Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91603 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Browser Hangs Too Much! [Solved]

Browser slow Computer slow Hanging browser

  • This topic is locked This topic is locked
74 replies to this topic

#46 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 20 April 2014 - 12:58 PM

OTL logfile created on: 4/20/2014 3:00:56 AM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Byron\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 57.22% Memory free
7.93 Gb Paging File | 5.69 Gb Available in Paging File | 71.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 46.41 Gb Free Space | 39.86% Space Free | Partition Type: NTFS
Drive D: | 331.01 Gb Total Space | 167.13 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
 
Computer Name: BYRON-PC | User Name: Byron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Byron\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Byron\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
PRC - C:\Users\Byron\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
PRC - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (BlackBerry Limited)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\libglesv2.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\libegl.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Users\Byron\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\Users\Byron\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RIM Tunnel Service) -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Research In Motion Limited)
SRV - (RIM MDNS) -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Apple Inc.)
SRV - (BlackBerry Device Manager) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (BlackBerry Limited)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (File Backup) -- C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (BlackBerry Limited)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (rimvndis) -- C:\Windows\SysNative\drivers\rimvndis6_AMD64.sys (Research in Motion Limited)
DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (ZTEusbwwan) -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys (ZTE Incorporated)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ZTEusbgps) -- C:\Windows\SysNative\drivers\ZTEusbgps.sys (ZTE Incorporated)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (tmobile_mf691_dc_enum) -- C:\Windows\SysNative\drivers\tmobile_mf691_dc_enum.sys (T-Mobile)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 B2 34 07 86 1E CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{9E94E40B-C742-41CB-BAC0-BD5D590DCCA5}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{B4D84896-6918-41DD-B848-1268BE62AF29}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Byron\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off: C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off64: C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe: C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe64: C:\Users\Byron\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Byron\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Byron\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Byron\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/07 11:04:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/02 01:40:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/02 01:40:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/02 01:40:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/02 01:40:41 | 000,000,000 | ---D | M]
 
[2011/06/14 09:10:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Byron\AppData\Roaming\Mozilla\Extensions
[2014/03/02 00:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Byron\AppData\Roaming\Mozilla\Firefox\Profiles\lbefp8bo.default\extensions
[2014/03/02 01:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/02 01:40:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: avast! Online Security = C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
 
O1 HOSTS File: ([2014/04/11 13:49:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\Byron\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21F61DA4-AB4C-4C37-8B36-981EF53CC0A4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EDC8B3-83DB-45A5-9391-D954A6ADFF95}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/18 11:13:20 | 000,000,000 | -HSD | C] -- C:\Users\Byron\AppData\Local\EmieUserList
[2014/04/18 11:13:20 | 000,000,000 | -HSD | C] -- C:\Users\Byron\AppData\Local\EmieSiteList
[2014/04/18 08:52:04 | 000,000,000 | ---D | C] -- C:\Users\Byron\Desktop\LEASE PROGRAM_files
[2014/04/17 20:58:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/04/17 03:00:51 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/17 03:00:50 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/17 03:00:46 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/17 03:00:34 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/17 03:00:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/04/17 03:00:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/17 03:00:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/04/17 03:00:32 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/04/17 03:00:31 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/04/17 03:00:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/04/17 03:00:31 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/17 03:00:31 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/17 03:00:30 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/17 03:00:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/17 03:00:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/17 03:00:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/17 03:00:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/17 03:00:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/17 03:00:28 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/04/17 03:00:24 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/17 03:00:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/17 03:00:24 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/04/17 03:00:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/04/17 03:00:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/04/17 03:00:23 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/04/17 03:00:23 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/04/17 03:00:20 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/17 03:00:19 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/17 03:00:16 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/16 09:19:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/15 02:19:30 | 000,000,000 | ---D | C] -- C:\Users\Byron\Desktop\New folder
[2014/04/11 14:01:34 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/11 13:49:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/04/09 22:10:17 | 000,000,000 | ---D | C] -- C:\Users\Byron\Documents\BLACKBERRY-C16E
[2014/04/09 21:11:35 | 000,000,000 | ---D | C] -- C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
[2014/04/09 21:11:23 | 000,000,000 | ---D | C] -- C:\Users\Byron\AppData\Local\Amazon Cloud Player
[2014/04/08 21:19:39 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/08 21:19:39 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/08 21:19:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/08 21:19:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/08 21:19:36 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/08 21:19:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/08 21:19:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/08 21:19:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/08 21:19:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/08 21:19:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/08 21:19:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/08 21:19:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/08 21:19:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/08 21:19:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/07 11:04:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/01 15:23:05 | 000,000,000 | ---D | C] -- C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email_files
[2014/03/30 17:12:07 | 000,000,000 | ---D | C] -- C:\Users\Byron\Desktop\Tools in Spanish
[2014/03/21 18:11:47 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2014/03/21 18:11:47 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2014/03/21 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/03/21 14:17:01 | 000,000,000 | ---D | C] -- C:\Users\Byron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2008/08/11 22:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/20 02:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/18 23:55:52 | 000,058,129 | ---- | M] () -- C:\Users\Byron\Desktop\palin-cindy-mccain-handoff1.jpg
[2014/04/18 21:02:42 | 000,010,240 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 21:02:42 | 000,010,240 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 08:52:04 | 000,064,506 | ---- | M] () -- C:\Users\Byron\Desktop\LEASE PROGRAM.htm
[2014/04/17 08:16:28 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/17 08:16:28 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/17 03:18:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/15 02:24:01 | 000,000,008 | RHS- | M] () -- C:\Users\Byron\ntuser.pol
[2014/04/15 02:23:55 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/14 17:36:28 | 001,000,010 | ---- | M] () -- C:\Users\Byron\Desktop\April Promo English.pdf
[2014/04/14 17:34:49 | 000,097,962 | ---- | M] () -- C:\Users\Byron\Desktop\Independant_Representative_Agreement1.pdf
[2014/04/14 17:29:22 | 000,467,123 | ---- | M] () -- C:\Users\Byron\Desktop\Home Survey.pdf
[2014/04/14 17:28:49 | 001,087,662 | ---- | M] () -- C:\Users\Byron\Desktop\1-10 English.pdf
[2014/04/13 15:57:09 | 000,118,891 | ---- | M] () -- C:\Users\Byron\Desktop\Regional Event.jpg
[2014/04/13 15:38:24 | 002,459,574 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/13 15:38:24 | 000,748,974 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/13 15:38:24 | 000,006,522 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/13 10:01:12 | 000,468,480 | ---- | M] () -- C:\Users\Byron\Desktop\CKScanner.exe
[2014/04/11 16:25:54 | 013,122,117 | ---- | M] () -- C:\Users\Byron\Desktop\Global-Expansion-Latin-America-ES.pdf
[2014/04/11 13:49:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/11 12:12:05 | 000,263,361 | ---- | M] () -- C:\Users\Byron\Desktop\NFL+Fantasy+Tactics.pdf
[2014/04/11 12:11:10 | 000,203,500 | ---- | M] () -- C:\Users\Byron\Desktop\Introducing the DIRECTV MVP Marketing Program.pdf
[2014/04/09 21:11:45 | 000,001,212 | ---- | M] () -- C:\Users\Byron\Desktop\Amazon Cloud Player.lnk
[2014/04/07 18:57:59 | 000,467,123 | ---- | M] () -- C:\Users\Byron\Desktop\Home Services.pdf
[2014/04/07 18:55:47 | 000,467,123 | ---- | M] () -- C:\Users\Byron\Desktop\Customer Acquisition.pdf
[2014/04/07 18:55:11 | 000,618,906 | ---- | M] () -- C:\Users\Byron\Desktop\USES-TT-Overview.pdf
[2014/04/07 18:53:04 | 000,899,226 | ---- | M] () -- C:\Users\Byron\Desktop\April Promotion - Spanish.pdf
[2014/04/07 18:47:35 | 000,328,629 | ---- | M] () -- C:\Users\Byron\Desktop\System - 60-120 Day TC Plan 2013.pdf
[2014/04/07 17:43:56 | 000,139,731 | ---- | M] () -- C:\Users\Byron\Desktop\meeting.pdf
[2014/04/07 11:04:33 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/07 11:04:14 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/07 11:04:14 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/07 11:04:14 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/07 11:04:14 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/07 11:04:14 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/07 11:04:14 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/04/07 11:04:14 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/07 11:04:14 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/07 11:04:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/03 00:06:01 | 000,000,875 | ---- | M] () -- C:\Users\Byron\Desktop\BitTorrent.lnk
[2014/04/03 00:06:01 | 000,000,855 | ---- | M] () -- C:\Users\Byron\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/04/01 15:23:05 | 000,225,686 | ---- | M] () -- C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email.htm
[2014/03/30 23:40:33 | 000,422,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/29 02:03:52 | 028,708,780 | ---- | M] () -- C:\Users\Byron\Desktop\Prosperity_II.mp3
[2014/03/29 02:00:25 | 028,680,359 | ---- | M] () -- C:\Users\Byron\Desktop\Prosperity_I.mp3
[2014/03/25 19:55:57 | 008,407,552 | ---- | M] () -- C:\Users\Byron\Desktop\Powerpoint Presentation 2.pps
[2014/03/22 20:15:27 | 000,089,846 | ---- | M] () -- C:\Users\Byron\Desktop\rolex-rose-gold-president.jpg
 
========== Files Created - No Company Name ==========
 
[2014/04/18 23:55:51 | 000,058,129 | ---- | C] () -- C:\Users\Byron\Desktop\palin-cindy-mccain-handoff1.jpg
[2014/04/18 08:51:53 | 000,064,506 | ---- | C] () -- C:\Users\Byron\Desktop\LEASE PROGRAM.htm
[2014/04/14 17:36:28 | 001,000,010 | ---- | C] () -- C:\Users\Byron\Desktop\April Promo English.pdf
[2014/04/14 17:34:49 | 000,097,962 | ---- | C] () -- C:\Users\Byron\Desktop\Independant_Representative_Agreement1.pdf
[2014/04/14 17:29:22 | 000,467,123 | ---- | C] () -- C:\Users\Byron\Desktop\Home Survey.pdf
[2014/04/14 17:28:48 | 001,087,662 | ---- | C] () -- C:\Users\Byron\Desktop\1-10 English.pdf
[2014/04/13 15:57:09 | 000,118,891 | ---- | C] () -- C:\Users\Byron\Desktop\Regional Event.jpg
[2014/04/13 10:01:11 | 000,468,480 | ---- | C] () -- C:\Users\Byron\Desktop\CKScanner.exe
[2014/04/11 16:25:54 | 013,122,117 | ---- | C] () -- C:\Users\Byron\Desktop\Global-Expansion-Latin-America-ES.pdf
[2014/04/11 12:12:05 | 000,263,361 | ---- | C] () -- C:\Users\Byron\Desktop\NFL+Fantasy+Tactics.pdf
[2014/04/11 12:11:10 | 000,203,500 | ---- | C] () -- C:\Users\Byron\Desktop\Introducing the DIRECTV MVP Marketing Program.pdf
[2014/04/09 21:11:45 | 000,001,212 | ---- | C] () -- C:\Users\Byron\Desktop\Amazon Cloud Player.lnk
[2014/04/07 18:57:59 | 000,467,123 | ---- | C] () -- C:\Users\Byron\Desktop\Home Services.pdf
[2014/04/07 18:55:32 | 000,467,123 | ---- | C] () -- C:\Users\Byron\Desktop\Customer Acquisition.pdf
[2014/04/07 18:55:11 | 000,618,906 | ---- | C] () -- C:\Users\Byron\Desktop\USES-TT-Overview.pdf
[2014/04/07 18:53:04 | 000,899,226 | ---- | C] () -- C:\Users\Byron\Desktop\April Promotion - Spanish.pdf
[2014/04/07 18:47:35 | 000,328,629 | ---- | C] () -- C:\Users\Byron\Desktop\System - 60-120 Day TC Plan 2013.pdf
[2014/04/07 17:43:55 | 000,139,731 | ---- | C] () -- C:\Users\Byron\Desktop\meeting.pdf
[2014/04/03 00:06:01 | 000,000,875 | ---- | C] () -- C:\Users\Byron\Desktop\BitTorrent.lnk
[2014/04/03 00:06:01 | 000,000,855 | ---- | C] () -- C:\Users\Byron\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/04/01 15:23:03 | 000,225,686 | ---- | C] () -- C:\Users\Byron\Desktop\Internet is extremely slow - Browsers, Internet and email.htm
[2014/03/30 23:40:11 | 000,422,256 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/30 21:01:45 | 000,038,548 | ---- | C] () -- C:\Users\Byron\Desktop\Byron Plain.jpg
[2014/03/29 02:03:31 | 028,708,780 | ---- | C] () -- C:\Users\Byron\Desktop\Prosperity_II.mp3
[2014/03/29 02:00:25 | 028,680,359 | ---- | C] () -- C:\Users\Byron\Desktop\Prosperity_I.mp3
[2014/03/25 19:55:36 | 008,407,552 | ---- | C] () -- C:\Users\Byron\Desktop\Powerpoint Presentation 2.pps
[2014/03/22 20:15:26 | 000,089,846 | ---- | C] () -- C:\Users\Byron\Desktop\rolex-rose-gold-president.jpg
[2013/12/22 02:45:41 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/12/15 18:41:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\skyx24.sys
[2013/12/15 18:41:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\rotw.sys
[2013/09/30 23:43:34 | 000,000,256 | ---- | C] () -- C:\Users\Byron\AppData\Roaming\default.rss
[2013/09/19 00:16:55 | 000,000,093 | ---- | C] () -- C:\Users\Byron\AppData\Roaming\WB.CFG
[2013/09/19 00:16:55 | 000,000,006 | ---- | C] () -- C:\Users\Byron\AppData\Roaming\WBPU-TTL.DAT
[2013/09/18 23:15:25 | 000,000,008 | RHS- | C] () -- C:\Users\Byron\ntuser.pol
[2013/02/12 00:46:09 | 000,000,005 | ---- | C] () -- C:\Users\Byron\AppData\Roaming\mbam.context.scan
[2012/08/20 00:32:25 | 000,744,186 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/30 18:19:18 | 000,000,300 | ---- | C] () -- C:\Users\Byron\AppData\Roaming\burnaware.ini
[2012/04/30 08:56:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2011/12/19 23:56:30 | 000,009,908 | -HS- | C] () -- C:\Users\Byron\AppData\Local\811410x6x458s346j352j8tkd0v6
[2011/12/15 01:22:10 | 000,010,348 | -HS- | C] () -- C:\Users\Byron\AppData\Local\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770
[2011/12/15 01:22:10 | 000,010,348 | -HS- | C] () -- C:\ProgramData\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770
[2011/12/11 02:34:58 | 000,012,408 | ---- | C] () -- C:\Users\Byron\AppData\Local\mqfhxd5j5dcs1adb7nby5l851v3b
[2011/12/11 02:34:58 | 000,012,408 | ---- | C] () -- C:\ProgramData\mqfhxd5j5dcs1adb7nby5l851v3b
[2011/06/03 10:48:13 | 000,007,597 | ---- | C] () -- C:\Users\Byron\AppData\Local\Resmon.ResmonCfg
[2011/04/30 01:57:31 | 000,087,040 | ---- | C] () -- C:\Users\Byron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/08 11:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 09:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013/11/23 03:46:04 | 105,835,460 | ---- | M] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\붩㍵ὄ¡
[2013/11/23 03:46:04 | 105,835,460 | ---- | C] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\붩㍵ὄ¡
[2013/11/22 14:39:22 | 105,774,717 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\붭뗌ὄ
[2013/11/21 20:39:37 | 105,774,717 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\붭뗌ὄ
[2013/11/18 14:39:10 | 104,986,035 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᅓ⍁ὄ
[2013/11/18 02:39:22 | 104,986,035 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᅓ⍁ὄ
[2013/11/15 20:39:44 | 104,513,208 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\稱ⱍὄ
[2013/11/15 20:39:44 | 104,513,208 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\稱ⱍὄ
[2013/11/15 13:46:09 | 104,496,569 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\绠ꚁὄ
[2013/11/14 19:46:45 | 104,496,569 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\绠ꚁὄ
[2013/11/14 07:46:09 | 104,225,154 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\犊෌ὄ
[2013/11/14 07:46:09 | 104,225,154 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\犊෌ὄ
[2013/11/12 13:26:01 | 103,974,937 | ---- | M] ()(C:\Windows\SysWow64\???d) -- C:\Windows\SysWow64\됴렾ὄd
[2013/11/12 07:25:52 | 103,974,937 | ---- | C] ()(C:\Windows\SysWow64\???d) -- C:\Windows\SysWow64\됴렾ὄd
[2013/11/08 13:26:02 | 103,316,092 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\희ὄ
[2013/11/08 07:25:30 | 103,316,092 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\희ὄ
[2013/11/06 01:16:50 | 105,166,163 | ---- | M] ()(C:\Windows\SysWow64\???P) -- C:\Windows\SysWow64\ὄP
[2013/11/05 19:17:01 | 105,166,163 | ---- | C] ()(C:\Windows\SysWow64\???P) -- C:\Windows\SysWow64\ὄP
[2013/11/04 19:17:36 | 105,017,276 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꕘὄ
[2013/11/04 19:17:36 | 105,017,276 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꕘὄ
[2013/11/03 12:13:19 | 104,814,100 | ---- | M] ()(C:\Windows\SysWow64\???a) -- C:\Windows\SysWow64\퐽ꜟὄa
[2013/11/03 06:13:13 | 104,814,100 | ---- | C] ()(C:\Windows\SysWow64\???a) -- C:\Windows\SysWow64\퐽ꜟὄa
[2013/11/02 12:13:12 | 104,684,788 | ---- | M] ()(C:\Windows\SysWow64\???l) -- C:\Windows\SysWow64\쑲ࠁὄl
[2013/11/02 06:13:14 | 104,684,788 | ---- | C] ()(C:\Windows\SysWow64\???l) -- C:\Windows\SysWow64\쑲ࠁὄl
[2013/11/01 12:13:09 | 104,569,497 | ---- | M] ()(C:\Windows\SysWow64\???«) -- C:\Windows\SysWow64\䒟骮ὄ«
[2013/11/01 00:13:20 | 104,569,497 | ---- | C] ()(C:\Windows\SysWow64\???«) -- C:\Windows\SysWow64\䒟骮ὄ«
[2013/10/29 03:16:18 | 103,932,228 | ---- | M] ()(C:\Windows\SysWow64\???9) -- C:\Windows\SysWow64\燾쀧ὄ9
[2013/10/28 03:16:17 | 103,932,228 | ---- | C] ()(C:\Windows\SysWow64\???9) -- C:\Windows\SysWow64\燾쀧ὄ9
[2013/10/25 13:58:28 | 103,054,676 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\셅㬓ὄŽ
[2013/10/25 01:58:38 | 103,054,676 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\셅㬓ὄŽ
[2013/10/24 08:39:42 | 102,787,172 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\倭継ὄ
[2013/10/24 08:39:42 | 102,787,172 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\倭継ὄ
[2013/10/23 20:40:06 | 102,749,940 | ---- | M] ()(C:\Windows\SysWow64\???N) -- C:\Windows\SysWow64\石ὄN
[2013/10/23 20:40:06 | 102,749,940 | ---- | C] ()(C:\Windows\SysWow64\???N) -- C:\Windows\SysWow64\石ὄN
[2013/10/23 12:57:40 | 102,674,996 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\똓쒢ὄ
[2013/10/21 00:57:38 | 102,674,996 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\똓쒢ὄ
[2013/10/20 06:57:32 | 102,068,998 | ---- | M] ()(C:\Windows\SysWow64\???±) -- C:\Windows\SysWow64\ꍄ᪑ὄ±
[2013/10/16 18:56:55 | 102,068,998 | ---- | C] ()(C:\Windows\SysWow64\???±) -- C:\Windows\SysWow64\ꍄ᪑ὄ±
[2013/10/16 06:56:57 | 101,406,750 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\뫑튑ὄ
[2013/10/15 18:57:07 | 101,406,750 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\뫑튑ὄ
[2013/10/15 12:56:50 | 101,237,240 | ---- | M] ()(C:\Windows\SysWow64\???O) -- C:\Windows\SysWow64\ꌎ꺩ὄO
[2013/10/15 06:57:04 | 101,237,240 | ---- | C] ()(C:\Windows\SysWow64\???O) -- C:\Windows\SysWow64\ꌎ꺩ὄO
[2013/10/14 18:56:58 | 101,076,544 | ---- | M] ()(C:\Windows\SysWow64\???m) -- C:\Windows\SysWow64\偨ὄm
[2013/10/14 18:56:58 | 101,076,544 | ---- | C] ()(C:\Windows\SysWow64\???m) -- C:\Windows\SysWow64\偨ὄm
[2013/10/13 18:57:22 | 100,838,141 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㾄眹ὄ
[2013/10/12 06:56:29 | 100,838,141 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㾄眹ὄ
[2013/10/10 00:30:08 | 100,221,909 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\퀣ႇὄ
[2013/10/10 00:30:08 | 100,221,909 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\퀣ႇὄ
[2013/10/09 09:00:15 | 100,163,860 | ---- | M] ()(C:\Windows\SysWow64\???Y) -- C:\Windows\SysWow64\⾁츳ὄY
[2013/10/09 09:00:15 | 100,163,860 | ---- | C] ()(C:\Windows\SysWow64\???Y) -- C:\Windows\SysWow64\⾁츳ὄY
[2013/10/04 13:05:04 | 099,288,311 | ---- | M] ()(C:\Windows\SysWow64\???7) -- C:\Windows\SysWow64\᱂㡫ὄ7
[2013/10/02 19:04:55 | 099,288,311 | ---- | C] ()(C:\Windows\SysWow64\???7) -- C:\Windows\SysWow64\᱂㡫ὄ7
[2013/10/02 13:05:08 | 098,834,313 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\亩猐ὄ
[2013/09/30 19:05:09 | 098,834,313 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\亩猐ὄ
[2013/09/30 12:37:02 | 098,541,442 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\롏ὄŽ
[2013/09/30 00:37:06 | 098,541,442 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\롏ὄŽ
[2013/09/29 12:37:01 | 098,466,785 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\箰ѷὄ
[2013/09/29 06:37:02 | 098,466,785 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\箰ѷὄ
[2013/09/27 11:26:18 | 098,286,374 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\边冑ὄ
[2013/09/27 05:26:25 | 098,286,374 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\边冑ὄ
[2013/09/26 12:22:41 | 098,009,570 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\鴵埨ὄ
[2013/09/25 18:22:37 | 098,009,570 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\鴵埨ὄ
[2013/09/25 12:22:38 | 097,858,179 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꮧ꣇ὄ
[2013/09/24 18:23:25 | 097,858,179 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꮧ꣇ὄ
[2013/09/24 09:33:59 | 097,531,747 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\烱쿉ὄŽ
[2013/09/23 21:34:25 | 097,531,747 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\烱쿉ὄŽ
[2013/09/23 15:33:59 | 098,798,431 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᯌ钹ὄ
[2013/09/21 03:33:49 | 098,798,431 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᯌ钹ὄ
[2013/09/20 12:28:07 | 098,498,750 | ---- | M] ()(C:\Windows\SysWow64\???c) -- C:\Windows\SysWow64\׋䌋ὄc
[2013/09/19 18:27:59 | 098,498,750 | ---- | C] ()(C:\Windows\SysWow64\???c) -- C:\Windows\SysWow64\׋䌋ὄc
[2013/09/19 12:27:59 | 098,395,704 | ---- | M] ()(C:\Windows\SysWow64\???C) -- C:\Windows\SysWow64\׆趿ὄC
[2013/09/19 00:28:19 | 098,395,704 | ---- | C] ()(C:\Windows\SysWow64\???C) -- C:\Windows\SysWow64\׆趿ὄC
[2013/09/18 12:27:59 | 098,177,822 | ---- | M] ()(C:\Windows\SysWow64\???¢) -- C:\Windows\SysWow64\틛梻ὄ¢
[2013/09/18 00:28:00 | 098,177,822 | ---- | C] ()(C:\Windows\SysWow64\???¢) -- C:\Windows\SysWow64\틛梻ὄ¢
[2013/09/17 12:23:55 | 098,062,984 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\揚ὄ
[2013/09/15 12:23:53 | 098,062,984 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\揚ὄ
[2013/09/14 12:23:47 | 097,600,188 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\癛圪ὄ
[2013/09/13 18:23:45 | 097,600,188 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\癛圪ὄ
[2013/09/13 12:23:45 | 097,503,480 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\怸‣ὄ
[2013/09/12 18:23:42 | 097,503,480 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\怸‣ὄ
[2013/09/12 12:23:42 | 097,373,152 | ---- | M] ()(C:\Windows\SysWow64\???G) -- C:\Windows\SysWow64\োⅾὄG
[2013/09/12 12:23:42 | 097,373,152 | ---- | C] ()(C:\Windows\SysWow64\???G) -- C:\Windows\SysWow64\োⅾὄG
[2013/09/12 00:23:45 | 097,238,077 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\␦蝇ὄ
[2013/09/11 18:23:42 | 097,238,077 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\␦蝇ὄ
[2013/09/11 12:23:40 | 097,171,315 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\鈵䯺ὄ
[2013/09/11 00:23:46 | 097,171,315 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\鈵䯺ὄ
[2013/09/10 09:49:35 | 096,985,259 | ---- | M] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\環ὄ¨
[2013/09/09 21:48:57 | 096,985,259 | ---- | C] ()(C:\Windows\SysWow64\???¨) -- C:\Windows\SysWow64\環ὄ¨
[2013/09/06 21:07:02 | 096,496,803 | ---- | M] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\ꨅフḼH
[2013/09/06 21:07:02 | 096,496,803 | ---- | C] ()(C:\Windows\SysWow64\???H) -- C:\Windows\SysWow64\ꨅフḼH
[2013/09/06 07:05:58 | 096,334,488 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\݌䡿Ḽ
[2013/09/05 18:43:30 | 096,334,488 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\݌䡿Ḽ
[2013/09/04 07:53:42 | 095,863,165 | ---- | M] ()(C:\Windows\SysWow64\???F) -- C:\Windows\SysWow64\믾❫ḼF
[2013/09/04 07:53:42 | 095,863,165 | ---- | C] ()(C:\Windows\SysWow64\???F) -- C:\Windows\SysWow64\믾❫ḼF
 
< End of report >

    Advertisements

Register to Remove


#47 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 21 April 2014 - 10:27 AM

I have not forgotten about you.  I am still looking into this OTL log to see what might be eluding me.  :)  Thanks for your patience.


Posted Image
 
 

#48 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 21 April 2014 - 10:42 AM

Please go to: VirusTotal
On the page you'll find a "Choose File" button.
Click on the Choose File button.
In the Choose File to Upload window which opens, copy and paste this into the File Name box.
 
C:\Windows\SysWow64\skyx24.sys
 
C:\Windows\SysWow64\rotw.sys
 

Next, click the Open button.
Then click the "Scan It!" button just below.
This will scan the file. Please be patient.
If you get a message saying File has already been analyzed: click Reanalyze file now
Once scanned, copy and paste the link to the results page in your next reply.
----------


Posted Image
 
 

#49 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 12:52 PM

https://www.virustot...sis/1398104562/

 

 

https://www.virustot...sis/1398106375/

 

 

I notice that when my browser hangs, my harddrive seems to be working overtime. Not sure if that helps.


Edited by Bperkins7468, 21 April 2014 - 12:54 PM.


#50 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 06:29 PM

Jeff, my replacement modem just came and I exchanged it. Nothing has changed. My upload speed says 20 mbps, and the hanging browser this time just says "waiting for google-analytics."



#51 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 21 April 2014 - 06:35 PM

ttLR1ki.jpg
 
Run OTL.exe

  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
     
    :Services
     
    :OTL
    [2011/12/19 23:56:30 | 000,009,908 | -HS- | C] () -- C:\Users\Byron\AppData\Local\811410x6x458s346j352j8tkd0v6
    [2011/12/15 01:22:10 | 000,010,348 | -HS- | C] () -- C:\Users\Byron\AppData\Local\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770
    [2011/12/15 01:22:10 | 000,010,348 | -HS- | C] () -- C:\ProgramData\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770
    [2011/12/11 02:34:58 | 000,012,408 | ---- | C] () -- C:\Users\Byron\AppData\Local\mqfhxd5j5dcs1adb7nby5l851v3b
    [2011/12/11 02:34:58 | 000,012,408 | ---- | C] () -- C:\ProgramData\mqfhxd5j5dcs1adb7nby5l851v3b
     
    :Files
    ipconfig /flushdns /c
     
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

Posted Image
 
 

#52 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 06:45 PM

Here is the latest OTL:

 

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
C:\Users\Byron\AppData\Local\811410x6x458s346j352j8tkd0v6 moved successfully.
C:\Users\Byron\AppData\Local\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770 moved successfully.
C:\ProgramData\k5ne3dx5w3g8lgoeol54uau4jn5g6uu0ml770 moved successfully.
C:\Users\Byron\AppData\Local\mqfhxd5j5dcs1adb7nby5l851v3b moved successfully.
C:\ProgramData\mqfhxd5j5dcs1adb7nby5l851v3b moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Byron\Downloads\cmd.bat deleted successfully.
C:\Users\Byron\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Byron
->Temp folder emptied: 3863575 bytes
->Temporary Internet Files folder emptied: 21882970 bytes
->Java cache emptied: 5436954 bytes
->FireFox cache emptied: 2948372 bytes
->Google Chrome cache emptied: 386440848 bytes
->Flash cache emptied: 58160 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49900962 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 103355308 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 1676 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42314281 bytes
RecycleBin emptied: 1555389173 bytes
 
Total Files Cleaned = 2,071.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 04212014_173820
 
Files\Folders moved on Reboot...
C:\Users\Byron\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Byron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{1DACB2BC-532D-45AF-9BE4-0FC24E2CCD11}.tmp not found!
File\Folder C:\Users\Byron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{40A0D8E0-5E96-4DFC-8FFF-B40EAD8AF6FE}.tmp not found!
File\Folder C:\Users\Byron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{57E3DE8F-68CD-40C2-AFD8-FA5DF658F913}.tmp not found!
C:\Users\Byron\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...


#53 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 21 April 2014 - 06:51 PM

Go ahead and test your internet and see how it is running? 


Posted Image
 
 

#54 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 07:19 PM

I just did a speedtest and it says 16.12 mbps. I think it's the laptop causing the internet speed to drag because i always hear the hard drive working when I do something online.



#55 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 07:21 PM

I'm supposed to have up to 24mbps. Now that I've used a ethernet cable, my internet speed has jumped up to 20.34mbps. But it shouldn't matter if i'm hardlined or not. I've got wireless internet for a reason. 


    Advertisements

Register to Remove


#56 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 21 April 2014 - 08:21 PM

I called ATT and was given over to a tech from ASUS, my laptop's manufacturer. He didn't fix anything but told me I had the following issues that were hanging up my browser and slowing down my laptop:

 

  • Network Protection ( He remote-controlled my laptop and took me somewhere that said "Network Access Protection." It was off ).
  • Junk Files ( He opened up a Temp file and I saw 5 files from Avast that he said were bad, as well as temp files in AppData and Prefetch ).
  • I had severe Registry issues
  • Out-of-date Drivers
  • Ineffective Antivirus. I will change that once I hear from you.


#57 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 April 2014 - 05:43 AM

Hi,
 

I'm supposed to have up to 24mbps. Now that I've used a ethernet cable, my internet speed has jumped up to 20.34mbps. But it shouldn't matter if i'm hardlined or not. I've got wireless internet for a reason.

Unfortunately this is where they get you with internet speed.  Internet speed will depend on many factors, most of which will not even have anything to do with your system at all.  They tell you that you are supposed to have speeds "up to 24mbps."  This may be true, but is based on many variables with 24mbps being the best possible maximum.  I, myself, am supposed to get up to 30mbps and just did a test (wireless internet) and only get 19.6 mbps.  The wireless access will be slower still based upon the variables of what might be blocking the internet signals in your house, type of router.....etc.  
 
As for what the tech is looking at I am not sure?  We emptied the temp folders (even the ones that they claimed to see), out-of-date drivers that are seen (I don't remember the last time I updated drivers), bad Avast files I have no idea about because I am certainly not seeing them here and ineffective antivirus?  I would happily debate that.   :)  
 
Anyway.....is the speed of the internet the only remaining problem?


Posted Image
 
 

#58 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 22 April 2014 - 10:01 AM

He said all the files from my C:\Windows\Prefetch folder were bad and slowing down my computer. 

 

Also, do you know anything about Network Access Protection? 

 

Aside from that, my computer is running fine. I'd like to get to the bottom of my hanging browser, though it doesn't hang nearly as much as it used to. Now, I'm just frustrated at how often my videos buffer. That drives me bananas! :)

 

The internet speed is my only remaining problem. 


Edited by Bperkins7468, 22 April 2014 - 06:45 PM.


#59 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 April 2014 - 06:01 PM

SystemLook
 
Please use either of the following links:
Download Mirror 1
Download Mirror 2

  • Right-click and Run as Administrator SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :folder
    C:\Windows\Prefetch /s
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt


Posted Image
 
 

#60 Bperkins7468

Bperkins7468

    Authentic Member

  • Authentic Member
  • PipPip
  • 92 posts

Posted 22 April 2014 - 06:49 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:48 on 22/04/2014 by Byron
Administrator - Elevation successful
 
Invalid Context: folder
 
No Context: C:\Windows\Prefetch /s
 
-= EOF =-

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users