GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Very slow to start and run programs

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Very slow to start and run programs

Post by CRC on Tue Jan 31, 2012 9:24 pm

Computer has been very slow to start, run IE or any program, and slow to shut down. It took a half day but I was able to get to your website and download/run OTL, but not the other programs suggested. It will take three posts.

Here it is....

OTL logfile created on: 1/30/2012 9:30:16 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\wills\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 52.23% Memory free
5.86 Gb Paging File | 4.04 Gb Available in Paging File | 68.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.49 Gb Total Space | 221.46 Gb Free Space | 78.12% Space Free | Partition Type: NTFS
Drive D: | 14.31 Gb Total Space | 2.36 Gb Free Space | 16.50% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.41 Mb Free Space | 96.05% Space Free | Partition Type: FAT32

Computer Name: FAMILY-PC | User Name: wills | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Users\wills\My Documents\OTL.com
PRC - [2012/01/25 18:28:16 | 000,041,984 | RHS- | M] (NVIDIA Corporation) -- C:\Users\wills\AppData\Local\Temp\System\mvscavAP.exe
PRC - [2012/01/08 23:00:33 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/12/19 15:34:24 | 000,493,568 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2011/12/14 05:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/12/13 18:56:15 | 000,512,848 | ---- | M] () -- C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/12/01 16:05:40 | 000,432,128 | ---- | M] (We-Care.com) -- C:\ProgramData\WeCareReminder\ReminderHelper.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/30 10:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/08/15 16:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/12/10 06:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/16 11:57:38 | 000,197,632 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\TbHelper2.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/11 03:34:17 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dd759df05fad8dc6d3404e8e02b40819\Microsoft.VisualBasic.ni.dll
MOD - [2012/01/11 03:31:15 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/12/23 10:20:47 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/12/23 10:20:05 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/12/23 10:19:42 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/12/23 10:19:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/23 10:19:06 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/12/23 10:18:59 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
MOD - [2011/12/23 10:16:37 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
MOD - [2011/12/23 09:24:47 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/12/23 09:24:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/12/23 09:24:16 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/12/23 09:24:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/12/23 09:24:05 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/23 09:23:46 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/12/19 15:34:22 | 000,263,680 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/22 21:44:58 | 002,398,720 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
MOD - [2010/11/04 19:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/02/16 12:57:38 | 000,301,568 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\tbhelper.dll
MOD - [2010/02/16 11:57:52 | 000,108,544 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\TbCommonUtils.dll
MOD - [2010/02/16 11:57:38 | 000,197,632 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\TbHelper2.exe
MOD - [2010/02/09 19:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 19:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 19:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 19:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 19:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 19:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 19:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 19:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/12/03 13:50:56 | 000,105,472 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\MacroParserPlugin.dll
MOD - [2009/01/12 12:24:20 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\DealBulldog Toolbar\alert_plugin.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/24 14:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2010/01/18 16:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/11/17 20:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/11 15:27:40 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/08 23:00:33 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/12/14 05:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/12/13 18:56:15 | 000,512,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe -- (InstallBrainService)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/30 10:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/08/15 16:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/12/10 06:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/11 21:43:25 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 03:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/05 13:57:18 | 000,144,896 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2010/01/19 19:55:34 | 001,088,544 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/09/22 19:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\DealBulldog Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\wills\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\wills\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/14 23:56:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/12/23 09:09:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/19 09:45:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme [2011/12/13 17:07:45 | 000,000,000 | ---D | M]

[2011/12/13 18:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wills\AppData\Roaming\Mozilla\Firefox\extensions
[2011/12/13 18:58:44 | 000,000,000 | ---D | M] (WhiteSmoke Bar) -- C:\Users\wills\AppData\Roaming\Mozilla\Firefox\extensions\{167d9323-f7cc-48f5-948a-6f012831a69f}
[2011/12/19 12:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/06 16:47:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/11/28 15:41:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/07/08 01:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\wills\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\wills\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\wills\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\wills\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AVG Safe Search = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: We-Care Reminder Lite = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.9_0\
CHR - Extension: Gmail = C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (no name) - {9193fbaf-bdaf-4751-a99a-1f5ef255c35b} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll File not found
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {167D9323-F7CC-48F5-948A-6F012831A69F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HKLM] C:\Windows\SysWOW64\WinDir\Svchost.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [HKCU] C:\Users\wills\AppData\Roaming\WinDir\Svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [Microsoft Intel Security] C:\Users\wills\AppData\Roaming\winsecurity.exe File not found
O4 - HKCU..\Run: [Microsoft® Windows® Operating System] C:\Users\wills\AppData\Local\Temp\System\mvscavAP.exe (NVIDIA Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\wills\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\WinDir\Svchost.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\WinDir\Svchost.exe (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30DAE1AC-CEFF-4645-AC04-1B6F614923AF}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

post 2

Post by CRC on Tue Jan 31, 2012 9:32 pm

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {Y18RLJXI-4TGW-73W7-N61G-B8TH60387638} - C:\Windows\system32\WinDir\Svchost.exe Restart
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - sirenacm.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/01/30 21:25:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\wills\Documents\OTL.com
[2012/01/30 20:02:00 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/01/28 22:40:38 | 000,000,000 | ---D | C] -- C:\Users\wills\.DemonScape
[2012/01/28 16:56:36 | 000,000,000 | ---D | C] -- C:\.exemptionx_cache_32
[2012/01/28 16:27:06 | 000,000,000 | ---D | C] -- C:\Users\wills\quarterxbeta
[2012/01/27 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\wills\jagexcache2
[2012/01/25 15:33:58 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/25 15:33:57 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/25 15:33:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/25 15:33:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/25 15:33:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/25 15:33:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/24 17:48:32 | 000,000,000 | ---D | C] -- C:\Users\wills\.jagex_cache_32
[2012/01/23 20:24:31 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Roaming\EpicBot
[2012/01/23 20:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpicBot
[2012/01/23 20:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpicBot
[2012/01/23 12:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealBulldog Toolbar
[2012/01/23 12:37:19 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\TempDIR
[2012/01/23 12:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/01/23 12:22:31 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SwiftKit
[2012/01/23 07:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/23 07:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/23 07:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/22 17:07:33 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/01/22 17:06:36 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\Apps
[2012/01/22 17:06:35 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\Deployment
[2012/01/21 20:56:27 | 000,000,000 | -HSD | C] -- C:\found.001
[2012/01/20 15:42:15 | 000,647,168 | ---- | C] (Chapley) -- C:\Users\wills\Desktop\TerrariViewer.exe
[2012/01/10 22:44:37 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/10 22:44:37 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/10 22:44:37 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/10 22:44:37 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/10 22:44:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/10 22:44:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/10 22:44:35 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/10 22:44:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/10 22:44:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/09 06:46:14 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\PunkBuster
[2012/01/08 23:00:18 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/01/08 23:00:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/01/08 23:00:17 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/01/08 23:00:17 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/01/08 23:00:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/01/08 23:00:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/01/08 23:00:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/01/08 23:00:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/01/08 23:00:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/01/08 23:00:12 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/01/08 23:00:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/01/08 23:00:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/01/08 23:00:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/01/08 23:00:10 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/01/08 23:00:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/01/08 23:00:09 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/01/08 22:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/01/08 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/01/06 23:12:24 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\SoftGrid Client
[2012/01/06 23:12:18 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Roaming\SoftGrid Client
[2012/01/03 12:27:41 | 000,000,000 | ---D | C] -- C:\BBarrage
[2012/01/01 19:33:05 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Local\Spotify
[2012/01/01 19:32:40 | 000,000,000 | ---D | C] -- C:\Users\wills\AppData\Roaming\Spotify

========== Files - Modified Within 30 Days ==========

[2012/01/30 21:26:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\wills\Documents\OTL.com
[2012/01/30 21:14:50 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003UA.job
[2012/01/30 19:50:21 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 19:50:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 19:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/30 17:38:21 | 087,817,706 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/01/30 17:27:50 | 2361,593,856 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/30 17:12:04 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003Core.job
[2012/01/30 16:58:56 | 000,032,109 | ---- | M] () -- C:\Users\wills\AppData\Roaming\test
[2012/01/30 16:58:55 | 000,449,833 | -H-- | M] () -- C:\Users\wills\AppData\Roaming\willslog.dat
[2012/01/29 08:47:06 | 000,000,024 | ---- | M] () -- C:\Users\wills\random.dat
[2012/01/29 08:45:26 | 000,000,044 | ---- | M] () -- C:\Users\wills\jagex_cl_runescape_LIVE.dat
[2012/01/29 01:25:57 | 000,000,046 | ---- | M] () -- C:\Users\wills\exemptionx_ExemptionX 634_preferences.dat
[2012/01/29 00:24:33 | 000,000,099 | ---- | M] () -- C:\Users\wills\exemptionx_ExemptionX 634_preferences2.dat
[2012/01/28 22:48:05 | 000,000,046 | ---- | M] () -- C:\Users\wills\jagex_runescape_preferences.dat
[2012/01/28 22:32:41 | 000,000,024 | ---- | M] () -- C:\Users\wills\jagexappletviewer.preferences
[2012/01/28 16:58:41 | 000,000,000 | ---- | M] () -- C:\Users\wills\exemptionx__preferences3.dat
[2012/01/28 16:33:27 | 000,000,129 | ---- | M] () -- C:\Users\wills\jagex_runescape_preferences2.dat
[2012/01/28 15:34:19 | 000,077,979 | ---- | M] () -- C:\Users\wills\AppData\Roaming\pon.exe
[2012/01/28 15:15:55 | 000,000,047 | ---- | M] () -- C:\Users\wills\AppData\Roaming\pill.bat
[2012/01/28 15:13:45 | 000,034,304 | ---- | M] () -- C:\Users\wills\AppData\Roaming\bonk.exe
[2012/01/27 17:51:50 | 000,000,045 | ---- | M] () -- C:\Users\wills\jagex_cl_runescape_LIVE1.dat
[2012/01/27 17:49:40 | 000,000,045 | ---- | M] () -- C:\Users\wills\jagex_cl_runescape_LIVE2.dat
[2012/01/25 21:14:03 | 000,002,398 | ---- | M] () -- C:\Users\wills\Desktop\Google Chrome.lnk
[2012/01/23 20:20:30 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\EpicBot.lnk
[2012/01/23 13:57:17 | 008,563,738 | ---- | M] () -- C:\Users\wills\Documents\clip0014.avi
[2012/01/23 13:57:08 | 009,293,710 | ---- | M] () -- C:\Users\wills\Documents\clip0013.avi
[2012/01/23 13:56:53 | 032,937,906 | ---- | M] () -- C:\Users\wills\Documents\clip0012.avi
[2012/01/23 13:56:27 | 006,379,346 | ---- | M] () -- C:\Users\wills\Documents\clip0011.avi
[2012/01/23 13:56:15 | 007,735,590 | ---- | M] () -- C:\Users\wills\Documents\clip0010.avi
[2012/01/23 13:56:04 | 007,434,174 | ---- | M] () -- C:\Users\wills\Documents\clip0009.avi
[2012/01/23 13:55:27 | 007,655,580 | ---- | M] () -- C:\Users\wills\Documents\clip0008.avi
[2012/01/23 13:55:16 | 009,532,776 | ---- | M] () -- C:\Users\wills\Documents\clip0007.avi
[2012/01/23 13:54:56 | 008,172,250 | ---- | M] () -- C:\Users\wills\Documents\clip0006.avi
[2012/01/23 13:54:39 | 008,207,992 | ---- | M] () -- C:\Users\wills\Documents\clip0005.avi
[2012/01/23 13:54:24 | 009,368,290 | ---- | M] () -- C:\Users\wills\Documents\clip0004.avi
[2012/01/23 13:54:03 | 005,926,472 | ---- | M] () -- C:\Users\wills\Documents\clip0003.avi
[2012/01/23 12:41:22 | 005,415,696 | ---- | M] () -- C:\Users\wills\Documents\clip0002.avi
[2012/01/23 12:40:05 | 002,400,582 | ---- | M] () -- C:\Users\wills\Documents\clip0001.avi
[2012/01/23 12:22:31 | 000,000,967 | ---- | M] () -- C:\Users\wills\Desktop\SwiftKit.lnk
[2012/01/23 07:27:03 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/21 13:37:21 | 000,000,222 | ---- | M] () -- C:\Users\wills\Desktop\Terraria.url
[2012/01/20 15:42:16 | 000,647,168 | ---- | M] (Chapley) -- C:\Users\wills\Desktop\TerrariViewer.exe
[2012/01/14 22:30:20 | 000,774,348 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/14 22:30:20 | 000,660,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/14 22:30:20 | 000,121,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/14 22:30:16 | 000,774,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/14 11:17:28 | 000,057,226 | ---- | M] () -- C:\Users\wills\Documents\wtf.jpg
[2012/01/11 16:51:52 | 007,998,303 | ---- | M] () -- C:\Users\wills\Desktop\will goes 17-9 shaco.lrf
[2012/01/11 09:54:24 | 000,620,694 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/01/09 06:46:18 | 000,281,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/09 06:46:18 | 000,281,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/08 23:00:43 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/08 23:00:33 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/04 15:34:22 | 000,256,392 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/01/01 19:33:04 | 000,001,806 | ---- | M] () -- C:\Users\wills\Desktop\Spotify.lnk
[2012/01/01 19:13:26 | 000,192,882 | ---- | M] () -- C:\Users\wills\Documents\IMG-20110817-00372.jpg

========== Files Created - No Company Name ==========

[2012/01/28 16:58:41 | 000,000,000 | ---- | C] () -- C:\Users\wills\exemptionx__preferences3.dat
[2012/01/28 16:58:40 | 000,000,099 | ---- | C] () -- C:\Users\wills\exemptionx_ExemptionX 634_preferences2.dat
[2012/01/28 16:56:37 | 000,000,046 | ---- | C] () -- C:\Users\wills\exemptionx_ExemptionX 634_preferences.dat
[2012/01/28 15:34:00 | 000,077,979 | ---- | C] () -- C:\Users\wills\AppData\Roaming\pon.exe
[2012/01/28 15:15:55 | 000,000,047 | ---- | C] () -- C:\Users\wills\AppData\Roaming\pill.bat
[2012/01/28 15:13:45 | 000,034,304 | ---- | C] () -- C:\Users\wills\AppData\Roaming\bonk.exe
[2012/01/27 17:49:40 | 000,000,045 | ---- | C] () -- C:\Users\wills\jagex_cl_runescape_LIVE2.dat
[2012/01/25 18:29:09 | 000,032,109 | ---- | C] () -- C:\Users\wills\AppData\Roaming\test
[2012/01/23 20:20:30 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\EpicBot.lnk
[2012/01/23 13:57:11 | 008,563,738 | ---- | C] () -- C:\Users\wills\Documents\clip0014.avi
[2012/01/23 13:57:02 | 009,293,710 | ---- | C] () -- C:\Users\wills\Documents\clip0013.avi
[2012/01/23 13:56:33 | 032,937,906 | ---- | C] () -- C:\Users\wills\Documents\clip0012.avi
[2012/01/23 13:56:23 | 006,379,346 | ---- | C] () -- C:\Users\wills\Documents\clip0011.avi
[2012/01/23 13:56:10 | 007,735,590 | ---- | C] () -- C:\Users\wills\Documents\clip0010.avi
[2012/01/23 13:55:51 | 007,434,174 | ---- | C] () -- C:\Users\wills\Documents\clip0009.avi
[2012/01/23 13:55:22 | 007,655,580 | ---- | C] () -- C:\Users\wills\Documents\clip0008.avi
[2012/01/23 13:55:10 | 009,532,776 | ---- | C] () -- C:\Users\wills\Documents\clip0007.avi
[2012/01/23 13:54:51 | 008,172,250 | ---- | C] () -- C:\Users\wills\Documents\clip0006.avi
[2012/01/23 13:54:34 | 008,207,992 | ---- | C] () -- C:\Users\wills\Documents\clip0005.avi
[2012/01/23 13:54:18 | 009,368,290 | ---- | C] () -- C:\Users\wills\Documents\clip0004.avi
[2012/01/23 13:53:55 | 005,926,472 | ---- | C] () -- C:\Users\wills\Documents\clip0003.avi
[2012/01/23 12:40:41 | 005,415,696 | ---- | C] () -- C:\Users\wills\Documents\clip0002.avi
[2012/01/23 12:39:47 | 002,400,582 | ---- | C] () -- C:\Users\wills\Documents\clip0001.avi
[2012/01/23 12:22:31 | 000,000,967 | ---- | C] () -- C:\Users\wills\Desktop\SwiftKit.lnk
[2012/01/23 07:27:03 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/22 18:59:45 | 000,000,024 | ---- | C] () -- C:\Users\wills\jagexappletviewer.preferences
[2012/01/22 17:07:37 | 000,002,398 | ---- | C] () -- C:\Users\wills\Desktop\Google Chrome.lnk
[2012/01/22 17:07:05 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003UA.job
[2012/01/22 17:07:03 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003Core.job
[2012/01/21 13:37:20 | 000,000,222 | ---- | C] () -- C:\Users\wills\Desktop\Terraria.url
[2012/01/14 11:17:10 | 000,057,226 | ---- | C] () -- C:\Users\wills\Documents\wtf.jpg
[2012/01/11 16:51:50 | 007,998,303 | ---- | C] () -- C:\Users\wills\Desktop\will goes 17-9 shaco.lrf
[2012/01/09 06:46:18 | 000,281,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/08 23:00:36 | 000,281,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/08 23:00:36 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/08 23:00:33 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/01 19:33:04 | 000,001,806 | ---- | C] () -- C:\Users\wills\Desktop\Spotify.lnk
[2012/01/01 19:33:04 | 000,001,792 | ---- | C] () -- C:\Users\wills\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/01/01 19:13:05 | 000,192,882 | ---- | C] () -- C:\Users\wills\Documents\IMG-20110817-00372.jpg
[2011/12/21 16:25:18 | 000,774,348 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/11 01:32:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/09 19:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/08/30 07:44:56 | 000,449,833 | -H-- | C] () -- C:\Users\wills\AppData\Roaming\willslog.dat

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

post 3

Post by CRC on Tue Jan 31, 2012 9:36 pm

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/09/11 15:16:46 | 000,061,440 | ---- | M] (Gary's Hood) -- C:\Users\wills\Desktop\auto typer and clicker.exe
[2011/11/22 17:54:37 | 002,288,128 | ---- | M] () -- C:\Users\wills\Desktop\LeagueofLegends.exe
[2012/01/20 15:42:16 | 000,647,168 | ---- | M] (Chapley) -- C:\Users\wills\Desktop\TerrariViewer.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/07/08 01:16:28 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2011/07/08 01:16:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[2011/07/08 01:16:28 | 000,265,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/01/13 16:44:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/07/19 17:00:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/08/09 18:11:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Auto Typer by MurGee
[2011/10/23 09:11:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2011/12/13 17:35:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BearShare Applications
[2011/12/13 18:07:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/07/08 06:47:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2012/01/08 22:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/07/05 21:14:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/12/18 18:30:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2012/01/30 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DealBulldog Toolbar
[2012/01/30 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EpicBot
[2011/11/17 20:25:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FastestIE
[2011/10/08 13:18:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FoxTabPDFConverter
[2011/01/21 18:09:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2011/10/07 16:26:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FunWebProducts
[2011/12/13 16:13:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/12/13 16:13:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2011/06/05 10:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hide The IP
[2011/01/04 17:09:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/12/13 16:12:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2011/12/13 17:07:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IMinent Toolbar
[2011/12/13 18:56:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\InstallBrainService
[2011/12/13 16:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/01/11 21:41:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/13 17:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/01/30 09:16:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/11/28 15:40:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/11/23 14:07:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011/12/20 15:59:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LOLReplay
[2011/09/17 09:22:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011/01/10 14:19:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/10/14 06:16:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/05/14 22:23:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/12/21 16:26:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2010/12/29 08:17:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/08/11 13:15:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/07/08 06:53:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN
[2012/01/08 22:58:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/12/19 12:13:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Object
[2010/12/27 23:14:16 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2011/12/13 16:15:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2011/11/19 09:45:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/01/11 21:44:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/12/19 11:59:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Shop To Win
[2011/12/13 17:07:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Shop to Win 22
[2011/12/06 16:47:01 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/12/19 12:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StartNow Toolbar
[2012/01/30 17:32:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/01/30 09:16:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SwiftKit
[2011/12/29 21:20:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2011/03/22 11:10:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2011/01/06 17:12:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TomTom HOME 2
[2011/01/06 17:12:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TomTom International B.V
[2009/07/13 22:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/03/02 20:42:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Walmart MP3 Music Downloads
[2009/07/13 23:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/03/29 23:35:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/11/26 12:28:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/11/26 12:28:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/11/26 12:28:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/11/26 12:28:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/11/26 12:28:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/10/19 17:17:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2011/01/21 18:09:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/12/13 16:11:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo! Games
[2011/10/08 13:18:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yontoo Layers


< MD5 for: AGP440.SYS >
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: DISK.SYS >
[2009/07/13 19:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/13 19:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/13 19:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTOR.SYS >
[2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 19:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 07:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 07:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 06:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 06:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 19:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 19:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 00:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 00:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 00:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 07:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 07:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\wills\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\wills\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\wills\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\wills\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 06:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 06:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 06:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/07/08 01:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/07/08 01:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 19:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 19:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 19:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E6B9E5A3

< End of report >

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Wed Feb 01, 2012 7:25 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
StartupLite

Download [You must be registered and logged in to see this link.] to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.
*********************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 6:57 am

It has taken me some time but I have the logs requested.

SUPERAntiSpyware....It may take three post for this one

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 02/02/2012 at 04:30 AM

Application Version : 5.0.1142

Core Rules Database Version : 8192
Trace Rules Database Version: 6004

Scan type : Complete Scan
Total Scan Time : 02:58:26

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 559
Memory threats detected : 0
Registry items scanned : 41599
Registry threats detected : 12
File items scanned : 328144
File threats detected : 986

Adware.Tracking Cookie
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\T0OWEN2V.txt [ /mediaplex.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\UDWVYS3Z.txt [ /media6degrees.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\BD9KL074.txt [ /t.pointroll.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\I3D390O5.txt [ /tribalfusion.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\4FAHYKQI.txt [ /serving-sys.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\EI7Z9E8D.txt [ /realmedia.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\7CXHIEA0.txt [ /pointroll.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\4JWEBQLI.txt [ /ru4.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\8CZHT5T2.txt [ /chitika.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\F7FUYPP6.txt [ /www.burstnet.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\808FX279.txt [ /atdmt.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\PQG7AUV7.txt [ /akamai.interclickproxy.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\STLZGHPR.txt [ /ads.intergi.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\GC7HZFKE.txt [ /adxpose.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\P62L8PKV.txt [ /fastclick.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\P2H5AOYC.txt [ /lucidmedia.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\TM9E5FLU.txt [ /at.atwola.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\DHI6GAW5.txt [ /yieldmanager.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\CS28A7EW.txt [ /ads.bridgetrack.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\Y1S2KTW5.txt [ /ad.yieldmanager.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\4479A7OM.txt [ /ads.pointroll.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\IAXWXEKX.txt [ /atdmt.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\V60BC499.txt [ /invitemedia.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\2H8TZOWD.txt [ /imrworldwide.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\8PK3MBR2.txt [ /a1.interclick.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\GJ6LBBC1.txt [ /revsci.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\YAFXH8K7.txt [ /r1-ads.ace.advertising.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\JOE5SXIY.txt [ /interclick.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\RWRIRIBP.txt [ /mm.chitika.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\H6TTT3MZ.txt [ /c.atdmt.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\D00HRGYA.txt [ /adbrite.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\FIVD5U0W.txt [ /questionmarket.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\IRTPTTZK.txt [ /advertising.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\H6N7S8FY.txt [ /doubleclick.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\JRV17JN6.txt [ /pro-market.net ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\RH9OYOIS.txt [ /apmebf.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\51469M1C.txt [ /casalemedia.com ]
C:\Users\wills\AppData\Roaming\Microsoft\Windows\Cookies\DAPR7MZK.txt [ /burstnet.com ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\0N1UA14P.txt [ Cookie:family@atdmt.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\family@content.yieldmanager[6].txt [ Cookie:family@content.yieldmanager.com/ak/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\family@network.realmedia[2].txt [ Cookie:family@network.realmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\family@doubleclick[7].txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\family@realmedia[2].txt [ Cookie:family@realmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\PAEVZ3BS.txt [ Cookie:family@fastclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\6WF23VEA.txt [ Cookie:family@invitemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\C0HKYE6L.txt [ Cookie:family@apmebf.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\family@content.yieldmanager[5].txt [ Cookie:family@content.yieldmanager.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\S7IZM8QN.txt [ Cookie:family@ads.pointroll.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@sextape[1].txt [ Cookie:family@sextape.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@specificclick[3].txt [ Cookie:family@specificclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@specificmedia[3].txt [ Cookie:family@specificmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NG0KIZVQ.txt [ Cookie:family@atdmt.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adxpose[2].txt [ Cookie:family@adxpose.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@hpi.rotator.hadj7.adjuggler[3].txt [ Cookie:family@hpi.rotator.hadj7.adjuggler.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\UIFEV5A3.txt [ Cookie:family@ads.zeusclicks.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adserving.autotrader[1].txt [ Cookie:family@adserving.autotrader.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\E9GGHIQE.txt [ Cookie:family@lucidmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@us.sitestat[1].txt [ Cookie:family@us.sitestat.com/future/gamesradar/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@static.freewebs.getclicky[1].txt [ Cookie:family@static.freewebs.getclicky.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@247realmedia[2].txt [ Cookie:family@247realmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@traffic.prod.cobaltgroup[1].txt [ Cookie:family@traffic.prod.cobaltgroup.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DFG1EYTG.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@ads.crakmedia[5].txt [ Cookie:family@ads.crakmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MN2VEO3L.txt [ Cookie:family@casalemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CADNQQF9.txt [ Cookie:family@liveperson.net/hc/65595271 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@citimortgage.122.2o7[2].txt [ Cookie:family@citimortgage.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CAP6CNLR.txt [ Cookie:family@liveperson.net/hc/72770115 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@doubleclick[6].txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@advanceinternet.122.2o7[2].txt [ Cookie:family@advanceinternet.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@g-pixel.invitemedia[2].txt [ Cookie:family@g-pixel.invitemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@questionmarket[10].txt [ Cookie:family@questionmarket.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@liveperson[10].txt [ Cookie:family@liveperson.net/hc/57386690 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SYDKNRP.txt [ Cookie:family@at.atwola.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adsonar[5].txt [ Cookie:family@adsonar.com/adserving ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F4W630FG.txt [ Cookie:family@clix.clixelmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@www3.addfreestats[1].txt [ Cookie:family@www3.addfreestats.com/cgi-bin ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@lucidmedia[8].txt [ Cookie:family@lucidmedia.com/clicksense/admeld/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@bizrate[1].txt [ Cookie:family@bizrate.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3EUTHYWB.txt [ Cookie:family@counters.gigya.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJJV0GSG.txt [ Cookie:family@a1.interclick.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@highbeam.122.2o7[1].txt [ Cookie:family@highbeam.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\5GEGZMV4.txt [ Cookie:family@interclick.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@liveperson[4].txt [ Cookie:family@liveperson.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1WII4FA.txt [ Cookie:family@server.cpmstar.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\N9HXT2PH.txt [ Cookie:family@pro-market.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\QDNPJ6DE.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BVDY94NB.txt [ Cookie:family@invitemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@bravenet[1].txt [ Cookie:family@bravenet.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@linksynergy[3].txt [ Cookie:family@linksynergy.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DTPNMFNW.txt [ Cookie:family@stats.paypal.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@content.yieldmanager[8].txt [ Cookie:family@content.yieldmanager.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YF5EFP9U.txt [ Cookie:family@content.yieldmanager.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@hearstmagazines.112.2o7[1].txt [ Cookie:family@hearstmagazines.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NP24U4EB.txt [ Cookie:family@insightexpressai.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6FA95JYV.txt [ Cookie:family@ads.pointroll.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DKOR6DFQ.txt [ Cookie:family@adbrite.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@segment-pixel.invitemedia[2].txt [ Cookie:family@segment-pixel.invitemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adbrite[5].txt [ Cookie:family@adbrite.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@rotator.hadj7.adjuggler[3].txt [ Cookie:family@rotator.hadj7.adjuggler.net/servlet/ajrotator/track/pt63551 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\2SLSTI3Z.txt [ Cookie:family@mediaplex.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@rs2toplist[2].txt [ Cookie:family@rs2toplist.com/vote/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@associatedcontent.112.2o7[1].txt [ Cookie:family@associatedcontent.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@clickbank[2].txt [ Cookie:family@clickbank.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\J7TVQX17.txt [ Cookie:family@openx.jeetyetmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BLMWQPOC.txt [ Cookie:family@myroitracking.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@qksrv[3].txt [ Cookie:family@qksrv.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@dmtracker[2].txt [ Cookie:family@dmtracker.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@smartadserver[1].txt [ Cookie:family@smartadserver.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\OMQO37Y2.txt [ Cookie:family@content.yieldmanager.com/ak/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@e-2dj6wjkocgdpedo.stats.esomniture[2].txt [ Cookie:family@e-2dj6wjkocgdpedo.stats.esomniture.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3A234EAA.txt [ Cookie:family@network.realmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@xm.xtendmedia[1].txt [ Cookie:family@xm.xtendmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\LRO13DVO.txt [ Cookie:family@dc.tremormedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@web-traffic-analysis[1].txt [ Cookie:family@web-traffic-analysis.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@timeinc.122.2o7[1].txt [ Cookie:family@timeinc.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@lucidmedia[5].txt [ Cookie:family@lucidmedia.com/clicksense/ad/6248/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@clkads[2].txt [ Cookie:family@clkads.com/adServe/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@citi.bridgetrack[1].txt [ Cookie:family@citi.bridgetrack.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@rambler[3].txt [ Cookie:family@rambler.ru/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1LCQCKOD.txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@chicagosuntimes.122.2o7[1].txt [ Cookie:family@chicagosuntimes.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2MH5ZUA.txt [ Cookie:family@ads.bridgetrack.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@stats.ilivid[1].txt [ Cookie:family@stats.ilivid.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adtrackrs[2].txt [ Cookie:family@adtrackrs.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\B9F16M2F.txt [ Cookie:family@realmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@rs2toplist[1].txt [ Cookie:family@rs2toplist.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@stats-newyork1.bloxcms[2].txt [ Cookie:family@stats-newyork1.bloxcms.com/phillyburbs.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XBDFTJRS.txt [ Cookie:family@burstbeacon.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@media.adfrontiers[3].txt [ Cookie:family@media.adfrontiers.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CADIWBP4.txt [ Cookie:family@liveperson.net/hc/69606660 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@yieldmanager[4].txt [ Cookie:family@yieldmanager.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWDD4BPL.txt [ Cookie:family@clicksor.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@in.getclicky[2].txt [ Cookie:family@in.getclicky.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@ads.react2media[2].txt [ Cookie:family@ads.react2media.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@lfstmedia[2].txt [ Cookie:family@lfstmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@westjeffersoncounty.myfoxal[1].txt [ Cookie:family@westjeffersoncounty.myfoxal.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\RJIYY32R.txt [ Cookie:family@google.com/accounts/recovery/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4I48W8JJ.txt [ Cookie:family@apmebf.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CAME23S2.txt [ Cookie:family@liveperson.net/hc/76226072 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\5XO03VKU.txt [ Cookie:family@yieldmanager.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@walmartcom.112.2o7[1].txt [ Cookie:family@walmartcom.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@eyewonder[5].txt [ Cookie:family@eyewonder.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@advertising.mombloggersclub[1].txt [ Cookie:family@advertising.mombloggersclub.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@mlbam.112.2o7[2].txt [ Cookie:family@mlbam.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CA8Q0V7B.txt [ Cookie:family@liveperson.net/hc/52328787 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@lucidmedia[6].txt [ Cookie:family@lucidmedia.com/clicksense/ad/6336/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\09I1PXXQ.txt [ Cookie:family@r1-ads.ace.advertising.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KGGZVJ2U.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@cbsdigitalmedia.112.2o7[1].txt [ Cookie:family@cbsdigitalmedia.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\L8PGRCDQ.txt [ Cookie:family@burstnet.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@adlegend[3].txt [ Cookie:family@adlegend.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@commission-junction[1].txt [ Cookie:family@commission-junction.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\CLLL2PPP.txt [ Cookie:family@warnerbros.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@trackalyzer[1].txt [ Cookie:family@trackalyzer.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@avgtechnologies.112.2o7[2].txt [ Cookie:family@avgtechnologies.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\65A6T8EH.txt [ Cookie:family@eyeviewads.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@pornografish[2].txt [ Cookie:family@pornografish.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@superpages.122.2o7[1].txt [ Cookie:family@superpages.122.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@jcwhitney.112.2o7[1].txt [ Cookie:family@jcwhitney.112.2o7.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@[You must be registered and logged in to see this link.] [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@content2.kitnmedia[1].txt [ Cookie:family@content2.kitnmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@CA9T9BE6.txt [ Cookie:family@liveperson.net/hc/5255712 ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MXGBC1VU.txt [ Cookie:family@media6degrees.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YM63CGT5.txt [ Cookie:family@adxpansion.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZDEEF25P.txt [ Cookie:family@edge.jeetyetmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZPQSY5DS.txt [ Cookie:family@fastclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6LWXUHKI.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\W7MFEGU6.txt [ Cookie:family@kontera.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@t4.trackalyzer[1].txt [ Cookie:family@t4.trackalyzer.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\I4MWMC92.txt [ Cookie:family@solvemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\RK5JJI61.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DD88YI10.txt [ Cookie:family@advertising.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6TS76CTJ.txt [ Cookie:family@counter3.sextracker.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\28TJL8MF.txt [ Cookie:family@ox-d.jeetyetmedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VGD3D33Q.txt [ Cookie:family@sextracker.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DRYYQBAY.txt [ Cookie:family@[You must be registered and logged in to see this link.] ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\023JL214.txt [ Cookie:family@beta-ads.ace.advertising.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\W8TV07Y9.txt [ Cookie:family@e-2dj6wnlycic5cbp.stats.esomniture.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7OY22Z7.txt [ Cookie:family@accounts.google.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\family@ads2.zeusclicks[1].txt [ Cookie:family@ads2.zeusclicks.com/ ]
C:\USERS\FAMILY\Cookies\0N1UA14P.txt [ Cookie:family@atdmt.com/ ]
C:\USERS\FAMILY\Cookies\family@content.yieldmanager[6].txt [ Cookie:family@content.yieldmanager.com/ak/ ]
C:\USERS\FAMILY\Cookies\family@network.realmedia[2].txt [ Cookie:family@network.realmedia.com/ ]
C:\USERS\FAMILY\Cookies\family@doubleclick[7].txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\Cookies\family@realmedia[2].txt [ Cookie:family@realmedia.com/ ]
C:\USERS\FAMILY\Cookies\PAEVZ3BS.txt [ Cookie:family@fastclick.net/ ]
C:\USERS\FAMILY\Cookies\6WF23VEA.txt [ Cookie:family@invitemedia.com/ ]
C:\USERS\FAMILY\Cookies\C0HKYE6L.txt [ Cookie:family@apmebf.com/ ]
C:\USERS\FAMILY\Cookies\family@content.yieldmanager[5].txt [ Cookie:family@content.yieldmanager.com/ ]
C:\USERS\FAMILY\Cookies\S7IZM8QN.txt [ Cookie:family@ads.pointroll.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\JZZAN2I3.txt [ Cookie:wills@tracking.dsmmadvantage.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\WQGPVCIE.txt [ Cookie:wills@mediaplex.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZQZ2IUBO.txt [ Cookie:wills@avgtechnologies.112.2o7.net/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\A4GAEAKN.txt [ Cookie:wills@media6degrees.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\5POUVG00.txt [ Cookie:wills@tribalfusion.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\TIIBTK4D.txt [ Cookie:wills@pointroll.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ACZLR2O7.txt [ Cookie:wills@ru4.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\B2BZEWCM.txt [ Cookie:wills@atdmt.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\K7PCCXP3.txt [ Cookie:wills@adxpose.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\2VRCJQQW.txt [ Cookie:wills@[You must be registered and logged in to see this link.] ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZGJKBHK0.txt [ Cookie:wills@collective-media.net/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\C0TCZEDR.txt [ Cookie:wills@at.atwola.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\7AEB26RA.txt [ Cookie:wills@lucidmedia.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\JRJS1LD1.txt [ Cookie:wills@ad.yieldmanager.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\5G134FFC.txt [ Cookie:wills@ads.pointroll.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\8YZ0OG23.txt [ Cookie:wills@imrworldwide.com/cgi-bin ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\M8NFQG7S.txt [ Cookie:wills@revsci.net/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\FCG27OJ0.txt [ Cookie:wills@interclick.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\67S365U1.txt [ Cookie:wills@adbrite.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\2R2F6VI5.txt [ Cookie:wills@questionmarket.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQOYGKV9.txt [ Cookie:wills@apmebf.com/ ]
C:\USERS\WILLS\AppData\Roaming\Microsoft\Windows\Cookies\Low\W97V260H.txt [ Cookie:wills@casalemedia.com/ ]
C:\USERS\WILLS\Cookies\T0OWEN2V.txt [ Cookie:wills@mediaplex.com/ ]
C:\USERS\WILLS\Cookies\UDWVYS3Z.txt [ Cookie:wills@media6degrees.com/ ]
C:\USERS\WILLS\Cookies\I3D390O5.txt [ Cookie:wills@tribalfusion.com/ ]
C:\USERS\WILLS\Cookies\EI7Z9E8D.txt [ Cookie:wills@realmedia.com/ ]
C:\USERS\WILLS\Cookies\7CXHIEA0.txt [ Cookie:wills@pointroll.com/ ]
C:\USERS\WILLS\Cookies\4JWEBQLI.txt [ Cookie:wills@ru4.com/ ]
C:\USERS\WILLS\Cookies\8CZHT5T2.txt [ Cookie:wills@chitika.net/ ]
C:\USERS\WILLS\Cookies\F7FUYPP6.txt [ Cookie:wills@[You must be registered and logged in to see this link.] ]
C:\USERS\WILLS\Cookies\808FX279.txt [ Cookie:wills@atdmt.com/ ]
C:\USERS\WILLS\Cookies\GC7HZFKE.txt [ Cookie:wills@adxpose.com/ ]
C:\USERS\WILLS\Cookies\P2H5AOYC.txt [ Cookie:wills@lucidmedia.com/ ]
C:\USERS\WILLS\Cookies\TM9E5FLU.txt [ Cookie:wills@at.atwola.com/ ]
C:\USERS\WILLS\Cookies\DHI6GAW5.txt [ Cookie:wills@yieldmanager.net/ ]
C:\USERS\WILLS\Cookies\CS28A7EW.txt [ Cookie:wills@ads.bridgetrack.com/ ]
C:\USERS\WILLS\Cookies\Y1S2KTW5.txt [ Cookie:wills@ad.yieldmanager.com/ ]
C:\USERS\WILLS\Cookies\4479A7OM.txt [ Cookie:wills@ads.pointroll.com/ ]
C:\USERS\WILLS\Cookies\IAXWXEKX.txt [ Cookie:wills@atdmt.com/ ]
C:\USERS\WILLS\Cookies\2H8TZOWD.txt [ Cookie:wills@imrworldwide.com/cgi-bin ]
C:\USERS\WILLS\Cookies\8PK3MBR2.txt [ Cookie:wills@a1.interclick.com/ ]
C:\USERS\WILLS\Cookies\GJ6LBBC1.txt [ Cookie:wills@revsci.net/ ]
C:\USERS\WILLS\Cookies\JOE5SXIY.txt [ Cookie:wills@interclick.com/ ]
C:\USERS\WILLS\Cookies\RWRIRIBP.txt [ Cookie:wills@mm.chitika.net/ ]
C:\USERS\WILLS\Cookies\D00HRGYA.txt [ Cookie:wills@adbrite.com/ ]
C:\USERS\WILLS\Cookies\FIVD5U0W.txt [ Cookie:wills@questionmarket.com/ ]
C:\USERS\WILLS\Cookies\IRTPTTZK.txt [ Cookie:wills@advertising.com/ ]
C:\USERS\WILLS\Cookies\JRV17JN6.txt [ Cookie:wills@pro-market.net/ ]
C:\USERS\WILLS\Cookies\RH9OYOIS.txt [ Cookie:wills@apmebf.com/ ]
C:\USERS\WILLS\Cookies\51469M1C.txt [ Cookie:wills@casalemedia.com/ ]
C:\USERS\WILLS\Cookies\DAPR7MZK.txt [ Cookie:wills@burstnet.com/ ]

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 7:01 am

SUPERAntiSpyware Part 2....

C:\USERS\FAMILY\APPDATA\LOCAL\TEMP\LOW\COOKIES\FAMILY@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
ad.insightexpressai.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
cdn.steelhousemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
cloudfront.mediamatters.org [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
counter.rambler.ru [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
findnumberfour.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.gamefudge.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.gamepost.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.khou.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.lintvnews.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.scanscout.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media.tractorsupply.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media1.clubpenguin.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
media10.washingtonpost.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
pornmix.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
s0.2mdn.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
secure-us.imrworldwide.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
spe.atdmt.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
vhss-d.oddcast.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
[You must be registered and logged in to see this link.] [ C:\USERS\FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MNU6QF5P ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@2O7[2].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@2O7[3].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@2O7[4].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@A1.INTERCLICK[1].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@A1.INTERCLICK[2].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@AD.WSOD[3].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@AD.YIELDMANAGER[3].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ADS.POINTROLL[1].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ADS.POINTROLL[3].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ADS.UNDERTONE[2].TXT [ /ADS.UNDERTONE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@APMEBF[2].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ATDMT[3].TXT [ /ATDMT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@COLLECTIVE-MEDIA[3].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@DOUBLECLICK[4].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@DOUBLECLICK[6].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@FINDLAW[1].TXT [ /FINDLAW ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INTERCLICK[3].TXT [ /INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INVITEMEDIA[3].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@INVITEMEDIA[4].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@NETWORK.REALMEDIA[1].TXT [ /NETWORK.REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@POINTROLL[1].TXT [ /POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@POINTROLL[3].TXT [ /POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@REALMEDIA[1].TXT [ /REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@RU4[2].TXT [ /RU4 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@SERVING-SYS[3].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@TRIBALFUSION[3].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ZEDO[1].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FAMILY@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@2O7[1].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@2O7[2].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@2O7[3].TXT [ /2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@A1.INTERCLICK[1].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@A1.INTERCLICK[2].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@A1.INTERCLICK[4].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@A1.INTERCLICK[5].TXT [ /A1.INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.ADBULL[2].TXT [ /AD.ADBULL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.ADSUMMOS[2].TXT [ /AD.ADSUMMOS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.TARGETINGMARKETPLACE[2].TXT [ /AD.TARGETINGMARKETPLACE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[1].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[3].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[4].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[5].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[6].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.WSOD[8].TXT [ /AD.WSOD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[10].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[11].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[3].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[4].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[5].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[6].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[7].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[8].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AD.YIELDMANAGER[9].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[10].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[11].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[1].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[2].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[3].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[4].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[6].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[7].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[8].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADBRITE[9].TXT [ /ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADECN[2].TXT [ /ADECN ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADINTERAX[1].TXT [ /ADINTERAX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADINTERAX[2].TXT [ /ADINTERAX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADINTERAX[3].TXT [ /ADINTERAX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADINTERAX[4].TXT [ /ADINTERAX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADINTERAX[5].TXT [ /ADINTERAX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADLEGEND[2].TXT [ /ADLEGEND ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADPROFILE[1].TXT [ /ADPROFILE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS-VRX.ADBRITE[1].TXT [ /ADS-VRX.ADBRITE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.AD4GAME[1].TXT [ /ADS.AD4GAME ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.AS4X.TMCS[1].TXT [ /ADS.AS4X.TMCS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.ASSOCIATEDCONTENT[1].TXT [ /ADS.ASSOCIATEDCONTENT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.ASSOCIATEDCONTENT[3].TXT [ /ADS.ASSOCIATEDCONTENT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.BLUELITHIUM[1].TXT [ /ADS.BLUELITHIUM ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.BRIDGETRACK[2].TXT [ /ADS.BRIDGETRACK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.BRIDGETRACK[3].TXT [ /ADS.BRIDGETRACK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.BRIDGETRACK[4].TXT [ /ADS.BRIDGETRACK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CNN[1].TXT [ /ADS.CNN ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CPXADROIT[2].TXT [ /ADS.CPXADROIT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CPXADROIT[3].TXT [ /ADS.CPXADROIT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CRAKMEDIA[1].TXT [ /ADS.CRAKMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CRAKMEDIA[2].TXT [ /ADS.CRAKMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.CRAKMEDIA[3].TXT [ /ADS.CRAKMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.INTERGI[1].TXT [ /ADS.INTERGI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.INTERGI[2].TXT [ /ADS.INTERGI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.NASCAR[1].TXT [ /ADS.NASCAR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.NASCAR[2].TXT [ /ADS.NASCAR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.NBA[1].TXT [ /ADS.NBA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.NBA[3].TXT [ /ADS.NBA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.PGATOUR[1].TXT [ /ADS.PGATOUR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.PGATOUR[2].TXT [ /ADS.PGATOUR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[1].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[2].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[3].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[4].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[5].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.POINTROLL[6].TXT [ /ADS.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.PUBMATIC[1].TXT [ /ADS.PUBMATIC ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.SHORTTAIL[2].TXT [ /ADS.SHORTTAIL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.UNDERTONE[1].TXT [ /ADS.UNDERTONE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADS.ZEUSCLICKS[1].TXT [ /ADS.ZEUSCLICKS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.ADTECHUS[2].TXT [ /ADSERVER.ADTECHUS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.ADTECHUS[3].TXT [ /ADSERVER.ADTECHUS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.GAMESITES200[1].TXT [ /ADSERVER.GAMESITES200 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.GAMESITES200[2].TXT [ /ADSERVER.GAMESITES200 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.GAMESITES200[3].TXT [ /ADSERVER.GAMESITES200 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.GAMESITES200[4].TXT [ /ADSERVER.GAMESITES200 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.GAMESITES200[5].TXT [ /ADSERVER.GAMESITES200 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.MMOGURU[1].TXT [ /ADSERVER.MMOGURU ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER.MMOGURU[2].TXT [ /ADSERVER.MMOGURU ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADSERVER2.EXGFNETWORK[2].TXT [ /ADSERVER2.EXGFNETWORK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADTECH[2].TXT [ /ADTECH ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADTECH[3].TXT [ /ADTECH ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADULTFRIENDFINDER[1].TXT [ /ADULTFRIENDFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADULTFRIENDFINDER[3].TXT [ /ADULTFRIENDFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVANCEINTERNET.122.2O7[1].TXT [ /ADVANCEINTERNET.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[10].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[3].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[4].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[5].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[6].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[7].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[8].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADVERTISING[9].TXT [ /ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AMEX-INSIGHTS[1].TXT [ /AMEX-INSIGHTS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@APMEBF[2].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@APMEBF[3].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@APMEBF[4].TXT [ /APMEBF ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AR.ATWOLA[1].TXT [ /AR.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AR.ATWOLA[2].TXT [ /AR.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AVGTECHNOLOGIES.112.2O7[1].TXT [ /AVGTECHNOLOGIES.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@AZJMP[2].TXT [ /AZJMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BACKCOUNTRY[1].TXT [ /BACKCOUNTRY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BANNER.ADCHEMY[1].TXT [ /BANNER.ADCHEMY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BANNERS.f***[1].TXT [ /BANNERS.f*** ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BEACON.DMSINSIGHTS[2].TXT [ /BEACON.DMSINSIGHTS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BEACON.DMSINSIGHTS[3].TXT [ /BEACON.DMSINSIGHTS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BIZRATE[2].TXT [ /BIZRATE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BS.SERVING-SYS[3].TXT [ /BS.SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BURSTBEACON[2].TXT [ /BURSTBEACON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BURSTNET[1].TXT [ /BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BURSTNET[2].TXT [ /BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BURSTNET[3].TXT [ /BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@BZRESULTS.122.2O7[1].TXT [ /BZRESULTS.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@C.GIGCOUNT[1].TXT [ /C.GIGCOUNT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@C.GIGCOUNT[2].TXT [ /C.GIGCOUNT ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CARFAX.112.2O7[1].TXT [ /CARFAX.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CASALEMEDIA[2].TXT [ /CASALEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CASALEMEDIA[4].TXT [ /CASALEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CDN1.TRAFFICMP[1].TXT [ /CDN1.TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CDN1.TRAFFICMP[2].TXT [ /CDN1.TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CDN1.TRAFFICMP[3].TXT [ /CDN1.TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CHITIKA[1].TXT [ /CHITIKA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CHITIKA[2].TXT [ /CHITIKA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CITI.BRIDGETRACK[2].TXT [ /CITI.BRIDGETRACK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CITIMORTGAGE.122.2O7[1].TXT [ /CITIMORTGAGE.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CLICK.EYK[1].TXT [ /CLICK.EYK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CLICKBOOTHLNK[1].TXT [ /CLICKBOOTHLNK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CLICKTRACKS.ARISTOTLE[2].TXT [ /CLICKTRACKS.ARISTOTLE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[3].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[4].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[5].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COLLECTIVE-MEDIA[6].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[10].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[11].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[5].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[6].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[7].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@CONTENT.YIELDMANAGER[9].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COUNTER.HITSLINK[1].TXT [ /COUNTER.HITSLINK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@COUNTERS.GIGYA[1].TXT [ /COUNTERS.GIGYA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DATA.COREMETRICS[1].TXT [ /DATA.COREMETRICS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DC.TREMORMEDIA[1].TXT [ /DC.TREMORMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DEALTIME[1].TXT [ /DEALTIME ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DMTRACKER[1].TXT [ /DMTRACKER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[4].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[5].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@DOUBLECLICK[8].TXT [ /DOUBLECLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6AEK4ALCJMLP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6AEK4ALCJMLP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6AEK4UPD5MEQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6AEK4UPD5MEQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6AEKIQMDJKKO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6AEKIQMDJKKO.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6AEKYAKDJWEP.STATS.ESOMNITURE[1].TXT [ /E-2DJ6AEKYAKDJWEP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WBKICHDPGLP.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WBKICHDPGLP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WBKIEJCJMLP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WBKIEJCJMLP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFKOKPAJSFP.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WFKOKPAJSFP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFKYOLCZABQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WFKYOLCZABQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFKYOODPAAQ.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WFKYOODPAAQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFLOQJDPGFO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WFLOQJDPGFO.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFMISGCPODP.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WFMISGCPODP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WFMYGIAJECO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WFMYGIAJECO.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WGKOCKCJSCP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WGKOCKCJSCP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WGLOWLDJWEP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WGLOWLDJWEP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WGMYGLC5GEP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WGMYGLC5GEP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WHL4OPDZSCQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WHL4OPDZSCQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJKOEICZMLQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJKOEICZMLQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJKYOGCZGGQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJKYOGCZGGQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJKYUKAJODQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJKYUKAJODQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJLIWHAZSGO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJLIWHAZSGO.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJMYCOCZOKO.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WJMYCOCZOKO.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJMYUOCJAAP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJMYUOCJAAP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJMYWHDJOFQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJMYWHDJOFQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJNY-1JCPOK.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJNY-1JCPOK.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WJNY-1LCJCB.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WJNY-1LCJCB.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WMKIWNDJSLQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WMKIWNDJSLQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WMLOQKDPELQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WMLOQKDPELQ.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WMLOSMAJKLP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WMLOSMAJKLP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WMMYKHCJSGP.STATS.ESOMNITURE[1].TXT [ /E-2DJ6WMMYKHCJSGP.STATS.ESOMNITURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@E-2DJ6WNL4OHAZMAP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WNL4OHAZMAP.STATS.ESOMNITURE ]

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 7:05 am

SUPERAntiSpyware Last part....

C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EAS.APM.EMEDIATE[1].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EAS.APM.EMEDIATE[3].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EAS.APM.EMEDIATE[4].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EAS.APM.EMEDIATE[5].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EDGEADX[2].TXT [ /EDGEADX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EHG-FINDLAW.HITBOX[1].TXT [ /EHG-FINDLAW.HITBOX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ENCYCLOMEDIA[2].TXT [ /ENCYCLOMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ERO-ADVERTISING[2].TXT [ /ERO-ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EYEWONDER[1].TXT [ /EYEWONDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EYEWONDER[2].TXT [ /EYEWONDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EYEWONDER[4].TXT [ /EYEWONDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EZ-TRACKS[1].TXT [ /EZ-TRACKS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@EZTRACKS.AAVALUE[1].TXT [ /EZTRACKS.AAVALUE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FASTCLICK[3].TXT [ /FASTCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FASTCLICK[4].TXT [ /FASTCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FASTCLICK[5].TXT [ /FASTCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FIDELITY.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /FIDELITY.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FINDLAW[1].TXT [ /FINDLAW ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@FINDMISSINGKIDS[2].TXT [ /FINDMISSINGKIDS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@GIFTSCOM.122.2O7[1].TXT [ /GIFTSCOM.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@GO.EWATRACKING[1].TXT [ /GO.EWATRACKING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[1].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[3].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@HITBOX[2].TXT [ /HITBOX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@HOMEFINDER[1].TXT [ /HOMEFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@HPI.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /HPI.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@IMRWORLDWIDE[3].TXT [ /IMRWORLDWIDE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@IMRWORLDWIDE[4].TXT [ /IMRWORLDWIDE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@IN.GETCLICKY[1].TXT [ /IN.GETCLICKY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INSIGHTEXPRESSAI[1].TXT [ /INSIGHTEXPRESSAI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INSIGHTEXPRESSAI[2].TXT [ /INSIGHTEXPRESSAI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INSIGHTEXPRESSAI[4].TXT [ /INSIGHTEXPRESSAI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INTERCLICK[1].TXT [ /INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INTERMUNDOMEDIA[2].TXT [ /INTERMUNDOMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[10].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[3].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[4].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[5].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[6].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[7].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[8].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@INVITEMEDIA[9].TXT [ /INVITEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@KITARAMEDIA.122.2O7[1].TXT [ /KITARAMEDIA.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@KITARAMEDIA.122.2O7[2].TXT [ /KITARAMEDIA.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@KONTERA[1].TXT [ /KONTERA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@KONTERA[2].TXT [ /KONTERA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@KONTERA[3].TXT [ /KONTERA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LEGOLAS-MEDIA[1].TXT [ /LEGOLAS-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LEGOLAS-MEDIA[3].TXT [ /LEGOLAS-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LEGOLAS-MEDIA[4].TXT [ /LEGOLAS-MEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LFSTMEDIA[1].TXT [ /LFSTMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LINKSYNERGY[1].TXT [ /LINKSYNERGY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[1].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[2].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[5].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[6].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[7].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[8].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LIVEPERSON[9].TXT [ /LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[10].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[11].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[1].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[2].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[3].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[4].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@LUCIDMEDIA[7].TXT [ /LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@M1.WEBSTATS.MOTIGO[1].TXT [ /M1.WEBSTATS.MOTIGO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDHELPINTERNATIONAL.112.2O7[1].TXT [ /MEDHELPINTERNATIONAL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA.ADFRONTIERS[2].TXT [ /MEDIA.ADFRONTIERS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA2.LEGACY[2].TXT [ /MEDIA2.LEGACY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA2.LEGACY[3].TXT [ /MEDIA2.LEGACY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[3].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[4].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[5].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[6].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[7].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIA6DEGREES[8].TXT [ /MEDIA6DEGREES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIABRANDSWW[1].TXT [ /MEDIABRANDSWW ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIABRANDSWW[2].TXT [ /MEDIABRANDSWW ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIABRANDSWW[4].TXT [ /MEDIABRANDSWW ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIAFIRE[1].TXT [ /MEDIAFIRE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIAFIRE[2].TXT [ /MEDIAFIRE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIAFORGE[2].TXT [ /MEDIAFORGE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIAMATTERS[1].TXT [ /MEDIAMATTERS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MEDIASERVICES-D.OPENXENTERPRISE[2].TXT [ /MEDIASERVICES-D.OPENXENTERPRISE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MLBAM.112.2O7[1].TXT [ /MLBAM.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MLSFINDER[1].TXT [ /MLSFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MLSFINDER[2].TXT [ /MLSFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@MM.CHITIKA[1].TXT [ /MM.CHITIKA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@NETWORK.REALMEDIA[1].TXT [ /NETWORK.REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@NETWORK.REALMEDIA[2].TXT [ /NETWORK.REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@NEXTAG[1].TXT [ /NEXTAG ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@NHL.112.2O7[1].TXT [ /NHL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@NHL.112.2O7[2].TXT [ /NHL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@OVERTURE[2].TXT [ /OVERTURE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PAYPAL.112.2O7[1].TXT [ /PAYPAL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PAYPAL.112.2O7[2].TXT [ /PAYPAL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PAYPAL.112.2O7[3].TXT [ /PAYPAL.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PEOPLEFINDERS[2].TXT [ /PEOPLEFINDERS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@POINTROLL[1].TXT [ /POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PORNMIX[1].TXT [ /PORNMIX ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PRO-MARKET[1].TXT [ /PRO-MARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PRO-MARKET[3].TXT [ /PRO-MARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@PUBLISHERS.CLICKBOOTH[2].TXT [ /PUBLISHERS.CLICKBOOTH ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QKSRV[2].TXT [ /QKSRV ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[1].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[3].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[4].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[5].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[6].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[8].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@QUESTIONMARKET[9].TXT [ /QUESTIONMARKET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@R1-ADS.ACE.ADVERTISING[2].TXT [ /R1-ADS.ACE.ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@RDS.ADPROFILE[1].TXT [ /RDS.ADPROFILE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REALMEDIA[2].TXT [ /REALMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVENUE[1].TXT [ /REVENUE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[1].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[2].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[3].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[4].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[5].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@REVSCI[7].TXT [ /REVSCI ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@RICHMEDIA.YAHOO[1].TXT [ /RICHMEDIA.YAHOO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@RICHMEDIA.YAHOO[2].TXT [ /RICHMEDIA.YAHOO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@RICHMEDIA.YAHOO[3].TXT [ /RICHMEDIA.YAHOO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ROISERVICE[1].TXT [ /ROISERVICE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ROTATOR.ADJUGGLER[1].TXT [ /ROTATOR.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ROTATOR.HADJ7.ADJUGGLER[1].TXT [ /ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@RU4[2].TXT [ /RU4 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SALES.LIVEPERSON[1].TXT [ /SALES.LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVER.CPMSTAR[1].TXT [ /SERVER.CPMSTAR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVER.CPMSTAR[3].TXT [ /SERVER.CPMSTAR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVER.IAD.LIVEPERSON[1].TXT [ /SERVER.IAD.LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVER.IAD.LIVEPERSON[2].TXT [ /SERVER.IAD.LIVEPERSON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVING-SYS[3].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVING-SYS[4].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SERVING-SYS[5].TXT [ /SERVING-SYS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SIXFLAGS.122.2O7[1].TXT [ /SIXFLAGS.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@SPECIFICMEDIA[2].TXT [ /SPECIFICMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATCOUNTER[2].TXT [ /STATCOUNTER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATCOUNTER[3].TXT [ /STATCOUNTER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATS.BOTWIZARD[1].TXT [ /STATS.BOTWIZARD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATS.PAYPAL[2].TXT [ /STATS.PAYPAL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATSE.WEBTRENDSLIVE[1].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STATSE.WEBTRENDSLIVE[3].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STEELHOUSEMEDIA[1].TXT [ /STEELHOUSEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@STEELHOUSEMEDIA[3].TXT [ /STEELHOUSEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@T.POINTROLL[1].TXT [ /T.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@T.POINTROLL[2].TXT [ /T.POINTROLL ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[1].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[2].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[3].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[4].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[5].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TACODA.AT.ATWOLA[6].TXT [ /TACODA.AT.ATWOLA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TARGET.DB.ADVERTISING[1].TXT [ /TARGET.DB.ADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TEST.COREMETRICS[2].TXT [ /TEST.COREMETRICS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRACKING.FOXNEWS[1].TXT [ /TRACKING.FOXNEWS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRACKING.REALTOR[1].TXT [ /TRACKING.REALTOR ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRAFFICMP[1].TXT [ /TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRAFFICMP[3].TXT [ /TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRAFFICMP[4].TXT [ /TRAFFICMP ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRAVELADVERTISING[1].TXT [ /TRAVELADVERTISING ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRIBALFUSION[3].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRIBALFUSION[4].TXT [ /TRIBALFUSION ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@TRVLNET.ADBUREAU[1].TXT [ /TRVLNET.ADBUREAU ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@USATODAY1.112.2O7[1].TXT [ /USATODAY1.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@USER.LUCIDMEDIA[1].TXT [ /USER.LUCIDMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@USNEWS.122.2O7[1].TXT [ /USNEWS.122.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@WALMART.112.2O7[1].TXT [ /WALMART.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@WALMART.112.2O7[2].TXT [ /WALMART.112.2O7 ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.911ADNETWORK ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BACKCOUNTRY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTBEACON ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.BURSTNET ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.ENCYCLOMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.EZ-TRACKS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MLSFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MLSFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MLSFINDER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MMORPGTOPLIST ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MMORPGTOPLIST ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.MMORPGTOPLIST ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.ONETRUEMEDIA ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.PEOPLEFINDERS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.QKSRV ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.SEXOFFENDERREGISTRY ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.TRACKIMIZER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@[You must be registered and logged in to see this link.] [ /WWW.TRACKLEAD ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@WWW5.ADDFREESTATS[1].TXT [ /WWW5.ADDFREESTATS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@WWW8.ADDFREESTATS[1].TXT [ /WWW8.ADDFREESTATS ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YADRO[1].TXT [ /YADRO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YIELDMANAGER[2].TXT [ /YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YIELDMANAGER[3].TXT [ /YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YIELDMANAGER[5].TXT [ /YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@YIELDMANAGER[6].TXT [ /YIELDMANAGER ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[1].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[3].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[4].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[5].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[6].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[7].TXT [ /ZEDO ]
C:\USERS\FAMILY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FAMILY@ZEDO[8].TXT [ /ZEDO ]
.atdmt.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sexad.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
[You must be registered and logged in to see this link.] [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.beta-ads.ace.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
[You must be registered and logged in to see this link.] [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xxxbunker.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xxxbunker.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xxxbunker.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xxxbunker.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xxxbunker.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpansion.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.sexpillguru.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.zeusclicks.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.bridgetrack.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.crakmedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syndication.traffichaus.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WILLS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.complexmedianetwork.com [ C:\USERS\WILLS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
ds.serving-sys.com [ C:\USERS\WILLS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
media.mtvnservices.com [ C:\USERS\WILLS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
s0.2mdn.net [ C:\USERS\WILLS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
[You must be registered and logged in to see this link.] [ C:\USERS\WILLS\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
ad.insightexpressai.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
data-ero-advertising.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
files.youporn.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
flash.xxxbunker.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
media.adxpansion.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
objects.tremormedia.com [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
s0.2mdn.net [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
stat.easydate.biz [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
[You must be registered and logged in to see this link.] [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]
[You must be registered and logged in to see this link.] [ C:\USERS\WILLS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TK74PLBB ]

Adware.MyWebSearch/FunWebProducts
(x86) HKLM\SOFTWARE\FunWebProducts
(x86) HKLM\SOFTWARE\FunWebProducts\Installer
(x86) HKLM\SOFTWARE\FunWebProducts\Installer#Dir
(x86) HKLM\SOFTWARE\FunWebProducts\Installer#PluginPath
(x86) HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
(x86) HKLM\SOFTWARE\FunWebProducts\Installer#sr
(x86) HKLM\SOFTWARE\FunWebProducts\Installer#pl
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\chrome
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3EZSETP.DLL
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL
C:\Program Files (x86)\FunWebProducts\Installr\1.bin
C:\Program Files (x86)\FunWebProducts\Installr\2.bin
C:\Program Files (x86)\FunWebProducts\Installr\3.bin
C:\Program Files (x86)\FunWebProducts\Installr\4.bin
C:\Program Files (x86)\FunWebProducts\Installr\5.bin
C:\Program Files (x86)\FunWebProducts\Installr\6.bin
C:\Program Files (x86)\FunWebProducts\Installr\7.bin
C:\Program Files (x86)\FunWebProducts\Installr
C:\Program Files (x86)\FunWebProducts

Browser Hijacker.Deskbar
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

PUP.StartNow Toolbar
C:\Program Files (x86)\StartNow Toolbar\ToolbarBroker.exe
C:\Program Files (x86)\StartNow Toolbar
(x86) HKU\S-1-5-21-1403100644-2643874596-638605949-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}

Trojan.Agent/Gen-StartPage
C:\USERS\FAMILY\APPDATA\LOCALLOW\FCSB000062035\TOOLBAR\UNINST.EXE

PotentiallyUnwanted.CNETInstaller
C:\USERS\WILLS\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_HC2SETUP_EXE.EXE

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 7:08 am

Malwarebytes Anti Malware.....

Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.02.02.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
wills :: FAMILY-PC [administrator]

2/2/2012 11:00:10 AM
mbam-log-2012-02-02 (11-00-10).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 507792
Time elapsed: 3 hour(s), 22 minute(s), 50 second(s)

Memory Processes Detected: 1
C:\Users\wills\AppData\Local\Temp\System\mvscavAP.exe (Trojan.Agent) -> 4412 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{Y18RLJXI-4TGW-73W7-N61G-B8TH60387638} (Backdoor.SpyNet) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{Y18RLJXI-4TGW-73W7-N61G-B8TH60387638} (Backdoor.SpyNet) -> Quarantined and deleted successfully.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKLM (Backdoor.SpyNet) -> Data: C:\Windows\system32\WinDir\Svchost.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.SpyNet) -> Data: C:\Windows\system32\WinDir\Svchost.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.SpyNet) -> Data: C:\Windows\system32\WinDir\Svchost.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKCU (Trojan.Agent) -> Data: C:\Users\wills\AppData\Roaming\WinDir\Svchost.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft® Windows® Operating System (Trojan.Agent) -> Data: C:\Users\wills\AppData\Local\Temp\System\mvscavAP.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\Program Files (x86)\Object (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\skin (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Files Detected: 32
C:\Users\Family\GrinderscapeCache\WorldMap.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\WinDir\Svchost.exe (Backdoor.SpyNet) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\WinDir\Svchost.exe (Backdoor.SpyNet) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Local\Temp\pws_mail.bss (Stolen.Data) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Local\Temp\pws_mess.bss (Stolen.Data) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Roaming\WinDir\Svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Roaming\test (Stolen.Data) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\config.ini (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\enable.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\status2.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\files (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Local\Temp\System\mvscavAP.exe (Trojan.Agent) -> Delete on reboot.

(end)

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 7:09 am

DDS log...

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by wills at 0:34:20 on 2012-02-03
.
============== Running Processes ===============
.
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Users\wills\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\ProgramData\WeCareReminder\ReminderHelper.exe
C:\Program Files (x86)\DealBulldog Toolbar\TbHelper2.exe
C:\Users\wills\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
uSearch Bar = Preserve
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - C:\Program Files (x86)\DealBulldog Toolbar\tbhelper.dll
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: IMinent WebBooster (BHO): {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
TB: DealBulldog Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {167D9323-F7CC-48F5-948A-6F012831A69F} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Spotify] "C:\Users\wills\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Google Update] "C:\Users\wills\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Microsoft Intel Security] C:\Users\wills\AppData\Roaming\winsecurity.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: []
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{30DAE1AC-CEFF-4645-AC04-1B6F614923AF} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{30DAE1AC-CEFF-4645-AC04-1B6F614923AF}\2375942554136353 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{30DAE1AC-CEFF-4645-AC04-1B6F614923AF}\25F4C4C40245944454 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{30DAE1AC-CEFF-4645-AC04-1B6F614923AF}\94D6022496C6C6020516274697 : DhcpNameServer = 192.168.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: TBSB01620 Class: {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
BHO-X64: TBSB01620 - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO-X64: IMinent WebBooster - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
BHO-X64: MediaBar - No File
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO-X64: SMTTB2009 - No File
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
TB-X64: IMinent Toolbar: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
TB-X64: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB-X64: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {167D9323-F7CC-48F5-948A-6F012831A69F} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? fssfltr;fssfltr
R? fsssvc;Windows Live Family Safety Service
R? netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit
R? osppsvc;Office Software Protection Platform
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SrvHsfHDA;SrvHsfHDA
R? SrvHsfV92;SrvHsfV92
R? SrvHsfWinac;SrvHsfWinac
R? TsUsbFlt;TsUsbFlt
R? USBAAPL64;Apple Mobile USB Driver
R? WatAdminSvc;Windows Activation Technologies Service
R? wlcrasvc;Windows Live Mesh remote connections service
R? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller
S? !SASCORE;SAS Core Service
S? AERTFilters;Andrea RT Filters Service
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? Avgldx64;AVG AVI Loader Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? cvhsvc;Client Virtualization Handler
S? Hamachi2Svc;LogMeIn Hamachi Tunneling Engine
S? HPWMISVC;HPWMISVC
S? InstallBrainService;InstallBrain Updater Service
S? IntcHdmiAddService;Intel(R) High Definition Audio HDMI
S? RTL8167;Realtek 8167 NT Driver
S? rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver
S? RtVOsdService;RtVOsdService Installer
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? Sftfs;Sftfs
S? sftlist;Application Virtualization Client
S? Sftplay;Sftplay
S? Sftredir;Sftredir
S? Sftvol;Sftvol
S? sftvsa;Application Virtualization Service Agent
S? TeamViewer6;TeamViewer 6
S? TeamViewer7;TeamViewer 7
S? TomTomHOMEService;TomTomHOMEService
S? vwififlt;Virtual WiFi Filter Driver
.
=============== Created Last 30 ================
.
2012-02-02 16:56:58 709968 ----a-w- C:\Windows\isRS-000.tmp
2012-02-02 16:53:30 -------- d-----w- C:\Users\wills\AppData\Roaming\Malwarebytes
2012-02-02 16:52:50 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-02 16:52:46 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-02 16:52:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-02 07:26:42 -------- d-----w- C:\Users\wills\AppData\Roaming\SUPERAntiSpyware.com
2012-02-02 07:22:43 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-02-02 07:22:43 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-01-31 02:02:00 -------- d--h--w- C:\$AVG
2012-01-29 04:40:38 -------- d-----w- C:\Users\wills\.DemonScape
2012-01-28 22:56:36 -------- d-----w- C:\.exemptionx_cache_32
2012-01-28 22:27:06 -------- d-----w- C:\Users\wills\quarterxbeta
2012-01-28 21:15:55 47 ----a-w- C:\Users\wills\AppData\Roaming\pill.bat
2012-01-28 21:13:45 34304 ----a-w- C:\Users\wills\AppData\Roaming\bonk.exe
2012-01-27 23:49:40 -------- d-----w- C:\Users\wills\jagexcache2
2012-01-25 21:33:58 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-01-25 21:33:58 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-01-25 21:33:58 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2012-01-25 21:33:57 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-01-25 21:33:57 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-01-25 21:33:57 395776 ----a-w- C:\Windows\System32\webio.dll
2012-01-25 21:33:57 31232 ----a-w- C:\Windows\System32\lsass.exe
2012-01-25 21:33:57 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2012-01-25 21:33:57 28160 ----a-w- C:\Windows\System32\secur32.dll
2012-01-25 21:33:57 136192 ----a-w- C:\Windows\System32\sspicli.dll
2012-01-24 23:48:32 -------- d-----w- C:\Users\wills\.jagex_cache_32
2012-01-24 02:24:31 -------- d-----w- C:\Users\wills\AppData\Roaming\EpicBot
2012-01-24 02:20:29 -------- d-----w- C:\Program Files (x86)\EpicBot
2012-01-23 18:37:24 -------- d-----w- C:\Program Files (x86)\DealBulldog Toolbar
2012-01-23 18:37:19 -------- d-----w- C:\Users\wills\AppData\Local\TempDIR
2012-01-23 18:37:05 -------- d-----w- C:\ProgramData\WeCareReminder
2012-01-23 13:26:21 -------- d-----w- C:\Program Files\iPod
2012-01-23 13:26:20 -------- d-----w- C:\Program Files\iTunes
2012-01-22 23:06:36 -------- d-----w- C:\Users\wills\AppData\Local\Apps
2012-01-22 23:06:35 -------- d-----w- C:\Users\wills\AppData\Local\Deployment
2012-01-22 02:56:27 -------- d-sh--w- C:\found.001
2012-01-11 04:44:37 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 04:44:37 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 04:44:35 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 04:44:34 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-09 12:46:14 -------- d-----w- C:\Users\wills\AppData\Local\PunkBuster
2012-01-09 04:58:43 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-01-09 04:58:16 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-01-07 05:12:24 -------- d-----w- C:\Users\wills\AppData\Local\SoftGrid Client
2012-01-07 05:12:18 -------- d-----w- C:\Users\wills\AppData\Roaming\SoftGrid Client
.
==================== Find3M ====================
.
2012-01-09 12:46:18 281200 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-01-09 12:46:18 281200 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-01-09 05:00:43 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-01-09 05:00:33 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-26 17:43:37 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 0:46:26.94 ===============

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 03, 2012 7:11 am

The last log, DDS Attach....

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/27/2010 11:12:04 PM
System Uptime: 2/2/2012 11:39:13 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 1484
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | CPU | 2300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 220.15 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 2.361 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.093 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP138: 1/22/2012 6:58:20 PM - Installed RuneScape Launcher 1.2
RP139: 1/25/2012 10:10:03 PM - Windows Update
RP140: 1/29/2012 1:18:06 PM - Removed RuneScape Launcher 1.2
RP141: 1/29/2012 1:34:09 PM - Removed RuneScape Launcher 1.2
RP142: 1/29/2012 1:58:29 PM - Restore Operation
RP143: 1/30/2012 9:52:33 PM - OTL Restore Point - 1/30/2012 9:52:28 PM
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Reader 9.4.6 MUI
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
ASPCA Reminder by We-Care.com v5.0.5.1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 8
CyberLink YouCam
D3DX10
DealBulldog Toolbar
EpicBot
ESU for Microsoft Windows 7
Google Chrome
HP Advisor
HP Customer Experience Enhancements
HP Officejet 6500 E710n-z Help
HP Setup
HP Smart Web Printing
HP Software Framework
HP Update
HP User Guides 0183
HP Wireless Assistant
I.R.I.S. OCR
IMinent Toolbar
InstallBrain Updater Service
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
League of Legends
LogMeIn Hamachi
LOLReplay
Malwarebytes Anti-Malware version 1.60.1.1000
Mesh Runtime
Messenger Companion
Microsoft Live Search Toolbar
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 5.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
NVIDIA PhysX
PunkBuster Services
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Software
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype Click to Call
Skype™ 5.5
Spotify
Steam
SwiftKit
swMSM
TeamViewer 6
TeamViewer 7
Terraria
TomTom HOME 2.8.0.2146
TomTom HOME Visual Studio Merge Modules
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Visual Studio 2008 x64 Redistributables
Walmart MP3 Music Downloads
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.01 (32-bit)
Yahoo! Detect
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
2/3/2012 12:44:34 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 4 time(s).
2/3/2012 12:27:16 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).
2/3/2012 12:08:58 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/2/2012 9:47:05 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
2/2/2012 9:11:47 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer DAVE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B1C37E3B-B951-43ED-ABF4-689BF7BDA2BA}. The master browser is stopping or an election is being forced.
2/2/2012 8:31:39 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
2/2/2012 8:30:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
2/2/2012 8:30:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
2/2/2012 8:30:36 AM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/2/2012 8:29:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/2/2012 8:29:31 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/2/2012 8:26:36 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service.
2/2/2012 7:41:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
2/2/2012 7:30:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
2/2/2012 5:14:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Hamachi2Svc service.
2/2/2012 5:06:20 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JAKE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B1C37E3B-B951-43ED-ABF4-689BF7BDA2BA}. The master browser is stopping or an election is being forced.
2/2/2012 11:57:21 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/2/2012 11:29:53 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
2/2/2012 11:27:47 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
2/2/2012 11:21:28 PM, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
2/2/2012 11:20:07 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 7 time(s).
2/2/2012 11:01:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.
2/2/2012 11:01:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
2/2/2012 10:34:24 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 6 time(s).
2/2/2012 10:14:34 AM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 5 time(s).
2/1/2012 4:28:56 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
2/1/2012 11:29:23 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 9 time(s).
2/1/2012 11:20:09 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 8 time(s).
2/1/2012 10:25:51 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
2/1/2012 10:25:39 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{30DAE1AC-CEFF-4645-AC04-1B6F614923AF} because another computer on the network has the same name. The server could not start.
1/31/2012 12:28:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
1/31/2012 12:28:25 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/31/2012 12:19:44 PM, Error: Service Control Manager [7022] - The RtVOsdService Installer service hung on starting.
1/31/2012 11:54:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
1/31/2012 11:02:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
1/31/2012 10:59:22 AM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
1/31/2012 10:57:18 AM, Error: Service Control Manager [7022] - The Software Protection service hung on starting.
1/31/2012 1:48:15 PM, Error: Service Control Manager [7034] - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).
1/30/2012 7:44:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
1/30/2012 7:43:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.
1/30/2012 7:42:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
1/30/2012 7:41:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
1/30/2012 7:40:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
1/30/2012 7:39:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
1/30/2012 7:38:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
1/30/2012 7:22:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.
1/30/2012 7:22:07 AM, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 5:46:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
1/30/2012 5:44:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
1/30/2012 5:27:18 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The specified module could not be found.
1/30/2012 5:23:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
1/30/2012 5:22:45 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
1/30/2012 4:33:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
1/30/2012 4:33:28 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 4:07:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect.
1/30/2012 4:07:56 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 4:07:56 PM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 4:07:56 PM, Error: Service Control Manager [7000] - The Peer Networking Identity Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 3:45:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
1/30/2012 3:45:09 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/30/2012 3:45:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
1/30/2012 10:35:07 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 5.49.96.30. The computer with the IP address 5.124.135.241 did not allow the name to be claimed by this computer.
1/29/2012 9:22:19 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
1/29/2012 6:34:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.
1/29/2012 2:22:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
1/29/2012 2:22:07 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/29/2012 10:48:37 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer USER-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{30DAE1AC-CEFF-4645-AC04-1B6F614923AF}. The master browser is stopping or an election is being forced.
1/29/2012 1:47:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wbengine service.
1/27/2012 6:59:03 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer NICK-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B1C37E3B-B951-43ED-ABF4-689BF7BDA2BA}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Fri Feb 03, 2012 7:33 pm

One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files

Read this article: Danger: [You must be registered and logged in to see this link.]

If your computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one! If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach.

I would counsel you to disconnect this PC from the Internet immediately.

Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

We can attempt to clean this machine but i can't guarantee that it will be 100% secure afterwards.

Should you have any questions, please feel free to ask.

Please let us know what you have decided to do in your next post

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sat Feb 04, 2012 5:46 am

Crap

I have used the computer for banking and made purchases with debit cards. I am in the process of changing the information as you suggested. The computer is mainly used by my son now, he plays games, listens to music, and watches videos. After talking to him he said he has used Team Viewer which allows him to get help leveling up as well as help others do the same.

I have wireless router at home for laptops, tablets, Ipods etc. Any chance the other devices are infected being on the same router?

ETA: Can you tell how long the computer has been infected? And by which virus(es)? Any other info would help my decision. I am thinking of wiping the computer clean and keep it as a gaming only computer afterwards.

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Sat Feb 04, 2012 7:14 pm

I have wireless router at home for laptops, tablets, Ipods etc. Any chance the other devices are infected being on the same router?
No. They should be safe providing they have the proper security programs.

Can you tell how long the computer has been infected? And by which virus(es)? Any other info would help my decision. I am thinking of wiping the computer clean and keep it as a gaming only computer afterwards. .
It's difficult to say but it probably started when your computer started to slow down. Here are some of the infections:
Code:
HKCR\CLSID\{Y18RLJXI-4TGW-73W7-N61G-B8TH60387638} (Backdoor.SpyNet
C:\Windows\SysWOW64\WinDir\Svchost.exe (Backdoor.SpyNet) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Local\Temp\pws_mail.bss (Stolen.Data) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Local\Temp\pws_mess.bss (Stolen.Data) -> Quarantined and deleted successfully.
C:\Users\wills\AppData\Roaming\WinDir\Svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

If you don't intend to use it for financial transactions we can clean it or you can wipe it. The decision is yours to make.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sun Feb 05, 2012 5:02 pm

I would like to have it cleaned, so what to do from here?

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Sun Feb 05, 2012 7:24 pm

Download Combofix from any of the links below, and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [URL="http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications.html"]here[/URL] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Mon Feb 06, 2012 4:19 am

Will I be able to save any documents, photos, etc. before this process without carrying the virus with them?

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Mon Feb 06, 2012 8:03 pm

Will I be able to save any documents, photos, etc. before this process without carrying the virus with them?.
Yes. You should save your documents etc to DVD-RW's just in case everything goes south. Be sure to scan them with at least two good AV programs before re-installing them.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 07, 2012 2:59 am

After running ComboFix does the log open in notepad? I don't think i'm getting the log....

Scratch that it was just really slow.

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 07, 2012 4:04 am

I temporary disabled my AVG but during the completion of the log AVG recognizes Combo Fix as a threat. What to do?

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 07, 2012 8:21 am

Here is the log....

ComboFix 12-02-06.02 - wills 02/06/2012 23:04:20.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3003.1829 [GMT -6:00]
Running from: c:\users\wills\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files (x86)\DealBulldog Toolbar
c:\program files (x86)\DealBulldog Toolbar\affid.dat
c:\program files (x86)\DealBulldog Toolbar\alert_plugin.dll
c:\program files (x86)\DealBulldog Toolbar\basis.xml
c:\program files (x86)\DealBulldog Toolbar\icons.bmp
c:\program files (x86)\DealBulldog Toolbar\info.txt
c:\program files (x86)\DealBulldog Toolbar\install.ico
c:\program files (x86)\DealBulldog Toolbar\MacroParserPlugin.dll
c:\program files (x86)\DealBulldog Toolbar\mbback.bmp
c:\program files (x86)\DealBulldog Toolbar\mbbigopen.bmp
c:\program files (x86)\DealBulldog Toolbar\mbclose.bmp
c:\program files (x86)\DealBulldog Toolbar\mbfwd.bmp
c:\program files (x86)\DealBulldog Toolbar\mbsep.bmp
c:\program files (x86)\DealBulldog Toolbar\nav1c.bmp
c:\program files (x86)\DealBulldog Toolbar\somoto.dll
c:\program files (x86)\DealBulldog Toolbar\TbCommonUtils.dll
c:\program files (x86)\DealBulldog Toolbar\tbcore3.dll
c:\program files (x86)\DealBulldog Toolbar\tbcore3.inf
c:\program files (x86)\DealBulldog Toolbar\tbhelper.dll
c:\program files (x86)\DealBulldog Toolbar\TbHelper2.exe
c:\program files (x86)\DealBulldog Toolbar\uninstall.exe
c:\program files (x86)\DealBulldog Toolbar\UninstallToolbar.exe
c:\program files (x86)\DealBulldog Toolbar\update.exe
c:\program files (x86)\DealBulldog Toolbar\version.txt
c:\program files (x86)\Shop to Win
c:\program files (x86)\Shop to Win\TestFeeds\DisableStatus.xml
c:\program files (x86)\Shop to Win\TestFeeds\DisableStatusDirection.xml
c:\program files (x86)\Shop to Win\TestFeeds\GenericPopup.xml
c:\program files (x86)\Shop to Win\TestFeeds\MainStatus.xml
c:\program files (x86)\Shop to Win\TestFeeds\ShoppingConfirmation.xml
c:\program files (x86)\Shop to Win\unins001.dat
c:\users\wills\AppData\Local\TempDIR
c:\users\wills\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\wills\AppData\Roaming\bonk.exe
c:\users\wills\AppData\Roaming\willslog.dat
c:\users\wills\AppData\Roaming\Windir
c:\users\wills\Documents\ShopToWin
c:\windows\SysWow64\windir
.
.
((((((((((((((((((((((((( Files Created from 2012-01-07 to 2012-02-07 )))))))))))))))))))))))))))))))
.
.
2012-02-07 05:15 . 2012-02-07 05:15 -------- d-----w- c:\users\Family\AppData\Local\temp
2012-02-07 05:15 . 2012-02-07 05:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-07 00:38 . 2012-02-07 00:38 -------- d-----w- c:\users\Family\AppData\Roaming\AVG2012
2012-02-07 00:37 . 2012-02-07 00:37 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-02-02 16:53 . 2012-02-02 16:53 -------- d-----w- c:\users\wills\AppData\Roaming\Malwarebytes
2012-02-02 16:52 . 2012-02-03 05:58 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 16:52 . 2012-02-03 05:22 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 16:52 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 07:26 . 2012-02-02 07:26 -------- d-----w- c:\users\wills\AppData\Roaming\SUPERAntiSpyware.com
2012-02-02 07:22 . 2012-02-03 06:10 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-02 07:22 . 2012-02-02 07:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-31 02:02 . 2012-01-31 02:02 -------- d-----w- C:\$AVG
2012-01-29 04:40 . 2012-01-30 15:16 -------- d-----w- c:\users\wills\.DemonScape
2012-01-28 22:56 . 2012-01-30 15:14 -------- d-----w- C:\.exemptionx_cache_32
2012-01-28 21:15 . 2012-01-28 21:15 47 ----a-w- c:\users\wills\AppData\Roaming\pill.bat
2012-01-27 23:49 . 2012-01-27 23:49 -------- d-----w- c:\users\wills\jagexcache2
2012-01-25 21:33 . 2011-11-17 06:49 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-25 21:33 . 2011-11-17 06:35 340992 ----a-w- c:\windows\system32\schannel.dll
2012-01-25 21:33 . 2011-11-17 06:35 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-25 21:33 . 2011-11-17 06:49 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-25 21:33 . 2011-11-17 06:44 459232 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-25 21:33 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2012-01-25 21:33 . 2011-11-17 06:35 29184 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-25 21:33 . 2011-11-17 06:35 136192 ----a-w- c:\windows\system32\sspicli.dll
2012-01-25 21:33 . 2011-11-17 06:35 28160 ----a-w- c:\windows\system32\secur32.dll
2012-01-25 21:33 . 2011-11-17 06:33 31232 ----a-w- c:\windows\system32\lsass.exe
2012-01-24 23:48 . 2012-01-30 15:16 -------- d-----w- c:\users\wills\.jagex_cache_32
2012-01-24 02:24 . 2012-01-30 15:16 -------- d-----w- c:\users\wills\AppData\Roaming\EpicBot
2012-01-24 02:20 . 2012-01-30 15:16 -------- d-----w- c:\program files (x86)\EpicBot
2012-01-23 18:37 . 2012-01-30 15:16 -------- d-----w- c:\programdata\WeCareReminder
2012-01-23 13:26 . 2012-01-30 15:16 -------- d-----w- c:\program files\iPod
2012-01-23 13:26 . 2012-01-30 15:16 -------- d-----w- c:\program files\iTunes
2012-01-22 23:06 . 2012-01-22 23:06 -------- d-----w- c:\users\wills\AppData\Local\Apps
2012-01-22 23:06 . 2012-01-22 23:07 -------- d-----w- c:\users\wills\AppData\Local\Deployment
2012-01-22 02:56 . 2012-01-22 02:56 -------- d-----w- C:\found.001
2012-01-11 04:44 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 04:44 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 04:44 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 04:44 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-09 12:46 . 2012-01-09 12:46 -------- d-----w- c:\users\wills\AppData\Local\PunkBuster
2012-01-09 04:58 . 2012-01-09 04:58 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-01-09 04:58 . 2012-01-09 04:58 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-09 12:46 . 2012-01-09 12:46 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-01-09 12:46 . 2012-01-09 05:00 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-01-09 05:00 . 2012-01-09 05:00 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-01-09 05:00 . 2012-01-09 05:00 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-11-26 17:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-11-24 04:52 . 2011-12-13 22:01 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01 . 2012-01-11 04:44 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-11-18 02:28 . 2011-11-18 02:28 18944 ----a-r- c:\users\wills\AppData\Roaming\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2011-11-17 05:38 . 2012-01-11 04:44 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-11-17 05:35 . 2012-01-25 21:33 314880 ----a-w- c:\windows\SysWow64\webio.dll
2011-11-17 05:34 . 2012-01-25 21:33 224768 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-17 05:34 . 2012-01-25 21:33 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2011-11-17 05:28 . 2012-01-25 21:33 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 15:54 2607872 ----a-w- c:\program files (x86)\IMinent Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-07-22 23:53 787744 ----a-w- c:\program files (x86)\Yontoo Layers\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files (x86)\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]
.
[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-12-21 1242448]
"Spotify"="c:\users\wills\AppData\Roaming\Spotify\Spotify.exe" [2012-01-30 4009648]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-09 5486464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe [2011-12-19 493568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-02 2343816]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
S2 InstallBrainService;InstallBrain Updater Service;c:\program files (x86)\InstallBrainService\InstallBrainService.exe [2011-12-14 512848]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - tdx
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003Core.job
- c:\users\wills\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22 23:07]
.
2012-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003UA.job
- c:\users\wills\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22 23:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-03-22 6489704]
"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2010-01-13 995840]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-15 172032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uLocal Page = c:\windows\system32\blank.htm
mStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Weather - c:\program files (x86)\AWS\WeatherBug\Weather.exe
Wow6432Node-HKCU-Run-Microsoft Intel Security - c:\users\wills\AppData\Roaming\winsecurity.exe
Toolbar-10 - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-DealBulldog Toolbar - c:\program files (x86)\DealBulldog Toolbar\UninstallToolbar.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2012-02-07 00:30:11 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-07 06:30
.
Pre-Run: 245,189,500,928 bytes free
Post-Run: 244,846,981,120 bytes free
.
- - End Of File - - 968CDF74CF8EB892639DB395388188A1

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 07, 2012 6:37 pm

Please download [You must be registered and logged in to see this link.] and Save it to your desktop.

  • Double click it to start the tool.Vista and Windows7 run as administrator.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

***********************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 07, 2012 10:06 pm

Rooter scan...Rooter.exe (v1.0.2) by Eric_71
.
The token does not have the SeDebugPrivilege privilege ! (error:1300)
Can not acquire SeDebugPrivilege !
Please run the tool as administrator ..

.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
.
Error OpenService (wscsvc) : 6
Error OpenSCManager : 5
Error OpenService (MpsSvc) : 6
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 8.0.7601.17514
Mozilla Firefox 5.0.1 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:283 Go - Free:228 Go )
D:\ [Fixed-NTFS] .. ( Total:14 Go - Free:2 Go )
E:\ [Fixed-FAT32] .. ( Total:0 Go - Free:0 Go )
F:\ [CD_Rom]
Q:\ [Fixed-FAT32] .. ( Total:0 Go - Free:0 Go )
.
Scan : 15:08.23
Path : C:\Users\wills\Desktop\Rooter.exe
User : wills ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
Locked smss.exe (300)
Locked avgrsa.exe (396)
Locked avgcsrva.exe (428)
Locked csrss.exe (780)
Locked wininit.exe (836)
Locked csrss.exe (848)
Locked services.exe (896)
Locked winlogon.exe (924)
Locked lsass.exe (936)
Locked lsm.exe (944)
Locked svchost.exe (392)
Locked svchost.exe (672)
Locked svchost.exe (740)
Locked svchost.exe (884)
Locked svchost.exe (1008)
Locked svchost.exe (1164)
Locked svchost.exe (1260)
Locked spoolsv.exe (1504)
Locked svchost.exe (1532)
Locked svchost.exe (1616)
Locked SASCore64.exe (1664)
Locked AERTSr64.exe (1684)
Locked AppleMobileDeviceService.exe (1704)
Locked avgwdsvc.exe (1800)
Locked mDNSResponder.exe (1824)
Locked hamachi-2.exe (1916)
Locked HPWMISVC.exe (1944)
Locked InstallBrainService.exe (2008)
Locked PnkBstrA.exe (904)
Locked InstallBrainService.exe (1100)
Locked RichVideo.exe (1648)
Locked sftvsa.exe (2168)
Locked svchost.exe (2212)
Locked TeamViewer_Service.exe (2280)
Locked TeamViewer_Service.exe (2312)
Locked TomTomHOMEService.exe (2336)
Locked WLIDSVC.EXE (2376)
Locked avgemca.exe (2428)
Locked YahooAUService.exe (2680)
Locked WLIDSVCM.EXE (2692)
______ ?????????? (2852)
______ ?????????? (2916)
Locked sftlist.exe (2928)
______ ?????????? (2936)
Locked AVGIDSAgent.exe (3104)
______ ?????????? (3204)
______ ?????????? (3404)
______ ?????????? (3412)
Locked WmiPrvSE.exe (3456)
______ ?????????? (3536)
______ ?????????? (3544)
______ ?????????? (3556)
______ ?????????? (3564)
______ C:\Program Files (x86)\Steam\Steam.exe (3660)
______ ?????????? (3728)
______ C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (3776)
______ ?????????? (4076)
Locked CVHSVC.EXE (3096)
______ C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (3064)
______ C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3832)
______ C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (3820)
______ C:\Program Files (x86)\iTunes\iTunesHelper.exe (3796)
______ C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (3852)
Locked iPodService.exe (3856)
Locked hpqWmiEx.exe (3028)
Locked SteamService.exe (1768)
Locked svchost.exe (2388)
______ C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (796)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (4580)
______ ?????????? (3304)
Locked svchost.exe (4456)
Locked dllhost.exe (4160)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4480)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (1076)
______ C:\ProgramData\WeCareReminder\ReminderHelper.exe (4536)
Locked wmpnetwk.exe (2228)
Locked SearchIndexer.exe (2688)
Locked audiodg.exe (5116)
______ C:\Users\wills\Desktop\Rooter.exe (5800)
Locked svchost.exe (4148)
Locked WerFault.exe (4008)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:208666624)
\Device\Harddisk0\Partition2 (Start_Offset:209715200 | Length:304393224192)
\Device\Harddisk0\Partition3 (Start_Offset:304602939392 | Length:15360589824)
\Device\Harddisk0\Partition4 (Start_Offset:319963529216 | Length:108355584)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1403100644-2643874596-638605949-1003UA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 15:14.44
.
C:\Rooter$\Rooter_1.txt - (07/02/2012 | 15:14.44)



CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 07, 2012 10:25 pm

Security check...

Results of screen317's Security Check version 0.99.30
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java(TM) 6 Update 29
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox 5.0.1 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 07, 2012 11:21 pm

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
******************************************************
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
[You must be registered and logged in to see this link.]
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Wed Feb 08, 2012 5:31 pm

Results from Eset scan...

C:\Qoobox\Quarantine\C\Users\wills\AppData\Local\TempDIR\BetterInstaller.exe.vir Win32/Adware.Somoto.A application cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0O15X4BG\video-reward_com[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PM8ZY4DT\video-reward_com[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Family\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\532f4a01-1c350fae multiple threats deleted - quarantined
C:\Users\wills\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000280 HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\wills\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\7a0ff328-42e34735 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\wills\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\3d3fb229-78cbf6a7 multiple threats deleted - quarantined

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Wed Feb 08, 2012 7:29 pm

That looks good. How's your computer running now? Any other issues?

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Wed Feb 08, 2012 10:03 pm

Did I need to post the other log Eset produced? If so I'll need help locating it on the computer.

One of the problems is Skype and Spotify were slowing the log on time. I uninstalled them during this process to help with the reboot time. How can I use them but not have them start up upon logging in?

Which of all the downloads done during this process do I need to keep amd which can I delete?

I will be restarting the computer to check the operation and let you know



CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Wed Feb 08, 2012 11:19 pm

Did I need to post the other log Eset produced? If so I'll need help locating it on the computer.
No. That's ok.
How can I use them but not have them start up upon logging in?
You can still use them. They don't need to be in your startup.
Which of all the downloads done during this process do I need to keep amd which can I delete?
We'll do some cleanup once you report back.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Thu Feb 09, 2012 1:45 am

Ok I restarted the computer to see how it is working.

Desktop comes up with icons within a minute/half. AVG shows on the bottom tool bar, lower right corner. Then the screen freezes for about 8 minutes. After it comes to life, the AVG shows that it is updating, and SuperAntiSpyware shows it has an update also. It takes 4 more minutes for the HP software indicator (flag) and WLAN to show on the same tool bar. It takes about 15 minutes for League of Legends Replay to show in the tool bar.

Thinking it is ready I click on the internet Explorer and it takes about 15 more minutes to load my homepage, Yahoo.

Do you think there is another problem or is it the programs I already had on the computer?

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Thu Feb 09, 2012 7:53 pm

Please download [You must be registered and logged in to see this link.] ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Fri Feb 10, 2012 7:47 am

aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-09 23:44:52
-----------------------------
23:44:52.167 OS Version: Windows x64 6.1.7601 Service Pack 1
23:44:52.167 Number of processors: 2 586 0x170A
23:44:52.167 ComputerName: FAMILY-PC UserName: wills
00:13:56.141 Initialize success
00:34:41.796 AVAST engine defs: 12020903
00:34:48.333 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:34:48.333 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 3
00:34:48.348 Disk 0 MBR read successfully
00:34:48.348 Disk 0 MBR scan
00:34:48.348 Disk 0 unknown MBR code
00:34:48.364 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
00:34:48.380 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 290292 MB offset 409600
00:34:48.411 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14649 MB offset 594927616
00:34:48.426 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
00:34:48.442 Service scanning
00:34:50.408 Modules scanning
00:34:50.408 Disk 0 trace - called modules:
00:34:50.470 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:34:50.470 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030246c0]
00:34:50.486 3 CLASSPNP.SYS[fffff88001bae43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002ead050]
00:34:53.216 AVAST engine scan C:\Windows
00:34:56.289 AVAST engine scan C:\Windows\system32
00:38:50.030 AVAST engine scan C:\Windows\system32\drivers
00:39:10.700 AVAST engine scan C:\Users\wills
00:54:18.376 AVAST engine scan C:\ProgramData
00:57:57.417 Scan finished successfully
01:34:22.285 Disk 0 MBR has been saved successfully to "C:\Users\wills\Desktop\MBR.dat"
01:34:22.285 The log file has been saved successfully to "C:\Users\wills\Desktop\aswMBR.txt"



CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Fri Feb 10, 2012 7:00 pm

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sat Feb 11, 2012 5:15 am

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G72 Notebook PC
Logical Drives Mask: 0x0001003c

Kernel Drivers (total 158):
0x02C61000 \SystemRoot\system32\ntoskrnl.exe
0x02C18000 \SystemRoot\system32\hal.dll
0x00BD3000 \SystemRoot\system32\kdcom.dll
0x00CCD000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D1C000 \SystemRoot\system32\PSHED.dll
0x00D30000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E40000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EE4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EF3000 \SystemRoot\system32\drivers\ACPI.sys
0x00F4A000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F53000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F5D000 \SystemRoot\system32\drivers\pci.sys
0x00F90000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F9D000 \SystemRoot\System32\drivers\partmgr.sys
0x00FB2000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FBB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FC7000 \SystemRoot\system32\drivers\volmgr.sys
0x00D8E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FDC000 \SystemRoot\System32\drivers\mountmgr.sys
0x0102E000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01238000 \SystemRoot\system32\drivers\atapi.sys
0x01241000 \SystemRoot\system32\drivers\ataport.SYS
0x0126B000 \SystemRoot\system32\drivers\msahci.sys
0x01276000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x01286000 \SystemRoot\system32\drivers\amdxata.sys
0x01291000 \SystemRoot\system32\drivers\fltmgr.sys
0x012DD000 \SystemRoot\system32\drivers\fileinfo.sys
0x01457000 \SystemRoot\System32\Drivers\Ntfs.sys
0x012F1000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0134F000 \SystemRoot\System32\Drivers\cng.sys
0x0141B000 \SystemRoot\System32\drivers\pcw.sys
0x0142C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01641000 \SystemRoot\system32\drivers\ndis.sys
0x01734000 \SystemRoot\system32\drivers\NETIO.SYS
0x01794000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01866000 \SystemRoot\System32\drivers\tcpip.sys
0x01A6A000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AB4000 \SystemRoot\system32\drivers\volsnap.sys
0x01B00000 \SystemRoot\System32\Drivers\spldr.sys
0x01B08000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B42000 \SystemRoot\System32\Drivers\mup.sys
0x01B54000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B5D000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B97000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BAD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01BDD000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x01BE9000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x03F01000 \SystemRoot\system32\drivers\cdrom.sys
0x03F2B000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x03F3B000 \SystemRoot\System32\Drivers\Null.SYS
0x03F44000 \SystemRoot\System32\Drivers\Beep.SYS
0x03F4B000 \SystemRoot\System32\drivers\vga.sys
0x03F59000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03F7E000 \SystemRoot\System32\drivers\watchdog.sys
0x03F8E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x03F97000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03FA0000 \SystemRoot\system32\drivers\rdprefmp.sys
0x03FA9000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03FB4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03FC5000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03FE7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03C00000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x03C60000 \SystemRoot\System32\DRIVERS\netbt.sys
0x040B7000 \SystemRoot\system32\drivers\afd.sys
0x04140000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x0414B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04154000 \SystemRoot\system32\DRIVERS\pacer.sys
0x0417A000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x04190000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0419F000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x041BA000 \SystemRoot\system32\drivers\termdd.sys
0x041CE000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x041D8000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x04000000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04051000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0405D000 \SystemRoot\system32\drivers\mssmbios.sys
0x04068000 \SystemRoot\System32\drivers\discache.sys
0x04077000 \SystemRoot\System32\Drivers\dfsc.sys
0x04095000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0180E000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x03CA5000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x041E2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x041F8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04A74000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x05493000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05587000 \SystemRoot\System32\drivers\dxgmms1.sys
0x055CD000 \SystemRoot\system32\drivers\usbuhci.sys
0x04A00000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04A56000 \SystemRoot\system32\drivers\usbehci.sys
0x055DA000 \SystemRoot\system32\drivers\HDAudBus.sys
0x04273000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x0439B000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x043A8000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04200000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0421E000 \SystemRoot\system32\drivers\kbdclass.sys
0x0422D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0423C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04249000 \SystemRoot\system32\drivers\wmiacpi.sys
0x04252000 \SystemRoot\system32\drivers\CompositeBus.sys
0x03CCB000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x017BF000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04262000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x01600000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x017E3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01436000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x013C1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x040A6000 \SystemRoot\system32\DRIVERS\serscan.sys
0x040AE000 \SystemRoot\system32\drivers\ksthunk.sys
0x04461000 \SystemRoot\system32\drivers\ks.sys
0x044A4000 \SystemRoot\system32\drivers\swenum.sys
0x044A6000 \SystemRoot\system32\drivers\umbus.sys
0x044B8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04512000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05A3A000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x05C9A000 \SystemRoot\system32\drivers\portcls.sys
0x05CD7000 \SystemRoot\system32\drivers\drmk.sys
0x05CF9000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x05D21000 \SystemRoot\System32\Drivers\fastfat.SYS
0x05D95000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03CE1000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05DA3000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x05DB6000 \SystemRoot\System32\drivers\Dxapi.sys
0x05DC2000 \SystemRoot\system32\DRIVERS\monitor.sys
0x005D0000 \SystemRoot\System32\TSDDD.dll
0x00620000 \SystemRoot\System32\cdd.dll
0x00960000 \SystemRoot\System32\ATMFD.DLL
0x05DD0000 \SystemRoot\system32\drivers\luafv.sys
0x05DF3000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x05A00000 \SystemRoot\system32\drivers\WudfPf.sys
0x05A21000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x04527000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05D57000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x05D6A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x028B8000 \SystemRoot\system32\drivers\HTTP.sys
0x02981000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0299F000 \SystemRoot\System32\drivers\mpsdrv.sys
0x029B7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x02800000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0284E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02872000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x036CD000 \SystemRoot\system32\drivers\peauth.sys
0x03773000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03600000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x0377E000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x037CB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0287D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0457A000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x06280000 \SystemRoot\System32\DRIVERS\srv2.sys
0x062E9000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x062F4000 \SystemRoot\System32\DRIVERS\srv.sys
0x0638C000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x06271000 \??\C:\Users\wills\AppData\Local\Temp\aswMBR.sys
0x77A00000 \Windows\System32\ntdll.dll
0x47C40000 \Windows\System32\smss.exe
0xFFD20000 \Windows\System32\apisetschema.dll

Processes (total 87):
0 System Idle Process
4 System
264 C:\Windows\System32\smss.exe
360 C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
392 C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
740 csrss.exe
796 C:\Windows\System32\wininit.exe
808 csrss.exe
856 C:\Windows\System32\services.exe
884 C:\Windows\System32\winlogon.exe
896 C:\Windows\System32\lsass.exe
904 C:\Windows\System32\lsm.exe
1020 C:\Windows\System32\svchost.exe
616 C:\Windows\System32\svchost.exe
684 C:\Windows\System32\svchost.exe
752 C:\Windows\System32\svchost.exe
812 C:\Windows\System32\svchost.exe
1104 C:\Windows\System32\svchost.exe
1300 C:\Windows\System32\svchost.exe
1452 C:\Windows\System32\spoolsv.exe
1488 C:\Windows\System32\svchost.exe
1588 C:\Windows\System32\svchost.exe
1616 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1636 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1756 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
1788 C:\Program Files\Bonjour\mDNSResponder.exe
1908 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2032 C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
1092 C:\Windows\SysWOW64\PnkBstrA.exe
1328 C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
1396 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2068 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2104 C:\Windows\System32\svchost.exe
2168 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
2260 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
2360 C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
2396 C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
2564 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
2604 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2652 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
2892 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2944 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2996 C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
3124 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
3348 C:\Windows\System32\svchost.exe
3832 C:\Windows\System32\taskhost.exe
3908 C:\Windows\System32\dwm.exe
3960 C:\Windows\explorer.exe
4052 C:\Windows\System32\rundll32.exe
3680 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
3672 C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
3724 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
3856 C:\Program Files\Java\jre6\bin\jusched.exe
4028 C:\Windows\System32\igfxtray.exe
3444 WmiPrvSE.exe
2752 C:\Windows\System32\hkcmd.exe
3808 C:\Windows\System32\igfxpers.exe
3560 C:\Program Files (x86)\Steam\Steam.exe
4172 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
4312 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
4324 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4352 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4368 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
4376 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4616 C:\Program Files\iPod\bin\iPodService.exe
4280 C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
3276 C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
3400 C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
2724 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
2956 C:\Program Files\Windows Media Player\wmpnetwk.exe
4148 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
3772 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
2720 C:\Windows\System32\svchost.exe
4032 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
3716 dllhost.exe
5528 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5704 C:\Program Files (x86)\Internet Explorer\iexplore.exe
3372 C:\ProgramData\WeCareReminder\ReminderHelper.exe
1888 C:\Windows\System32\taskeng.exe
3328 C:\Users\wills\AppData\Local\Google\Update\GoogleUpdate.exe
6564
1348 C:\Windows\System32\SearchIndexer.exe
3968 C:\Users\wills\Desktop\MBRCheck.exe
4876 C:\Windows\System32\conhost.exe
7028 C:\Windows\System32\WerFault.exe
5988

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000046`ebc00000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000004a`7f500000 (FAT32)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST9320325AS, Rev: 0005HPM1

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: D747D5A81550FD73CAB2E88DBA027A757C7384DE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Sat Feb 11, 2012 7:18 pm

Here I'm assuming that you have the Windows 7 Recovery Console installed on your hard drive. If is not there you will have a Recovery disk. If this is the case, let me know.


Run the Windows 7 Recovery Console.

1. Eject and remove any discs or memory cards from your computer.

2. Click the "Start" button on the desktop to open the Start menu, click the small arrow icon to the right of the lock icon and select "Restart".

3. Hold the "F8" key on your computer's keyboard as Windows 7 reboots.

4. Highlight and select "Repair your computer" choose your keyboard type and click "Next".

5. Choose your user name, type your password if prompted and click "OK" to access the System Recovery Options menu.

6. Next type bootrec /fixmbr

7. If it ask if you're sure you want to write a new MBR, answer 'Y'

8. Then type EXIT to reboot the machine.

9.With that done, please post back and let me know how things are now.


Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sat Feb 11, 2012 7:29 pm

How do I know if I have the recovery console?

There is a recovery Drive "d"

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Sat Feb 11, 2012 11:54 pm

[You must be registered and logged in to see this link.] wrote:How do I know if I have the recovery console?

There is a recovery Drive "d"
That's the Recovery Console. You should be able to access it by pressing F8 while the computer is starting.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sun Feb 12, 2012 5:47 am

The F8 key does not work on the restart. just restarts normally

disregard the previous line

Alright I am at the System Recovery Options window. I have several choices, Which one before I go further?
The choices are:
Startup Repair
System Restore
System Image Recovery
Windows Memory Diagnostics
Command Prompt
Recovery Manager

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 14, 2012 7:22 pm

[You must be registered and logged in to see this link.] wrote:The F8 key does not work on the restart. just restarts normally

disregard the previous line

Alright I am at the System Recovery Options window. I have several choices, Which one before I go further?
The choices are:
Startup Repair
System Restore
System Image Recovery
Windows Memory Diagnostics
Command Prompt
Recovery Manager
Can you go into Startup Repair and do what I suggested in my previous post?

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 14, 2012 9:48 pm

The choices on my computer does not exactly match the previous post.
I am restarting again to be sure

After highlighting repair computer It asks me to press "enter" to choose

It loads files and then brings up the blue screen with a small System Recovery Options window. It asks to Select a keyboard input method, I select US (choices are countries) and press "next".

I select the user name and enter the password and press "ok".

Which brings up the Afore mentioned Sys Rec options window with the choices.

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 14, 2012 9:53 pm

Ok I chose Start up Repair

It reads Startup repair could not detect a problem. There are two items at the bottom of the window:

View diagnostic and repair details
View advanced options for system revcovery and support

Other than that there are finish and cancel buttons at the bottom of the window

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 14, 2012 11:19 pm

Could you please hold on for a bit. I'm checking with a colleague about this problem.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Mon Feb 20, 2012 5:26 pm

Bump

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Mon Feb 20, 2012 8:03 pm

[You must be registered and logged in to see this link.] wrote:Bump
I'm really sorry for the delay but I haven't received a reply for assistance from my colleague. I'm going to send another request. I haven't forgotten and won't forget about this problem.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 21, 2012 2:43 am

I'm back. Let's try this.

Please [You must be registered and logged in to see this link.]
If you have Windows 7 installation disc, just insert a DVD to the drive, restart computer and it should load automatically (option two presented in the article).
It's possible also that your computer has a pre-installed recovery partition instead - in such a case use a method one (by pressing F8 before Windows starts loading)...
NOTE. If none of the above apply you can create System Repair Disc (link in "Option two") and boot from it.

On the System Recovery Options menu you will get the following options:


  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt


Choose Command Prompt
You should see X:\SOURCES>...

Execute the following commands in bold.
Press Enter after every one of them.

bootrec /fixmbr (<--- there is a "space" after "bootrec")

bootrec /fixboot (<--- there is a "space" after "bootrec")

exit

Restart computer.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 21, 2012 1:30 pm

At the Command Prompt the line read:

X:\windows\system32>

I entered the info and received a response of successfully submitted for each entry

Not any better so far


CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Tue Feb 21, 2012 6:52 pm

Ok. Please run this again. You should already have this on your computer. Please post the log.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Tue Feb 21, 2012 11:08 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP G72 Notebook PC
Logical Drives Mask: 0x0001003c

Kernel Drivers (total 157):
0x02C1B000 \SystemRoot\system32\ntoskrnl.exe
0x03204000 \SystemRoot\system32\hal.dll
0x00BA4000 \SystemRoot\system32\kdcom.dll
0x00CE6000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D35000 \SystemRoot\system32\PSHED.dll
0x00D49000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E91000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F35000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F44000 \SystemRoot\system32\drivers\ACPI.sys
0x00F9B000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FA4000 \SystemRoot\system32\drivers\msisadrv.sys
0x00FAE000 \SystemRoot\system32\drivers\pci.sys
0x00FE1000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E00000 \SystemRoot\System32\drivers\partmgr.sys
0x00E15000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E1E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E2A000 \SystemRoot\system32\drivers\volmgr.sys
0x010B8000 \SystemRoot\System32\drivers\volmgrx.sys
0x01114000 \SystemRoot\System32\drivers\mountmgr.sys
0x01264000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0146E000 \SystemRoot\system32\drivers\atapi.sys
0x01477000 \SystemRoot\system32\drivers\ataport.SYS
0x014A1000 \SystemRoot\system32\drivers\msahci.sys
0x014AC000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x014BC000 \SystemRoot\system32\drivers\amdxata.sys
0x014C7000 \SystemRoot\system32\drivers\fltmgr.sys
0x01513000 \SystemRoot\system32\drivers\fileinfo.sys
0x0160E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01527000 \SystemRoot\System32\Drivers\msrpc.sys
0x017B1000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01585000 \SystemRoot\System32\Drivers\cng.sys
0x017CC000 \SystemRoot\System32\drivers\pcw.sys
0x017DD000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01861000 \SystemRoot\system32\drivers\ndis.sys
0x01954000 \SystemRoot\system32\drivers\NETIO.SYS
0x019B4000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A10000 \SystemRoot\System32\drivers\tcpip.sys
0x01C14000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01C5E000 \SystemRoot\system32\drivers\volsnap.sys
0x01CAA000 \SystemRoot\System32\Drivers\spldr.sys
0x01CB2000 \SystemRoot\System32\drivers\rdyboost.sys
0x01CEC000 \SystemRoot\System32\Drivers\mup.sys
0x01CFE000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01D07000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01D41000 \SystemRoot\system32\DRIVERS\disk.sys
0x01D57000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01D87000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x01D93000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x04078000 \SystemRoot\system32\drivers\cdrom.sys
0x040A2000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x040B2000 \SystemRoot\System32\Drivers\Null.SYS
0x040BB000 \SystemRoot\System32\Drivers\Beep.SYS
0x040C2000 \SystemRoot\System32\drivers\vga.sys
0x040D0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x040F5000 \SystemRoot\System32\drivers\watchdog.sys
0x04105000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0410E000 \SystemRoot\system32\drivers\rdpencdd.sys
0x04117000 \SystemRoot\system32\drivers\rdprefmp.sys
0x04120000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0412B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0413C000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0415E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0416B000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x03E00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0112E000 \SystemRoot\system32\drivers\afd.sys
0x03E45000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x03E50000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x041CB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01DAB000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x041F1000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01DC1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01DDC000 \SystemRoot\system32\drivers\termdd.sys
0x01DF0000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x01A00000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x01800000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01851000 \SystemRoot\system32\drivers\nsiproxy.sys
0x019DF000 \SystemRoot\system32\drivers\mssmbios.sys
0x019EA000 \SystemRoot\System32\drivers\discache.sys
0x01200000 \SystemRoot\System32\Drivers\dfsc.sys
0x017E7000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x011B7000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x0121E000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x01244000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x01A0A000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04C81000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x056A0000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05794000 \SystemRoot\System32\drivers\dxgmms1.sys
0x057DA000 \SystemRoot\system32\drivers\usbuhci.sys
0x04C00000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04C56000 \SystemRoot\system32\drivers\usbehci.sys
0x01000000 \SystemRoot\system32\drivers\HDAudBus.sys
0x0308B000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x031B3000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x03000000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x03057000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03075000 \SystemRoot\system32\drivers\kbdclass.sys
0x031C0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x031CF000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x031DC000 \SystemRoot\system32\drivers\wmiacpi.sys
0x031E5000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04C67000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x01024000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x057E7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x01048000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x01077000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01092000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x00E3F000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x031F5000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x057F3000 \SystemRoot\system32\DRIVERS\serscan.sys
0x03084000 \SystemRoot\system32\drivers\ksthunk.sys
0x00DA7000 \SystemRoot\system32\drivers\ks.sys
0x057FB000 \SystemRoot\system32\drivers\swenum.sys
0x00E59000 \SystemRoot\system32\drivers\umbus.sys
0x046C8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04722000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05A81000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x05CE1000 \SystemRoot\system32\drivers\portcls.sys
0x05D1E000 \SystemRoot\system32\drivers\drmk.sys
0x05D40000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x05D68000 \SystemRoot\System32\Drivers\fastfat.SYS
0x05DDC000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03E59000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05DEA000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x05A00000 \SystemRoot\System32\drivers\Dxapi.sys
0x05A0C000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00590000 \SystemRoot\System32\TSDDD.dll
0x00630000 \SystemRoot\System32\cdd.dll
0x00920000 \SystemRoot\System32\ATMFD.DLL
0x05A1A000 \SystemRoot\system32\drivers\luafv.sys
0x05A3D000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x05A48000 \SystemRoot\system32\drivers\WudfPf.sys
0x05A69000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x04737000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05D9E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x05DB1000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02AED000 \SystemRoot\system32\drivers\HTTP.sys
0x02BB6000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02BD4000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02A00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x02A2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02A7B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02A9F000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x04600000 \SystemRoot\system32\drivers\peauth.sys
0x02AAA000 \SystemRoot\System32\Drivers\secdrv.SYS
0x044EC000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x045AD000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x04400000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x04431000 \SystemRoot\System32\drivers\tcpipreg.sys
0x04443000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x0446E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x044D7000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x062CF000 \SystemRoot\System32\DRIVERS\srv.sys
0x76CE0000 \Windows\System32\ntdll.dll
0x478A0000 \Windows\System32\smss.exe
0xFF000000 \Windows\System32\apisetschema.dll

Processes (total 82):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
396 C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
428 C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
680 csrss.exe
736 csrss.exe
744 C:\Windows\System32\wininit.exe
796 C:\Windows\System32\winlogon.exe
848 C:\Windows\System32\services.exe
860 C:\Windows\System32\lsass.exe
872 C:\Windows\System32\lsm.exe
108 C:\Windows\System32\svchost.exe
660 C:\Windows\System32\svchost.exe
628 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\svchost.exe
612 C:\Windows\System32\svchost.exe
1116 C:\Windows\System32\svchost.exe
1188 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\spoolsv.exe
1384 C:\Windows\System32\svchost.exe
1484 C:\Windows\System32\svchost.exe
1512 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1532 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1556 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1632 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
1668 C:\Program Files\Bonjour\mDNSResponder.exe
1720 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1776 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
1908 C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
1944 C:\Program Files (x86)\InstallBrainService\InstallBrainService.exe
1988 C:\Windows\SysWOW64\PnkBstrA.exe
2020 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2068 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2184 C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
2192 C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
2432 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
2452 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
2484 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
2524 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2576 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
2684 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2752 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2824 C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
2376 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
3504 C:\Windows\System32\svchost.exe
1700 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
2536 C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
1292 C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
1676 C:\Program Files\Windows Media Player\wmpnetwk.exe
3876 C:\Windows\System32\taskhost.exe
4068 C:\Windows\System32\dwm.exe
3912 C:\Windows\explorer.exe
4048 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
3120 C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
812 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
3528 C:\Program Files\Java\jre6\bin\jusched.exe
3888 C:\Windows\System32\igfxtray.exe
3784 C:\Windows\System32\hkcmd.exe
4024 C:\Windows\System32\igfxpers.exe
3352 WmiPrvSE.exe
2272 C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
580 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
3404 C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
2540 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
1364 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
4100 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4152 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
4176 C:\Windows\System32\GfxUI.exe
4196 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4316 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4348 C:\Windows\System32\SearchIndexer.exe
4540 C:\Program Files\iPod\bin\iPodService.exe
4860 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3532 C:\Windows\System32\WerFault.exe
3220 C:\Program Files\Java\jre6\bin\javaws.exe
3344 C:\Program Files\Java\jre6\bin\javaw.exe
4172 C:\Windows\System32\audiodg.exe
4976 C:\Users\wills\Desktop\MBRCheck.exe
4696 C:\Windows\System32\conhost.exe
1868 C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
4408

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000046`ebc00000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000004a`7f500000 (FAT32)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST9320325AS, Rev: 0005HPM1

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sat Feb 25, 2012 5:42 pm

Bump

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by Superdave on Sat Feb 25, 2012 8:28 pm

[You must be registered and logged in to see this link.] wrote:Bump
Sorry, my notifications are not working again. Please give me an update on your computer.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Very slow to start and run programs

Post by CRC on Sun Feb 26, 2012 5:22 pm

I have restarted it again. It is quicker to load to the desktop but it is still taking approx. 20-30 minutes at times to load internet explorer. Once Explorer is running it runs pretty quick. I took the time to uninstall a couple more programs, Team Viewer, Steam and League of Legends Recorder. Those seemed to be the programs taking the longest to load on the desktop.

CRC
Intermediate
Intermediate

Status :
Online
Offline

Posts : 106
Joined : 2010-07-08
OS : xp

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum