox\profiles\gzkhttw0.default-1391209128212\minidumps [2 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\PTIINC\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/07/2014 at  7:45:50.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#5 ptiinc

ptiinc
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phila
  • Local time:07:31 AM

Posted 07 July 2014 - 08:05 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by PTIINC (administrator) on PTIINC-HP on 07-07-2014 08:57:57
Running from C:\Users\PTIINC\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oasrv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Facebook Inc.) C:\Users\PTIINC\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\ch
 
rome.exe
(
 
Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBrok
er.exe
(Go
ogle Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\PTIINC\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-11-10] (IDT, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825208 2014-01-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-08-04] (cyberlink)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SMessaging] => C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe [65432 2014-03-19] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [AccountCreatorRunner] => C:\Program Files (x86)\Malwarebytes Secure Backup\AccountCreatorRunner.exe [22424 2014-03-19] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4842336 2014-06-30] (Emsisoft GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [Google Update] => C:\Users\PTIINC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-08] (Google Inc.)
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [Facebook Update] => C:\Users\PTIINC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-24] (Facebook Inc.)
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [LightShot] => C:\Users\PTIINC\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [Inbox3Tray.exe] => "C:\Program Files (x86)\Inbox3\Inbox3Tray.exe" /STARTUP
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [GoogleChromeAutoLaunch_FCC882FD6423D612A867498ED13558D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-3262727182-1577749039-2835371904-1000\...\Run: [VPN4ALL] => C:\Program Files (x86)\VPN4ALL\vpn4all.exe [3163176 2014-05-05] (VPN4ALL Ltd.)
Startup: C:\Users\PTIINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {570109E4-B143-4878-A992-74D8A266A381} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}
BHO: Ginger Grammar & Spell Checker - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files (x86)\Ginger\GingerIEAddin\adxloader64.dll No File
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Ginger Grammar & Spell Checker - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files (x86)\Ginger\GingerIEAddin\adxloader.dll No File
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{104BBB2A-8790-4239-B1DA-0BD3739055DC}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2E9E5342-FF11-4DA7-A91E-F5C17721554D}: [NameServer]0.0.0.0
Tcpip\..\Interfaces\{D23DB7B1-9BD7-430A-AC9F-6BF9A7467EEE}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F7DD2A46-7D6A-4898-81FF-E0AEF84D330E}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FF96F4C4-4DF6-4C27-8554-1D8DE2DB22B2}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PTIINC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\PTIINC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\PTIINC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\PTIINC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\PTIINC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32asw.dll (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\PTIINC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\PTIINC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\dictionary.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\dogpile.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\enhanced-facebook.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\googletranslate.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\privatelee-https.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\thesaurus---referencecom.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\webster.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\searchplugins\youtube.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\Extensions\adblockpopups@jessehakanen.net.xpi [2014-07-06]
FF Extension: Wikipedia to Google Images - C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\Extensions\imagewiki@imagewiki.fr.xpi [2014-02-01]
FF Extension: DuckDuckGo Plus - C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-02-01]
FF Extension: Adblock Plus - C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-01]
FF Extension: QuickWiki - C:\Users\PTIINC\AppData\Roaming\Mozilla\Firefox\Profiles\gzkhttw0.default-1391209128212\Extensions\{EE223D7A-F30F-11DD-8F0A-D2AD55D89593}.xpi [2014-02-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2014-06-11]
FF Extension: Ginger - Grammar and Spell Checker - C:\Program Files (x86)\Mozilla Firefox\extensions\firefox@gingersoftware.2.0.0.74.com [2014-06-11]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2014-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2014-03-02]
FF HKLM-x32\...\Firefox\Extensions: [firefox@gingersoftware.2.0.0.74.com] - C:\Program Files (x86)\Ginger\Mozilla\firefox@gingersoftware.2.0.0.74.com
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://tunein.com/radio/World-Talk-g40/", "hxxp://bing.com/", "https://www.facebook.com/", "hxxp://www.livenewschat.eu/breaking/", "https://startpage.com/", "https://twitter.com/following"
CHR NewTab: "chrome-extension://ifohbjbgfchkkfhphahclmkpgejiplfo/index.html"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultNewTabURL: 
CHR Extension: (Google Translate) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-02]
CHR Extension: (Learn French - Très Bien) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeifanonhefcaphaeeknpklkfnjjmpec [2014-02-02]
CHR Extension: (Pictures) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmikbffmmfdgmhgdmmoihoeihmcbkkj [2014-02-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-02-02]
CHR Extension: (Ancient History Encyclopedia) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2014-02-02]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-02-06]
CHR Extension: (Google Docs) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
CHR Extension: (Google Drive) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
CHR Extension: (Phonetizer) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcmdhabjkgnocagfmpjhmllfdjgedfab [2014-02-02]
CHR Extension: (Miernicki Radar) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekkhnmodkgifgaiejicmmjngledpipl [2014-02-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Finance Toolbar) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjfjdmjlhpcmlnmaakkmhkcnhecjfenn [2014-06-29]
CHR Extension: (Vuru) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjkomipldgcookljbkgffaegdaaohllb [2014-02-06]
CHR Extension: (YouTube) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
CHR Extension: (HitFT (Taiwan) - News fit to click) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbiggmbhpaacclcaaicjanjbabceacfo [2014-02-02]
CHR Extension: (BrainPOP Featured Movie) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdikkckjinnmjpgkjjpnfmmbcpbhmklf [2014-02-02]
CHR Extension: (The Hacker Academy) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgepgpaeklahkgmbmmkbgiogkmliadcd [2014-02-02]
CHR Extension: (LastQuake) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgnncmdgifnkhekcklekfnfklioigcjh [2014-06-29]
CHR Extension: (Flashcard Stash) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgopclnilgekngdlkfkegddejocmmmim [2014-02-02]
CHR Extension: (Finance Toolbar) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cichbngoomgnobmmjpagmbkimbamigie [2014-06-29]
CHR Extension: (Curiyo by Kivun Hadash) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikbiigmbicdfpfkjgjjeiongjdhnikh [2014-02-02]
CHR Extension: (Webpage Screenshot) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-02-06]
CHR Extension: (Promoterr News TV ( News Videos )) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhemlkebedddafphfkpdedkgcgoehan [2014-02-02]
CHR Extension: (Google Search) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
CHR Extension: (Latest Hiking Weather) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbmiopgdicekiimedngfcceapgknnhka [2014-02-02]
CHR Extension: (Space Station Finder) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcalalddojoejbjlfjgenljkkmjfmije [2014-02-02]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2014-02-02]
CHR Extension: (Read Later Fast) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-02-21]
CHR Extension: (Good News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcfombgjj [2014-02-02]
CHR Extension: (20 Things I Learned About Browsers & the Web) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfdlnlenokgjjchimonbekcmnofmlibg [2014-02-02]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-06-17]
CHR Extension: (Doremi Free) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdanmclaloibaplofjjljkamhdofmg [2014-02-02]
CHR Extension: (Google News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-02-02]
CHR Extension: (NYTimes) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2014-02-02]
CHR Extension: (Search All) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk [2014-02-21]
CHR Extension: (Chinese Tutor Flashcards) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\egbbefchlgcnhjoncjebmkffamidfhae [2014-02-02]
CHR Extension: (Newsman (English Version)) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbcnmggdnaaejpmnmbfbeohljahlgaf [2014-02-02]
CHR Extension: (The Clock Page) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfopehkobdhebdonhaiiiekadaoofdh [2014-02-02]
CHR Extension: (Gmail Offline) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-02-02]
CHR Extension: (busuu.com) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2014-02-02]
CHR Extension: (Pandora) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-02-02]
CHR Extension: (Headline Alley) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fckgfcpecffcblfehjphdoljcccbhiea [2014-03-15]
CHR Extension: (TechSmith Snagit) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik [2014-06-23]
CHR Extension: (Stylish) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-02-02]
CHR Extension: (Full Screen Weather) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-02-02]
CHR Extension: (WeatherByte) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlgbglmmkibkhhbnhegkokegdodlgfe [2014-02-02]
CHR Extension: (NewsBlur) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchdledhagjbhhodjjhiclbnaioljomj [2014-02-02]
CHR Extension: (Hibernian FC) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnckeiggaihifbmaihkngfkjenejhgm [2014-02-02]
CHR Extension: (Stopwatch) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2014-02-02]
CHR Extension: (AdBlock) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-02]
CHR Extension: (LockerPulse) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilnpgomgjbahckkbkjkdoaakmjohlnj [2014-02-02]
CHR Extension: (App Finder) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkidagabdmcgfejjnabmgbkaagnnaegp [2014-02-02]
CHR Extension: (Full Screen) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmimocjjppdelmhpcmpkhekmpoddgima [2014-06-29]
CHR Extension: (Holmes) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokficnebmomagijbakglkcmhdbchbhn [2014-06-27]
CHR Extension: (TennisTV) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpofgplfhochkmeefniiobaddljdaebi [2014-02-02]
CHR Extension: (ScriptBlock) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2014-06-27]
CHR Extension: (SOLE 64) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\henmjlkeiiclnbeomllgmojdeedomape [2014-02-02]
CHR Extension: (Breaking News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmjlbbknfipfebllofjjejkepgggjkd [2014-06-29]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-06-27]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-02-02]
CHR Extension: (NPR Infinite Player) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2014-02-02]
CHR Extension: (Tea clock) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmldmlgafdbnfhhicheojakimpmocggp [2014-02-02]
CHR Extension: (Quotes Book) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfjeadhjbcepmknoanimdbemlobmlpe [2014-02-02]
CHR Extension: (Rocket New Tab) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom [2014-06-28]
CHR Extension: (Taptu - DJ Your News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\icboagahmnkbgcnpekbbhcekifpfijmh [2014-02-21]
CHR Extension: (Learn Chinese) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejkaamcgcfdijjlendhfafhhaopfnbb [2014-02-02]
CHR Extension: (WP Pro Business) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdkgfamgglogmmofpomlaecfnpoenbc [2014-02-02]
CHR Extension: (Are You Watching This?! Sports) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihnicgbfaikpklojpccmikdmjngflehc [2014-02-02]
CHR Extension: (Financial Times News Feed) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikbgmjbblkefbdmndheohoboafbagffo [2014-07-02]
CHR Extension: (What Is My IP Address) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikkldnbjdjkpcfbehhkioaeokmflnnak [2014-02-02]
CHR Extension: (60 Minutes) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj [2014-02-02]
CHR Extension: (Popular Science Magazine) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jandpncjemdblbbjpbdbiccgldlefkgk [2014-02-02]
CHR Extension: (Spell check) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebmdjgdkkijogdnalmimaofgpdmhigh [2014-05-21]
CHR Extension: (World Weather) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jefnaahehlimdapgicdacbgklnedgoje [2014-02-02]
CHR Extension: (Spell Checker for Chrome) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2014-05-21]
CHR Extension: (Typing Test - KeyHero) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-02-02]
CHR Extension: (New Years Mahjong) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnibopfmhebomhlcocnfafjkgchiflmf [2014-02-02]
CHR Extension: (Spell checker and Grammar checker by Ginger) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2014-05-21]
CHR Extension: (Alarm Clock Radio) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2014-02-02]
CHR Extension: (News 5 Minutes) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepebopnapecikjolpokgkbbldadggbd [2014-02-02]
CHR Extension: (4-Traders) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljcniohideihheikcpfnggohighmjcjd [2014-02-02]
CHR Extension: (We Are Tennis) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmdeepeooimedpakfaiahicgilkifef [2014-02-02]
CHR Extension: (Google Maps) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-02]
CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-02-21]
CHR Extension: (English Lit) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchmjdjgeenheaobgcdcmgoajknooalk [2014-02-02]
CHR Extension: (Live News Cloud) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpeibincallapdamgmhhpneloaoipii [2014-06-23]
CHR Extension: (News and Pictures) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfkkkggciojbhfhehfaodadkoheomhbc [2014-02-02]
CHR Extension: (Earbits Radio - Free Music) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkjffcdjblaipglnmhanakilfbniihj [2014-02-02]
CHR Extension: (Awesome New Tab Page™) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2014-02-02]
CHR Extension: (English vocabulary) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-02-02]
CHR Extension: (Google Mail Checker) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-02]
CHR Extension: (Quick Note) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-02-02]
CHR Extension: (Pocket) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-06-23]
CHR Extension: (Financial News Blog) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbkogameibdaljaocmbgcnbicmcbnbg [2014-02-02]
CHR Extension: (Norton Identity Protection) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-06]
CHR Extension: (NewsSquares - Stylish Reading in Chrome) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkmehbmdeabanfnddlekelahkaclfdhl [2014-02-02]
CHR Extension: (Best News & Weather Apps) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpopfhoihfpcoaehlajhjioacoaafop [2014-02-02]
CHR Extension: (Zoho Reports) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhkiaiikklhjkbgopajnacalammmkbi [2014-02-02]
CHR Extension: (Google Wallet) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Watch News Online -  Tilt View) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\noecjnfdfjjlkankileobgnalahiabol [2014-02-02]
CHR Extension: (Scientific Calculator) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2014-02-02]
CHR Extension: (TypingClub) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2014-02-02]
CHR Extension: (NewsQast) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdnfopdbniboipefnoeadhljdfebdpi [2014-02-02]
CHR Extension: (Picky Wallpapers) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj [2014-02-02]
CHR Extension: (HitFT (Japan) - News fit to click) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflkalkdcieeobpokoeciojfpjcinaoe [2014-02-02]
CHR Extension: (Picasa) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-02-02]
CHR Extension: (DS Trendy News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oopmgpljmpmagkjjhncmdojampnloefm [2014-02-02]
CHR Extension: (Khan Academy) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko [2014-02-02]
CHR Extension: (Fox News) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pamidlfalnpbkhdhbbepaibgehibgmna [2014-07-02]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-07-07]
CHR Extension: (Thesaurus) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem [2014-02-02]
CHR Extension: (Weather Underground) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-02-02]
CHR Extension: (Gmail) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]
CHR Extension: (Connected Mind) - C:\Users\PTIINC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]
CHR StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4725440 2014-06-30] (Emsisoft GmbH)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2014-02-14] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
S3 OpenVPNService; C:\Program Files (x86)\VPN4ALL\Connect\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
R2 sagentservice; C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe [41880 2014-03-19] (Malwarebytes Secure Backup)
S3 stunnel; C:\Program Files (x86)\VPN4ALL\Connect\stunnel\stunnel.exe [105472 2013-03-20] (Michal Trojnara) [File not signed]
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-01-10] (The OpenVPN Project)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2013-12-11] (Motorola Solutions, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140703.001\IDSvia64.sys [525016 2014-06-03] (Symantec Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [89304 2014-06-26] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140706.020\ENG64.SYS [126040 2014-06-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140706.020\EX64.SYS [2099288 2014-06-21] (Symantec Corporation)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [59248 2013-06-13] (NetFilterSDK.com)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-02] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Western Digital Technologies) [File not signed]
S1 ESProtectionDriver; \??\C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-07 08:57 - 2014-07-07 08:58 - 00052119 _____ () C:\Users\PTIINC\Downloads\FRST.txt
2014-07-07 08:57 - 2014-07-07 08:58 - 00000000 ____D () C:\FRST
2014-07-07 08:56 - 2014-07-07 08:56 - 02084352 _____ (Farbar) C:\Users\PTIINC\Downloads\FRST64.exe
2014-07-07 07:45 - 2014-07-07 07:45 - 00001903 _____ () C:\Users\PTIINC\Desktop\JRT.txt
2014-07-07 06:34 - 2014-07-07 06:34 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (4).exe
2014-07-07 06:27 - 2014-07-07 06:27 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (3).exe
2014-07-07 06:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-07 06:09 - 2014-07-07 06:09 - 01346519 _____ () C:\Users\PTIINC\Downloads\AdwCleaner (1).exe
2014-07-06 07:50 - 2014-07-06 07:58 - 00000016 _____ () C:\Windows\system32\config\software.szfi
2014-07-06 07:26 - 2014-07-06 08:05 - 00008680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-07-06 07:26 - 2014-07-06 07:26 - 00000304 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-07-06 07:26 - 2014-07-06 07:26 - 00000128 _____ () C:\Windows\system32\Drivers\kgpfr2.cfg
2014-07-06 07:23 - 2014-07-06 07:23 - 00707664 _____ (iS3, Inc.) C:\Users\PTIINC\Downloads\SZSetup_AID10121_AV.exe
2014-07-06 07:04 - 2014-07-06 07:04 - 00000861 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-07-03 14:06 - 2014-07-03 14:06 - 00001138 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-03 14:06 - 2014-07-03 14:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-03 14:03 - 2014-07-03 14:04 - 06226040 _____ (TeamViewer GmbH) C:\Users\PTIINC\Downloads\TeamViewer_Setup_en.exe
2014-07-03 13:59 - 2014-07-03 13:59 - 00001829 _____ () C:\Users\Public\Desktop\Launch VPN4ALL.lnk
2014-07-03 13:59 - 2014-07-03 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN4ALL
2014-07-03 13:59 - 2014-07-03 13:59 - 00000000 ____D () C:\Program Files (x86)\VPN4ALL
2014-07-03 13:58 - 2014-07-03 13:58 - 51847720 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup_beta (1).exe
2014-07-03 13:40 - 2014-07-03 13:41 - 00000463 _____ () C:\Windows\SysWOW64\logFile.xml
2014-07-03 12:52 - 2014-07-03 12:53 - 51847720 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup_beta.exe
2014-07-03 08:57 - 2014-07-03 08:58 - 50804808 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup.exe
2014-06-28 13:42 - 2014-06-28 13:42 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-06-28 13:42 - 2014-06-28 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-06-28 13:41 - 2014-06-28 13:41 - 02143832 _____ () C:\Users\PTIINC\Downloads\instsf449.exe
2014-06-28 13:25 - 2014-06-28 13:28 - 00003326 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-28 13:25 - 2014-06-28 13:25 - 00000000 ____D () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-06-28 13:24 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-06-28 13:23 - 2014-06-28 13:23 - 00680280 _____ ( ) C:\Users\PTIINC\Downloads\ZipSetup.exe
2014-06-28 12:59 - 2014-06-28 12:59 - 01026680 _____ (SlimWare Utilities, Inc.) C:\Users\PTIINC\Downloads\DriverUpdate-setup (2).exe
2014-06-28 12:41 - 2014-06-28 12:41 - 00071880 _____ (© 2014 ClientConnect Ltd.) C:\Users\PTIINC\Downloads\1EA3.tmp
2014-06-28 07:16 - 2014-06-28 07:16 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (3).exe
2014-06-28 07:16 - 2014-06-28 07:16 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (2).exe
2014-06-24 18:10 - 2014-06-24 18:11 - 27167987 _____ () C:\Users\PTIINC\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-06-23 13:00 - 2014-06-23 13:00 - 00000000 ____D () C:\Program Files\Logitech
2014-06-23 12:58 - 2014-06-23 12:58 - 81533904 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_64.exe
2014-06-23 11:55 - 2014-06-23 11:55 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-22 11:58 - 2014-06-22 11:58 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\ChromeSetup(1).exe
2014-06-22 11:41 - 2014-06-23 07:43 - 00017705 _____ () C:\GingerSetupHelper.log
2014-06-22 11:41 - 2014-06-23 07:43 - 00002187 _____ () C:\GingerSetup.log
2014-06-22 09:17 - 2014-06-22 15:17 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-06-21 09:17 - 2014-06-21 09:17 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Wireshark
2014-06-21 09:13 - 2014-06-22 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-06-21 09:13 - 2014-06-22 15:17 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-06-19 08:35 - 2014-06-19 08:35 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Adobe
2014-06-19 07:41 - 2014-06-19 07:41 - 02062984 _____ (Inbox.com ) C:\Users\PTIINC\Downloads\TVSetup.exe
2014-06-19 05:25 - 2014-06-19 05:25 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-06-19 01:28 - 2014-06-19 01:28 - 00000329 _____ () C:\Users\PTIINC\Downloads\201406141430.asx
2014-06-18 15:09 - 2014-06-18 15:09 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (4).exe
2014-06-18 15:09 - 2014-06-18 15:09 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (3).exe
2014-06-18 15:07 - 2014-06-18 15:07 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (2).exe
2014-06-18 15:07 - 2014-06-18 15:07 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (1).exe
2014-06-18 15:04 - 2014-06-18 15:06 - 238989232 _____ (Emsisoft GmbH ) C:\Users\PTIINC\Downloads\EmsisoftAntiMalwareSetup (1).exe
2014-06-18 15:03 - 2014-06-18 15:04 - 238989232 _____ (Emsisoft GmbH ) C:\Users\PTIINC\Downloads\EmsisoftAntiMalwareSetup.exe
2014-06-18 14:19 - 2014-06-18 14:19 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Apple Computer
2014-06-18 13:26 - 2014-06-18 13:26 - 01529080 _____ (LG Electronics ) C:\Users\PTIINC\Downloads\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All (1).exe
2014-06-18 12:06 - 2014-06-18 12:06 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan.exe
2014-06-18 12:06 - 2014-06-18 12:06 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (1).exe
2014-06-18 07:50 - 2014-06-18 07:50 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Apple Computer
2014-06-18 07:43 - 2014-06-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Apple
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\ProgramData\Apple
2014-06-18 07:42 - 2014-06-18 07:42 - 41945432 _____ (Apple Inc.) C:\Users\PTIINC\Downloads\QuickTimeInstaller.exe
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart.exe
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart (2).exe
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart (1).exe
2014-06-16 02:07 - 2014-06-16 02:07 - 04990544 _____ (Adobe Systems Inc.) C:\Users\PTIINC\Downloads\Shockwave_Installer_Slim (1).exe
2014-06-14 16:14 - 2014-06-14 16:14 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (2).exe
2014-06-14 16:06 - 2014-06-14 16:07 - 00000000 ____D () C:\Users\PTIINC\Downloads\bluescreenview-x64
2014-06-14 16:06 - 2014-06-14 16:06 - 00084917 _____ () C:\Users\PTIINC\Downloads\bluescreenview-x64.zip
2014-06-14 10:36 - 2014-06-14 10:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\PTIINC\Downloads\tdsskiller (1).exe
2014-06-14 10:26 - 2014-06-14 10:26 - 00180000 _____ (Kaspersky Lab) C:\Users\PTIINC\Downloads\kss12.0.1.117EN_RU_DE_FR_2926.exe
2014-06-12 04:55 - 2014-06-28 13:25 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 04:53 - 2014-06-12 04:53 - 00918672 _____ (Google Inc.) C:\Users\PTIINC\Downloads\ChromeSetup.exe
2014-06-11 07:37 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 07:37 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 07:37 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 07:37 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 07:37 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:37 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 07:37 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 07:37 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 07:37 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:37 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 07:37 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 07:37 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 07:37 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 07:37 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:37 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 07:37 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 07:37 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:37 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 07:37 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 07:37 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 07:37 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:37 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 07:37 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 07:37 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 07:37 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 07:37 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 07:37 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 07:37 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 07:37 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 07:37 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 07:37 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 07:37 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 07:37 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 07:37 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 07:37 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 07:37 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:37 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 07:37 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 07:37 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:37 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 07:37 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 07:37 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 07:37 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 07:37 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 07:37 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 07:37 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 07:37 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 07:37 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 07:37 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 07:37 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 07:37 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 07:37 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 07:37 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 07:37 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 07:37 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 07:37 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 07:37 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 07:37 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 07:37 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 07:37 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:37 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 07:37 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 07:37 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 07:37 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 07:37 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 07:37 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 07:37 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 07:37 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 04:55 - 2014-06-11 04:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 18:28 - 2014-06-10 18:28 - 01529080 _____ (LG Electronics ) C:\Users\PTIINC\Downloads\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All.exe
 
==================== One Month Modified Files and Folders =======
 
2014-07-07 08:58 - 2014-07-07 08:57 - 00052119 _____ () C:\Users\PTIINC\Downloads\FRST.txt
2014-07-07 08:58 - 2014-07-07 08:57 - 00000000 ____D () C:\FRST
2014-07-07 08:56 - 2014-07-07 08:56 - 02084352 _____ (Farbar) C:\Users\PTIINC\Downloads\FRST64.exe
2014-07-07 08:52 - 2013-11-08 08:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 08:38 - 2013-11-10 23:34 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000UA.job
2014-07-07 08:00 - 2014-05-01 09:26 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-07-07 08:00 - 2013-11-13 00:23 - 00000518 _____ () C:\Windows\Tasks\Malwarebytes Secure Backup - ptiasia@gmail.com.job
2014-07-07 07:45 - 2014-07-07 07:45 - 00001903 _____ () C:\Users\PTIINC\Desktop\JRT.txt
2014-07-07 06:39 - 2014-05-26 23:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 06:34 - 2014-07-07 06:34 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (4).exe
2014-07-07 06:32 - 2014-05-13 10:08 - 00000390 _____ () C:\Windows\Tasks\update-S-1-5-21-3262727182-1577749039-2835371904-1000.job
2014-07-07 06:27 - 2014-07-07 06:27 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (3).exe
2014-07-07 06:27 - 2013-11-13 00:17 - 00000490 _____ () C:\Windows\Tasks\Online Backup Update Notifier.job
2014-07-07 06:27 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 06:27 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-07 06:24 - 2012-01-10 02:01 - 01535674 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 06:17 - 2014-02-28 08:41 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForPTIINC.job
2014-07-07 06:17 - 2013-11-14 05:49 - 00000508 _____ () C:\Windows\Tasks\Malwarebytes Anti-Exploit.job
2014-07-07 06:17 - 2013-11-08 17:26 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 06:17 - 2010-11-20 23:47 - 04683510 _____ () C:\Windows\PFRO.log
2014-07-07 06:17 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 06:17 - 2009-07-14 00:51 - 00078578 _____ () C:\Windows\setupact.log
2014-07-07 06:15 - 2013-11-23 00:23 - 00000000 ____D () C:\AdwCleaner
2014-07-07 06:14 - 2014-02-24 14:33 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000Core.job
2014-07-07 06:14 - 2013-11-08 06:38 - 00000000 ____D () C:\Users\PTIINC
2014-07-07 06:09 - 2014-07-07 06:09 - 01346519 _____ () C:\Users\PTIINC\Downloads\AdwCleaner (1).exe
2014-07-07 05:11 - 2013-11-09 03:15 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Skype
2014-07-07 03:28 - 2013-11-08 06:43 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B269F78-9274-4206-875E-7CFB73EF5240}
2014-07-06 12:56 - 2013-12-12 08:32 - 00000432 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - PTIINC).job
2014-07-06 08:05 - 2014-07-06 07:26 - 00008680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-07-06 07:58 - 2014-07-06 07:50 - 00000016 _____ () C:\Windows\system32\config\software.szfi
2014-07-06 07:28 - 2014-01-16 07:45 - 00000000 ____D () C:\Windows\Minidump
2014-07-06 07:26 - 2014-07-06 07:26 - 00000304 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-07-06 07:26 - 2014-07-06 07:26 - 00000128 _____ () C:\Windows\system32\Drivers\kgpfr2.cfg
2014-07-06 07:23 - 2014-07-06 07:23 - 00707664 _____ (iS3, Inc.) C:\Users\PTIINC\Downloads\SZSetup_AID10121_AV.exe
2014-07-06 07:09 - 2014-02-28 08:41 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPTIINC
2014-07-06 07:08 - 2013-12-08 01:03 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-06 07:08 - 2013-11-10 06:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-06 07:04 - 2014-07-06 07:04 - 00000861 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-07-04 16:16 - 2013-11-08 11:46 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\CrashDumps
2014-07-04 15:40 - 2013-11-08 10:10 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPTIINC-HP$
2014-07-04 15:40 - 2013-11-08 10:10 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForPTIINC-HP$.job
2014-07-04 15:09 - 2013-11-08 06:43 - 00058016 _____ () C:\Users\PTIINC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-04 12:49 - 2009-07-14 00:45 - 00277520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-03 14:06 - 2014-07-03 14:06 - 00001138 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-03 14:06 - 2014-07-03 14:06 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-03 14:04 - 2014-07-03 14:03 - 06226040 _____ (TeamViewer GmbH) C:\Users\PTIINC\Downloads\TeamViewer_Setup_en.exe
2014-07-03 13:59 - 2014-07-03 13:59 - 00001829 _____ () C:\Users\Public\Desktop\Launch VPN4ALL.lnk
2014-07-03 13:59 - 2014-07-03 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN4ALL
2014-07-03 13:59 - 2014-07-03 13:59 - 00000000 ____D () C:\Program Files (x86)\VPN4ALL
2014-07-03 13:58 - 2014-07-03 13:58 - 51847720 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup_beta (1).exe
2014-07-03 13:41 - 2014-07-03 13:40 - 00000463 _____ () C:\Windows\SysWOW64\logFile.xml
2014-07-03 12:53 - 2014-07-03 12:52 - 51847720 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup_beta.exe
2014-07-03 08:58 - 2014-07-03 08:57 - 50804808 _____ () C:\Users\PTIINC\Downloads\VPN4All_Setup.exe
2014-07-02 04:32 - 2013-11-14 05:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 04:32 - 2013-11-14 05:51 - 00000000 ____D () C:\Users\PTIINC\Desktop\mbar
2014-07-02 02:13 - 2009-07-14 01:13 - 00782164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 02:08 - 2014-03-31 10:02 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-06-28 13:42 - 2014-06-28 13:42 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-06-28 13:42 - 2014-06-28 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-06-28 13:41 - 2014-06-28 13:41 - 02143832 _____ () C:\Users\PTIINC\Downloads\instsf449.exe
2014-06-28 13:28 - 2014-06-28 13:25 - 00003326 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-28 13:25 - 2014-06-28 13:25 - 00000000 ____D () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-06-28 13:25 - 2014-06-12 04:55 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-28 13:25 - 2014-03-07 18:57 - 00003256 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-06-28 13:25 - 2014-02-02 19:04 - 00001099 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 13:25 - 2013-11-08 10:29 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\SoftGrid Client
2014-06-28 13:23 - 2014-06-28 13:23 - 00680280 _____ ( ) C:\Users\PTIINC\Downloads\ZipSetup.exe
2014-06-28 12:59 - 2014-06-28 12:59 - 01026680 _____ (SlimWare Utilities, Inc.) C:\Users\PTIINC\Downloads\DriverUpdate-setup (2).exe
2014-06-28 12:59 - 2013-12-12 08:32 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-06-28 12:41 - 2014-06-28 12:41 - 00071880 _____ (© 2014 ClientConnect Ltd.) C:\Users\PTIINC\Downloads\1EA3.tmp
2014-06-28 09:57 - 2014-02-24 14:33 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000UA.job
2014-06-28 09:57 - 2013-11-10 23:34 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000Core.job
2014-06-28 09:57 - 2013-11-08 17:26 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-28 07:16 - 2014-06-28 07:16 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (3).exe
2014-06-28 07:16 - 2014-06-28 07:16 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (2).exe
2014-06-27 12:48 - 2013-11-10 23:34 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000Core
2014-06-27 12:36 - 2014-02-24 14:33 - 00003922 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000UA
2014-06-27 12:36 - 2013-11-08 17:26 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 06:16 - 2013-11-13 00:01 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-24 18:11 - 2014-06-24 18:10 - 27167987 _____ () C:\Users\PTIINC\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-06-24 16:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\schemas
2014-06-23 13:01 - 2013-11-18 01:42 - 00064443 _____ () C:\Windows\LDPINST.LOG
2014-06-23 13:01 - 2013-11-18 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-06-23 13:01 - 2013-11-18 01:41 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-06-23 13:00 - 2014-06-23 13:00 - 00000000 ____D () C:\Program Files\Logitech
2014-06-23 13:00 - 2013-11-18 01:42 - 00000000 ____D () C:\ProgramData\Logishrd
2014-06-23 12:58 - 2014-06-23 12:58 - 81533904 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_64.exe
2014-06-23 12:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Vss
2014-06-23 12:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-06-23 11:55 - 2014-06-23 11:55 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-23 07:43 - 2014-06-22 11:41 - 00017705 _____ () C:\GingerSetupHelper.log
2014-06-23 07:43 - 2014-06-22 11:41 - 00002187 _____ () C:\GingerSetup.log
2014-06-23 07:43 - 2011-11-10 01:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 15:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-22 15:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-22 15:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-22 15:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-22 15:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-06-22 15:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-22 15:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-06-22 15:21 - 2014-05-01 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-06-22 15:21 - 2013-11-08 06:40 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Hewlett-Packard
2014-06-22 15:21 - 2012-01-10 02:14 - 00000000 ____D () C:\ProgramData\Norton
2014-06-22 15:21 - 2011-11-10 00:52 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-22 15:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-22 15:20 - 2014-02-14 01:21 - 00000000 ____D () C:\Program Files\IDT
2014-06-22 15:20 - 2013-11-09 03:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-22 15:20 - 2013-11-08 13:36 - 00000000 ____D () C:\Program Files\DIFX
2014-06-22 15:20 - 2013-11-08 10:29 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-22 15:20 - 2012-01-10 02:16 - 00000000 ____D () C:\Program Files\Common Files\AuthenTec
2014-06-22 15:20 - 2012-01-10 02:11 - 00000000 ___RD () C:\Program Files\Online Services
2014-06-22 15:20 - 2012-01-10 02:07 - 00000000 ____D () C:\Program Files\Symantec
2014-06-22 15:20 - 2012-01-10 02:01 - 00000000 ____D () C:\Program Files\Synaptics
2014-06-22 15:20 - 2011-11-10 00:38 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-06-22 15:20 - 2011-09-05 22:20 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-06-22 15:20 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-22 15:20 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-06-22 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-22 15:18 - 2014-06-18 07:43 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-22 15:17 - 2014-06-22 09:17 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-06-22 15:17 - 2014-06-21 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-06-22 15:17 - 2014-06-21 09:13 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-06-22 15:17 - 2014-01-29 11:57 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\BitTorrent
2014-06-22 15:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-22 15:12 - 2012-01-10 02:03 - 00000000 ____D () C:\Program Files\Intel
2014-06-22 15:12 - 2012-01-10 02:02 - 00000000 ____D () C:\Program Files\Validity Sensors
2014-06-22 15:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-06-22 15:10 - 2014-05-02 14:56 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-06-22 15:10 - 2012-01-10 02:13 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-06-22 15:09 - 2014-03-08 04:18 - 00000000 __RHD () C:\MSOCache
2014-06-22 15:09 - 2013-11-09 08:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-22 15:08 - 2011-08-31 14:05 - 00000000 ___HD () C:\HP
2014-06-22 11:58 - 2014-06-22 11:58 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\ChromeSetup(1).exe
2014-06-22 11:40 - 2013-11-08 17:26 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-21 09:17 - 2014-06-21 09:17 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Wireshark
2014-06-19 08:35 - 2014-06-19 08:35 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Adobe
2014-06-19 07:41 - 2014-06-19 07:41 - 02062984 _____ (Inbox.com ) C:\Users\PTIINC\Downloads\TVSetup.exe
2014-06-19 05:25 - 2014-06-19 05:25 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-06-19 01:28 - 2014-06-19 01:28 - 00000329 _____ () C:\Users\PTIINC\Downloads\201406141430.asx
2014-06-18 21:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-18 15:09 - 2014-06-18 15:09 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (4).exe
2014-06-18 15:09 - 2014-06-18 15:09 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (3).exe
2014-06-18 15:07 - 2014-06-18 15:07 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (2).exe
2014-06-18 15:07 - 2014-06-18 15:07 - 00895120 _____ (Google Inc.) C:\Users\PTIINC\Downloads\GoogleEarthSetup (1).exe
2014-06-18 15:07 - 2013-11-08 17:26 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 15:06 - 2014-06-18 15:04 - 238989232 _____ (Emsisoft GmbH ) C:\Users\PTIINC\Downloads\EmsisoftAntiMalwareSetup (1).exe
2014-06-18 15:04 - 2014-06-18 15:03 - 238989232 _____ (Emsisoft GmbH ) C:\Users\PTIINC\Downloads\EmsisoftAntiMalwareSetup.exe
2014-06-18 14:19 - 2014-06-18 14:19 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Apple Computer
2014-06-18 14:00 - 2014-05-26 23:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 13:26 - 2014-06-18 13:26 - 01529080 _____ (LG Electronics ) C:\Users\PTIINC\Downloads\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All (1).exe
2014-06-18 12:06 - 2014-06-18 12:06 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan.exe
2014-06-18 12:06 - 2014-06-18 12:06 - 00231760 _____ () C:\Users\PTIINC\Downloads\CrucialScan (1).exe
2014-06-18 11:33 - 2013-11-10 23:34 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3262727182-1577749039-2835371904-1000UA
2014-06-18 07:50 - 2014-06-18 07:50 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Apple Computer
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\Users\PTIINC\AppData\Local\Apple
2014-06-18 07:43 - 2014-06-18 07:43 - 00000000 ____D () C:\ProgramData\Apple
2014-06-18 07:42 - 2014-06-18 07:42 - 41945432 _____ (Apple Inc.) C:\Users\PTIINC\Downloads\QuickTimeInstaller.exe
2014-06-17 18:40 - 2013-11-18 01:43 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-06-17 18:40 - 2013-11-18 01:43 - 00002270 _____ () C:\Windows\LkmdfCoInst.log
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart.exe
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart (2).exe
2014-06-17 18:35 - 2014-06-17 18:35 - 03677488 _____ (Logitech Inc.) C:\Users\PTIINC\Downloads\SetPoint6.65.62_smart (1).exe
2014-06-17 06:50 - 2013-11-08 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-17 06:50 - 2013-11-08 08:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-17 06:50 - 2011-11-10 00:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 19:32 - 2014-01-06 09:14 - 00007618 _____ () C:\Users\PTIINC\AppData\Local\resmon.resmoncfg
2014-06-16 02:07 - 2014-06-16 02:07 - 04990544 _____ (Adobe Systems Inc.) C:\Users\PTIINC\Downloads\Shockwave_Installer_Slim (1).exe
2014-06-15 16:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Branding
2014-06-14 16:14 - 2014-06-14 16:14 - 01016261 _____ (Thisisu) C:\Users\PTIINC\Downloads\JRT (2).exe
2014-06-14 16:07 - 2014-06-14 16:06 - 00000000 ____D () C:\Users\PTIINC\Downloads\bluescreenview-x64
2014-06-14 16:06 - 2014-06-14 16:06 - 00084917 _____ () C:\Users\PTIINC\Downloads\bluescreenview-x64.zip
2014-06-14 13:58 - 2009-07-14 01:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 10:36 - 2014-06-14 10:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\PTIINC\Downloads\tdsskiller (1).exe
2014-06-14 10:26 - 2014-06-14 10:26 - 00180000 _____ (Kaspersky Lab) C:\Users\PTIINC\Downloads\kss12.0.1.117EN_RU_DE_FR_2926.exe
2014-06-12 21:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 04:53 - 2014-06-12 04:53 - 00918672 _____ (Google Inc.) C:\Users\PTIINC\Downloads\ChromeSetup.exe
2014-06-12 03:05 - 2013-11-08 09:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:03 - 2013-11-08 09:07 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 03:00 - 2014-05-12 16:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 00:32 - 2014-02-25 04:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 00:32 - 2011-11-10 00:51 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 04:56 - 2014-06-11 04:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 18:28 - 2014-06-10 18:28 - 01529080 _____ (LG Electronics ) C:\Users\PTIINC\Downloads\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All.exe
2014-06-09 02:33 - 2013-11-08 08:14 - 00000000 ____D () C:\Users\PTIINC\AppData\Roaming\Mozilla
2014-06-08 05:13 - 2014-06-11 07:37 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-11 07:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-28 18:37
 
==================== End Of Log ============================


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:31 AM

Posted 07 July 2014 - 07:49 PM

Could you please post the addition.txt that was made when you ran FRST.

 

 

 

I do not recommend that you have more than one anti virus product installed and running on your computer at a time.  The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms".  It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Emisoft online armor or Norton Internet Security.


Edited by fireman4it, 07 July 2014 - 07:50 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:31 AM

Posted 09 July 2014 - 12:23 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:31 AM

Posted 21 July 2014 - 02:04 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users