Samsung Laptop Running Slow

petesake

Newbie

Posts: 13

« on: October 16, 2011, 10:03:27 PM »

Samsung Laptop is taking forever to boot. When i click an icon to open it's taking about minute for anything to happen. PC says no Restore Points are available ?

DDS LOG:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by xxxxx at 23:34:27 on 2011-10-16
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2807.1350 [GMT -4:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\atieclxx.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Cathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\RunDll32.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DW6]
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Cathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Cathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB} : DhcpNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\2375942554233373 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\8494540214051343C6F6262697 : DhcpNameServer = 205.152.37.23 205.152.132.23
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\84F6C6964616970294E6E60254870727563737 : DhcpNameServer = 74.128.17.114 74.128.19.102 4.2.2.1
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\94E63796768647F577966696F563331383 : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\96E63796768647F577966696F543933393 : DhcpNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\E4544574541425 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}\E4544574541425D223E243D274 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{88786D89-9457-4C78-BE70-B6379B9759DF} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\vdddlr3e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\windows\system32\Drivers\avgldx64.sys --> C:\windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\windows\system32\Drivers\avgmfx64.sys --> C:\windows\system32\Drivers\avgmfx64.sys [?]
R1 AvgTdiA;AVG Free Network Redirector x64;C:\windows\system32\Drivers\avgtdia.sys --> C:\windows\system32\Drivers\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-9-15 921952]
R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-9-15 308136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-6-1 51512]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\system32\DRIVERS\VSTAZL6.SYS --> C:\windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\windows\system32\DRIVERS\VSTDPV6.SYS --> C:\windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
.
=============== Created Last 30 ================
.
2011-10-14 02:21:09   3134976   ----a-w-   C:\windows\System32\win32k.sys
2011-10-14 02:21:08   75776   ----a-w-   C:\windows\SysWow64\psisrndr.ax
2011-10-14 02:21:08   75776   ----a-w-   C:\windows\System32\MSDvbNP.ax
2011-10-14 02:21:08   72704   ----a-w-   C:\windows\SysWow64\Mpeg2Data.ax
2011-10-14 02:21:08   613888   ----a-w-   C:\windows\System32\psisdecd.dll
2011-10-14 02:21:08   59904   ----a-w-   C:\windows\SysWow64\MSDvbNP.ax
2011-10-14 02:21:08   465408   ----a-w-   C:\windows\SysWow64\psisdecd.dll
2011-10-14 02:21:08   288256   ----a-w-   C:\windows\System32\MSNP.ax
2011-10-14 02:21:08   204288   ----a-w-   C:\windows\SysWow64\MSNP.ax
2011-10-14 02:21:08   108032   ----a-w-   C:\windows\System32\psisrndr.ax
2011-10-14 02:21:08   104960   ----a-w-   C:\windows\System32\Mpeg2Data.ax
2011-10-14 02:20:57   861184   ----a-w-   C:\windows\System32\oleaut32.dll
2011-10-14 02:20:57   571904   ----a-w-   C:\windows\SysWow64\oleaut32.dll
2011-10-14 02:20:57   331776   ----a-w-   C:\windows\System32\oleacc.dll
2011-10-14 02:20:57   233472   ----a-w-   C:\windows\SysWow64\oleacc.dll
2011-10-03 16:30:08   --------   d-----w-   C:\Program Files\Bonjour Print Services
2011-10-03 16:17:59   89088   ----a-w-   C:\windows\System32\RegisterIEPKEYs.exe
2011-10-03 15:52:30   --------   d-----w-   C:\windows\System32\SPReview
2011-10-03 15:51:25   --------   d-----w-   C:\windows\System32\EventProviders
2011-10-02 14:35:26   0   ---ha-w-   C:\Users\Cathy\AppData\Local\BITDBA2.tmp
.
==================== Find3M ====================
.
2011-10-04 01:46:17   175104   ----a-w-   C:\windows\System32\msclmd.dll
2011-10-04 01:46:17   152064   ----a-w-   C:\windows\SysWow64\msclmd.dll
2011-10-03 16:17:59   222208   ----a-w-   C:\windows\System32\msls31.dll
2011-09-26 13:33:23   404640   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-12 17:42:46   35664   ----a-w-   C:\windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 23:42:34.34 ===============


	Logged

Jintan

Administrator
Hero Member

Posts: 3883

Re: Samsung Laptop Running Slow

« Reply #1 on: October 18, 2011, 03:48:55 PM »

Welcome to Malware Crypt petesake,

My apologies for the daley. Not sure why I missed this new request. The log shows some adware loading there, though these are not usually startup problems. Google software uses an updater that runs at startup, so can cause some slowness. Let's get a more detailed look at things. In your next reply, also post back how long you have had AVG installed there before these current troubles began please.

The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

------------------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

-----------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.

Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Note - If Gmer shows it has located infection once it's opening scan completes, do not click the Scan button. We don't want hidden malware settings to cause any problems. Instead, just click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.

Double click the aswMBR.exe icon to run it
Decline a download of avast itself if offered
If avast! antivirus is already installed, go to the dropdown next to AV engine: and select (none)
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #2 on: October 19, 2011, 05:34:10 PM »

Not a problem on the wait, I appreciate you're time.

OTL LOG:

OTL logfile created on: 10/19/2011 5:46:45 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Cathy\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.74 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 37.45% Memory free
5.48 Gb Paging File | 3.62 Gb Available in Paging File | 66.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.55 Gb Total Space | 214.03 Gb Free Space | 74.69% Space Free | Partition Type: NTFS

Computer Name: CATHY-PC | User Name: Cathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/19 17:40:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Cathy\Desktop\OTL.exe
PRC - [2011/10/16 23:40:59 | 000,753,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Cathy\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
PRC - [2011/09/29 02:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/12 13:42:54 | 002,076,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Cathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010/11/24 20:13:47 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/15 21:08:38 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/09/15 21:08:31 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/29 02:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/09/24 00:55:58 | 005,969,360 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/03/15 12:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/25 22:00:32 | 000,252,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 20:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/06 01:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/09/15 21:08:38 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/09/15 21:08:31 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/12 13:42:46 | 000,035,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2011/05/14 04:51:05 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/15 21:09:53 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/04/26 18:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010/03/15 13:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/03/15 12:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/22 21:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/09 00:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/01 16:45:52 | 000,717,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 16:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 12:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\InprocServer32 File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2011/09/12 13:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/16 23:58:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/16 23:57:33 | 000,000,000 | ---D | M]

[2010/09/15 21:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cathy\AppData\Roaming\Mozilla\Extensions
[2011/10/16 23:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\vdddlr3e.default\extensions
[2010/11/07 13:46:49 | 000,000,000 | ---D | M] (BitTorrentBar Toolbar) -- C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\vdddlr3e.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2010/09/20 21:03:23 | 000,000,000 | ---D | M] (QuickDrag) -- C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\vdddlr3e.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2011/10/16 23:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/16 23:47:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/09/29 02:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll File not found
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll븀㱸ऍ㱺凉* File not found
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll File not found
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Cathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Cathy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{082BD703-A4D7-4DE3-8165-B0D039795EAB}: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786D89-9457-4C78-BE70-B6379B9759DF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/19 17:49:00 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Cathy\Desktop\aswMBR.exe
[2011/10/19 17:40:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Cathy\Desktop\OTL.exe
[2011/10/17 00:10:30 | 000,000,000 | ---D | C] -- C:\Users\Cathy\AppData\Roaming\WinRAR
[2011/10/17 00:10:30 | 000,000,000 | ---D | C] -- C:\Users\Cathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/17 00:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/17 00:10:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/10/16 23:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/10/16 23:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/16 23:47:18 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2011/10/16 23:47:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2011/10/16 23:47:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2011/10/16 23:47:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2011/10/16 23:41:01 | 000,000,000 | ---D | C] -- C:\Users\Cathy\AppData\Local\Solid State Networks
[2011/10/16 23:31:01 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Cathy\Desktop\dds.scr
[2011/10/13 22:21:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2011/10/13 22:21:08 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2011/10/13 22:21:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/10/13 22:21:08 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2011/10/13 22:21:08 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2011/10/13 22:21:08 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2011/10/13 22:21:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2011/10/13 22:21:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2011/10/13 22:21:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2011/10/13 22:21:08 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2011/10/13 22:20:57 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011/10/13 22:20:57 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2011/10/03 12:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services
[2011/10/03 12:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour Print Services
[2011/10/03 12:18:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2011/10/03 12:18:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/10/03 12:18:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/10/03 12:18:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2011/10/03 12:18:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2011/10/03 12:18:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/10/03 12:18:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2011/10/03 12:18:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2011/10/03 12:18:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2011/10/03 12:18:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2011/10/03 12:18:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/10/03 12:18:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2011/10/03 12:18:03 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2011/10/03 12:18:03 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/10/03 12:18:03 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2011/10/03 12:18:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/10/03 12:18:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/10/03 12:18:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2011/10/03 12:18:02 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2011/10/03 12:18:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2011/10/03 12:18:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2011/10/03 12:18:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2011/10/03 12:18:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2011/10/03 12:18:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2011/10/03 12:18:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/10/03 12:18:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2011/10/03 12:18:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2011/10/03 12:18:01 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2011/10/03 12:18:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/10/03 12:18:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2011/10/03 12:18:00 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2011/10/03 12:18:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2011/10/03 12:17:59 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2011/10/03 12:17:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2011/10/03 12:17:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2011/10/03 12:17:58 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2011/10/03 12:17:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2011/10/03 12:17:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2011/10/03 12:17:58 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2011/10/03 12:17:58 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2011/10/03 12:17:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2011/10/03 12:17:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2011/10/03 12:17:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011/10/03 12:17:57 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/10/03 12:17:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2011/10/03 12:17:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/10/03 12:17:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2011/10/03 12:17:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2011/10/03 12:17:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/10/03 12:17:56 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2011/10/03 12:17:56 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/10/03 12:17:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2011/10/03 12:17:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #3 on: October 19, 2011, 05:39:51 PM »

[2011/10/03 12:17:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2011/10/03 12:17:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2011/10/03 12:17:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2011/10/03 12:17:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2011/10/03 12:17:55 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2011/10/03 12:17:55 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/10/03 12:17:55 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2011/10/03 12:17:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/10/03 12:17:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2011/10/03 12:17:55 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2011/10/03 12:17:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2011/10/03 12:17:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2011/10/03 12:17:54 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/10/03 12:17:54 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2011/10/03 12:17:54 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2011/10/03 12:17:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2011/10/03 12:17:54 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2011/10/03 12:17:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/10/03 12:17:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/10/03 11:52:30 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2011/10/03 11:51:25 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/09/24 19:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/24 19:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Cathy\AppData\Local\*.tmp files -> C:\Users\Cathy\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/19 17:49:09 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Cathy\Desktop\aswMBR.exe
[2011/10/19 17:45:08 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/10/19 17:45:08 | 000,624,412 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/10/19 17:45:08 | 000,106,756 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/10/19 17:43:11 | 087,593,412 | ---- | M] () -- C:\windows\SysNative\drivers\Avg\incavi.avm
[2011/10/19 17:42:57 | 000,302,592 | ---- | M] () -- C:\Users\Cathy\Desktop\t5zzsilf.exe
[2011/10/19 17:40:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Cathy\Desktop\OTL.exe
[2011/10/19 17:36:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/10/17 00:10:22 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 00:10:21 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 00:00:03 | 000,002,063 | ---- | M] () -- C:\Users\Cathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/16 23:58:40 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/16 23:31:02 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Cathy\Desktop\dds.scr
[2011/10/16 23:06:54 | 000,343,552 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/10/16 23:06:07 | 2207,404,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/10 20:57:38 | 395,070,196 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/10/03 23:00:41 | 000,001,448 | ---- | M] () -- C:\Users\Cathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/03 21:46:17 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2011/10/03 21:46:17 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2011/10/03 12:30:09 | 000,002,483 | ---- | M] () -- C:\Users\Public\Desktop\Bonjour Printer Wizard.lnk
[2011/10/03 12:18:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2011/10/03 12:18:04 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/10/03 12:18:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/10/03 12:18:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2011/10/03 12:18:04 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2011/10/03 12:18:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/10/03 12:18:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2011/10/03 12:18:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2011/10/03 12:18:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2011/10/03 12:18:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2011/10/03 12:18:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/10/03 12:18:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2011/10/03 12:18:03 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2011/10/03 12:18:03 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/10/03 12:18:03 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2011/10/03 12:18:02 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/10/03 12:18:02 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/10/03 12:18:02 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2011/10/03 12:18:02 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2011/10/03 12:18:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2011/10/03 12:18:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2011/10/03 12:18:02 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2011/10/03 12:18:02 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2011/10/03 12:18:02 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/10/03 12:18:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2011/10/03 12:18:02 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2011/10/03 12:18:02 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/10/03 12:18:01 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2011/10/03 12:18:01 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2011/10/03 12:18:01 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2011/10/03 12:18:01 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2011/10/03 12:18:00 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2011/10/03 12:18:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2011/10/03 12:17:59 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2011/10/03 12:17:59 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2011/10/03 12:17:59 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2011/10/03 12:17:58 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2011/10/03 12:17:58 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2011/10/03 12:17:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2011/10/03 12:17:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2011/10/03 12:17:58 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2011/10/03 12:17:58 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2011/10/03 12:17:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2011/10/03 12:17:57 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011/10/03 12:17:57 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/10/03 12:17:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2011/10/03 12:17:57 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/10/03 12:17:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2011/10/03 12:17:57 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2011/10/03 12:17:57 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2011/10/03 12:17:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/10/03 12:17:56 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2011/10/03 12:17:56 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/10/03 12:17:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2011/10/03 12:17:56 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/10/03 12:17:56 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2011/10/03 12:17:56 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2011/10/03 12:17:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2011/10/03 12:17:55 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2011/10/03 12:17:55 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/10/03 12:17:55 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2011/10/03 12:17:55 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/10/03 12:17:55 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2011/10/03 12:17:55 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2011/10/03 12:17:55 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2011/10/03 12:17:55 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2011/10/03 12:17:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2011/10/03 12:17:54 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/10/03 12:17:54 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2011/10/03 12:17:54 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2011/10/03 12:17:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2011/10/03 12:17:54 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2011/10/03 12:17:54 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/10/03 12:17:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/10/02 10:35:18 | 000,000,000 | ---- | M] () -- C:\Users\Cathy\AppData\Local\{EFC36D6D-8DEC-4988-ADCE-3B7CD2DD8551}
[2011/09/26 09:33:23 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/24 19:11:20 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Cathy\AppData\Local\*.tmp files -> C:\Users\Cathy\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/19 17:42:36 | 000,302,592 | ---- | C] () -- C:\Users\Cathy\Desktop\t5zzsilf.exe
[2011/10/16 23:58:40 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/16 23:58:40 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/03 23:00:41 | 000,001,420 | ---- | C] () -- C:\Users\Cathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/03 12:30:09 | 000,002,483 | ---- | C] () -- C:\Users\Public\Desktop\Bonjour Printer Wizard.lnk
[2011/10/03 12:18:02 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2011/10/03 12:17:55 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2011/10/02 10:35:18 | 000,000,000 | ---- | C] () -- C:\Users\Cathy\AppData\Local\{EFC36D6D-8DEC-4988-ADCE-3B7CD2DD8551}
[2011/09/24 19:11:20 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/24 19:11:20 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/08 11:01:50 | 000,000,000 | ---- | C] () -- C:\Users\Cathy\AppData\Local\{0551002D-7405-48CB-A8B3-025C421CA766}
[2011/02/15 22:14:57 | 000,144,384 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2010/10/29 15:27:42 | 000,000,194 | ---- | C] () -- C:\Users\Cathy\AppData\Roaming\wklnhst.dat
[2010/06/01 19:31:40 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010/06/01 19:29:19 | 000,001,105 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

< End of report >


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #4 on: October 19, 2011, 05:40:09 PM »

EXTRAS:
OTL Extras logfile created on: 10/19/2011 5:46:45 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Cathy\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.74 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 37.45% Memory free
5.48 Gb Paging File | 3.62 Gb Available in Paging File | 66.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.55 Gb Total Space | 214.03 Gb Free Space | 74.69% Space Free | Partition Type: NTFS

Computer Name: CATHY-PC | User Name: Cathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" [2010/06/01 19:21:42 | 000,000,000 | ---D | M]
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" [2010/06/01 19:21:42 | 000,000,000 | ---D | M]
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{21E2A283-1416-AF26-6DA1-92FDE02224EB}" = ccc-utility64
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5792CD64-61B4-C448-0D22-3C51DD73AB2A}" = ATI Catalyst Install Manager
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02950E10-1AA3-DF62-FED5-42CBD4ADC5C1}" = CCC Help Dutch
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{118F5964-DA03-7B46-BDEA-7C3FA203D293}" = CCC Help Spanish
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CF51B76-7485-410C-D06D-23D1060974D3}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21759FAC-AE5F-F171-EB4C-D2FBF66EDD04}" = CCC Help Czech
"{219B4856-468A-F0BB-8249-E630AD4E86C2}" = ccc-core-static
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23EA31D7-28CD-F7B3-024C-6EB784F1BC79}" = CCC Help Russian
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 27
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3669F19D-D7C2-3240-C4EC-A57DECC124FC}" = CCC Help Japanese
"{38A0161D-7CD3-51AD-0ACB-F46DD34D2FF6}" = CCC Help Greek
"{39670BCD-6300-21D8-78A4-ECD68D0C4D95}" = CCC Help Chinese Standard
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45FE5100-6C09-4B34-AC2F-92D8B3864546}" = LiveUpload to Facebook
"{46A46830-50AA-3326-7A57-72BB03E6B3EC}" = CCC Help Hungarian
"{47984ADB-54E9-BE8F-E39F-8B1FAAD4B192}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5570C266-C606-85BC-6E23-C858566E02DB}" = CCC Help Swedish
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E620377-939F-3E6B-F328-4A69D9CA0D1B}" = CCC Help French
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65F5F454-0029-045D-82ED-126F650B5C8F}" = Catalyst Control Center Graphics Previews Vista
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{836775DC-DC27-BC0C-7770-68E2591F6CC6}" = CCC Help Norwegian
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86236CB1-023D-82B2-A706-74ECFFA91A8E}" = Catalyst Control Center Graphics Previews Common
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4BD0EF-A058-3F42-0AD8-763267A735D0}" = Catalyst Control Center Graphics Full New
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8BE504E9-0677-87AC-07D2-1A1428E17A92}" = Catalyst Control Center InstallProxy
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91D25D3C-A6D8-78D4-CDE7-F70B93389A03}" = CCC Help Italian
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CD5AC28-04E5-07A5-100D-953D2B3A8747}" = Catalyst Control Center Graphics Full Existing
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AD8D84C3-D43A-776D-E4A8-2A4433BCBD32}" = CCC Help Korean
"{B0402CE4-783A-773C-239B-FF45BDFB400E}" = Catalyst Control Center Localization All
"{B32B60B9-C31B-3193-257A-2381305A0851}" = CCC Help German
"{B3B66630-DA7C-BD66-DFA4-F37AC82873EE}" = CCC Help Danish
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B8615768-6D66-5E53-C4E1-6F7EC8D9BFFE}" = CCC Help English
"{C289841E-5B5F-0198-F3FF-CB361D007DA3}" = CCC Help Thai
"{C7BC4EBB-D88F-019D-8ED0-F42F89096B18}" = CCC Help Turkish
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{D10D079D-EFDA-9601-98F8-F935A2A411A0}" = CCC Help Chinese Traditional
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DFD723B7-1762-73EC-32BC-A7D9E838808D}" = Catalyst Control Center Graphics Light
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E819AA87-4215-D35A-6872-BF97C32A9DB3}" = CCC Help Finnish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD1F254C-48B2-A188-0127-03855BA15D16}" = CCC Help Portuguese
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"conduitEngine" = Conduit Engine
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/16/2011 9:54:50 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 9:54:54 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:44 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:44 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:56 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:56 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:57 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:57 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:41:47 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:41:47 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ System Events ]
Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Extensible Authentication Protocol service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Group Policy Client service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The IP Helper service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Server service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 60000 milliseconds: Restart the
service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The User Profile Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Task Scheduler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The System Event Notification Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Shell Hardware Detection service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Themes service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 60000 milliseconds: Restart the
service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Management Instrumentation service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

< End of report >


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #5 on: October 19, 2011, 05:41:42 PM »

GMER LOG:

OTL Extras logfile created on: 10/19/2011 5:46:45 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Cathy\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.74 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 37.45% Memory free
5.48 Gb Paging File | 3.62 Gb Available in Paging File | 66.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.55 Gb Total Space | 214.03 Gb Free Space | 74.69% Space Free | Partition Type: NTFS

Computer Name: CATHY-PC | User Name: Cathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" [2010/06/01 19:21:42 | 000,000,000 | ---D | M]
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" [2010/06/01 19:21:42 | 000,000,000 | ---D | M]
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{21E2A283-1416-AF26-6DA1-92FDE02224EB}" = ccc-utility64
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5792CD64-61B4-C448-0D22-3C51DD73AB2A}" = ATI Catalyst Install Manager
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02950E10-1AA3-DF62-FED5-42CBD4ADC5C1}" = CCC Help Dutch
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{118F5964-DA03-7B46-BDEA-7C3FA203D293}" = CCC Help Spanish
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CF51B76-7485-410C-D06D-23D1060974D3}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21759FAC-AE5F-F171-EB4C-D2FBF66EDD04}" = CCC Help Czech
"{219B4856-468A-F0BB-8249-E630AD4E86C2}" = ccc-core-static
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23EA31D7-28CD-F7B3-024C-6EB784F1BC79}" = CCC Help Russian
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 27
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3669F19D-D7C2-3240-C4EC-A57DECC124FC}" = CCC Help Japanese
"{38A0161D-7CD3-51AD-0ACB-F46DD34D2FF6}" = CCC Help Greek
"{39670BCD-6300-21D8-78A4-ECD68D0C4D95}" = CCC Help Chinese Standard
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45FE5100-6C09-4B34-AC2F-92D8B3864546}" = LiveUpload to Facebook
"{46A46830-50AA-3326-7A57-72BB03E6B3EC}" = CCC Help Hungarian
"{47984ADB-54E9-BE8F-E39F-8B1FAAD4B192}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5570C266-C606-85BC-6E23-C858566E02DB}" = CCC Help Swedish
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E620377-939F-3E6B-F328-4A69D9CA0D1B}" = CCC Help French
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65F5F454-0029-045D-82ED-126F650B5C8F}" = Catalyst Control Center Graphics Previews Vista
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{836775DC-DC27-BC0C-7770-68E2591F6CC6}" = CCC Help Norwegian
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86236CB1-023D-82B2-A706-74ECFFA91A8E}" = Catalyst Control Center Graphics Previews Common
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4BD0EF-A058-3F42-0AD8-763267A735D0}" = Catalyst Control Center Graphics Full New
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8BE504E9-0677-87AC-07D2-1A1428E17A92}" = Catalyst Control Center InstallProxy
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91D25D3C-A6D8-78D4-CDE7-F70B93389A03}" = CCC Help Italian
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CD5AC28-04E5-07A5-100D-953D2B3A8747}" = Catalyst Control Center Graphics Full Existing
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AD8D84C3-D43A-776D-E4A8-2A4433BCBD32}" = CCC Help Korean
"{B0402CE4-783A-773C-239B-FF45BDFB400E}" = Catalyst Control Center Localization All
"{B32B60B9-C31B-3193-257A-2381305A0851}" = CCC Help German
"{B3B66630-DA7C-BD66-DFA4-F37AC82873EE}" = CCC Help Danish
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B8615768-6D66-5E53-C4E1-6F7EC8D9BFFE}" = CCC Help English
"{C289841E-5B5F-0198-F3FF-CB361D007DA3}" = CCC Help Thai
"{C7BC4EBB-D88F-019D-8ED0-F42F89096B18}" = CCC Help Turkish
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{D10D079D-EFDA-9601-98F8-F935A2A411A0}" = CCC Help Chinese Traditional
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DFD723B7-1762-73EC-32BC-A7D9E838808D}" = Catalyst Control Center Graphics Light
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E819AA87-4215-D35A-6872-BF97C32A9DB3}" = CCC Help Finnish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FD1F254C-48B2-A188-0127-03855BA15D16}" = CCC Help Portuguese
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"conduitEngine" = Conduit Engine
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/16/2011 9:54:50 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 9:54:54 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:44 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:44 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:56 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:56 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:57 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:39:57 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:41:47 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/16/2011 10:41:47 AM | Computer Name = Cathy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ System Events ]
Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Extensible Authentication Protocol service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Group Policy Client service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The IP Helper service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:29:47 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Server service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 60000 milliseconds: Restart the
service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The User Profile Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Task Scheduler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The System Event Notification Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Shell Hardware Detection service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Themes service terminated unexpectedly. It has done this 1 time(s).
The following corrective action will be taken in 60000 milliseconds: Restart the
service.

Error - 10/3/2011 9:30:08 PM | Computer Name = Cathy-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Management Instrumentation service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

< End of report >


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #6 on: October 19, 2011, 05:42:17 PM »

aswMBR LOG:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-19 19:22:05
-----------------------------
19:22:05.432 OS Version: Windows x64 6.1.7600
19:22:05.432 Number of processors: 2 586 0x603
19:22:05.434 ComputerName: CATHY-PC UserName: Cathy
19:22:07.467 Initialize success
19:22:19.341 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:22:19.346 Disk 0 Vendor: TOSHIBA_MK3265GSX GJ003M Size: 305245MB BusType: 11
19:22:19.360 Disk 0 MBR read successfully
19:22:19.366 Disk 0 MBR scan
19:22:19.373 Disk 0 Windows VISTA default MBR code
19:22:19.378 Service scanning
19:22:20.688 Modules scanning
19:22:20.695 Disk 0 trace - called modules:
19:22:20.716 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:22:20.725 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800316e060]
19:22:20.730 3 CLASSPNP.SYS[fffff8800195043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80030ad060]
19:22:20.735 Scan finished successfully
19:25:19.277 Disk 0 MBR has been saved successfully to "C:\Users\Cathy\Desktop\MBR.dat"
19:25:19.278 The log file has been saved successfully to "C:\Users\Cathy\Desktop\aswMBR.txt"

Thanks for you're help Jintan!!


	Logged

Jintan

Administrator
Hero Member

Posts: 3883

Re: Samsung Laptop Running Slow

« Reply #7 on: October 19, 2011, 06:27:53 PM »

Well, you do have some adware/search redirect softwares there, but really not know to slow down startup times.

Go to Start - Control Panel - Programs - Programs and Features, then click on each of the following programs, if they show there, and click "Uninstall/Change".

BitTorrentBar Toolbar - Conduit adware/spyware/search hijacker toolbar.
Conduit Engine - And the background tools for that. Need to uninstall these in this sequence shown.

And some other suggested uninstalls:

Bing Bar Lately this has been installed by Zugo adware. Kinda useless anyway, so better to just uninstall it, than to try to guess which one it is (I think this one is Zugo though).
Google Toolbar for Internet Explorer - This can be a startup slowness maker, not just due to the unneeded toolbar that takes up Internet Explorer space, but all Google software includes a questionable-use "Updater", that runs each startup and immediately tries to contact the Google server, regardless if there is a connection or not.

Make those changes, then do the following.

Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Download ComboFix.exe from here to your desktop, then click that to run that scan. Agree to any warnings you might receive.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #8 on: October 20, 2011, 05:34:29 PM »

COMBOFIX LOG:

ComboFix 11-10-20.03 - Cathy 10/20/2011 9:52.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2807.1602 [GMT -4:00]
Running from: c:\users\Cathy\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))))))
.
.
2011-10-20 23:00 . 2011-10-20 23:00   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-10-17 03:58 . 2011-09-29 06:53   713016   ----a-w-   c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2011-10-17 03:58 . 2011-09-29 06:53   269272   ----a-w-   c:\program files (x86)\Mozilla Firefox\updater.exe
2011-10-17 03:58 . 2011-09-29 06:53   19416   ----a-w-   c:\program files (x86)\Mozilla Firefox\xpcom.dll
2011-10-17 03:58 . 2011-09-29 06:53   166872   ----a-w-   c:\program files (x86)\Mozilla Firefox\softokn3.dll
2011-10-17 03:58 . 2011-09-29 06:53   15649752   ----a-w-   c:\program files (x86)\Mozilla Firefox\xul.dll
2011-10-17 03:58 . 2011-09-29 06:53   142296   ----a-w-   c:\program files (x86)\Mozilla Firefox\ssl3.dll
2011-10-17 03:58 . 2011-09-29 06:53   134104   ----a-w-   c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-10-17 03:58 . 2011-09-29 06:53   109528   ----a-w-   c:\program files (x86)\Mozilla Firefox\smime3.dll
2011-10-17 03:47 . 2011-10-17 03:47   --------   d-----w-   c:\program files (x86)\Common Files\Java
2011-10-17 03:47 . 2011-07-19 09:05   476904   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-10-17 03:47 . 2011-07-19 09:05   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2011-10-17 03:41 . 2011-10-17 03:41   --------   d-----w-   c:\users\Cathy\AppData\Local\Solid State Networks
2011-10-14 02:21 . 2011-09-06 03:07   3134976   ----a-w-   c:\windows\system32\win32k.sys
2011-10-14 02:21 . 2011-08-17 05:32   613888   ----a-w-   c:\windows\system32\psisdecd.dll
2011-10-14 02:21 . 2011-08-17 05:27   75776   ----a-w-   c:\windows\system32\MSDvbNP.ax
2011-10-14 02:21 . 2011-08-17 05:27   288256   ----a-w-   c:\windows\system32\MSNP.ax
2011-10-14 02:21 . 2011-08-17 05:27   108032   ----a-w-   c:\windows\system32\psisrndr.ax
2011-10-14 02:21 . 2011-08-17 05:27   104960   ----a-w-   c:\windows\system32\Mpeg2Data.ax
2011-10-14 02:21 . 2011-08-17 04:26   465408   ----a-w-   c:\windows\SysWow64\psisdecd.dll
2011-10-14 02:21 . 2011-08-17 04:22   75776   ----a-w-   c:\windows\SysWow64\psisrndr.ax
2011-10-14 02:21 . 2011-08-17 04:22   72704   ----a-w-   c:\windows\SysWow64\Mpeg2Data.ax
2011-10-14 02:21 . 2011-08-17 04:22   59904   ----a-w-   c:\windows\SysWow64\MSDvbNP.ax
2011-10-14 02:21 . 2011-08-17 04:22   204288   ----a-w-   c:\windows\SysWow64\MSNP.ax
2011-10-14 02:20 . 2011-08-27 05:40   861184   ----a-w-   c:\windows\system32\oleaut32.dll
2011-10-14 02:20 . 2011-08-27 05:40   331776   ----a-w-   c:\windows\system32\oleacc.dll
2011-10-14 02:20 . 2011-08-27 04:43   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2011-10-14 02:20 . 2011-08-27 04:43   233472   ----a-w-   c:\windows\SysWow64\oleacc.dll
2011-10-03 16:30 . 2011-10-03 16:30   --------   d-----w-   c:\program files\Bonjour Print Services
2011-10-03 16:17 . 2011-10-03 16:17   89088   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2011-10-03 15:52 . 2011-10-03 15:52   --------   d-----w-   c:\windows\system32\SPReview
2011-10-03 15:51 . 2011-10-03 15:51   --------   d-----w-   c:\windows\system32\EventProviders
2011-10-02 14:35 . 2011-10-02 14:35   0   ---ha-w-   c:\users\Cathy\AppData\Local\BITDBA2.tmp
2011-09-24 23:11 . 2011-09-24 23:11   --------   d-----w-   c:\program files (x86)\Common Files\Adobe
2011-09-24 23:08 . 2011-09-24 23:08   --------   d-----w-   c:\program files (x86)\Common Files\Adobe AIR
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-04 01:46 . 2009-07-14 02:36   175104   ----a-w-   c:\windows\system32\msclmd.dll
2011-10-04 01:46 . 2009-07-14 02:36   152064   ----a-w-   c:\windows\SysWow64\msclmd.dll
2011-09-26 13:33 . 2011-08-28 01:59   404640   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-12 17:42 . 2010-09-16 01:09   35664   ----a-w-   c:\windows\system32\drivers\avgmfx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"AVG9_TRAY"="c:\progra~2\AVG\AVG9\avgtray.exe" [2011-09-12 2076512]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Cathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Cathy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS

R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys

S1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\Drivers\avgldx64.sys

S1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\Drivers\avgmfx64.sys

S1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\Drivers\avgtdia.sys

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe

S2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\AVG\AVG9\avgemc.exe [2010-09-16 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files (x86)\AVG\AVG9\avgwdsvc.exe [2010-09-16 308136]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-02-26 252928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys

S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-24 835952]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys

.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ----a-w-   c:\users\Cathy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-01-29 517176]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\avgrssta.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\vdddlr3e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\tbBitT.dll
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files (x86)\ConduitEngine\ConduitEngine.dll
BHO-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\tbBitT.dll
Toolbar-Locked - (no file)
Toolbar-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\tbBitT.dll
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files (x86)\ConduitEngine\ConduitEngine.dll
Wow6432Node-HKCU-Run-DW6 - (no file)
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B} - c:\programdata\{249B9E04-F0FC-434D-B0D8-12D3EDFF3B77}\Best Buy Software Installer Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\AVG\AVG9\avgcsrvx.exe
c:\program files (x86)\AVG\AVG9\avgtray.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2011-10-20 19:29:38 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-20 23:29
.
Pre-Run: 229,068,820,480 bytes free
Post-Run: 230,668,787,712 bytes free
.
- - End Of File - - 4A3046E6C300128EC6833C10B323E541


	Logged

Jintan

Administrator
Hero Member

Posts: 3883

Re: Samsung Laptop Running Slow

« Reply #9 on: October 20, 2011, 06:19:19 PM »

Looks pretty good so far, actually. That scan helped by cleaning up a lot of remnants. Let's scan check now.

Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup-1.51.0.1200.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform quick scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by Malwarebytes and can be viewed by clicking the Logs tab in Malwarebytes.
* Copy and Paste the entire report in your next reply. If it calls for a reboot to complete the repairs do that as well then.

----------

Disable your antivirus program and click here and download the esetsmartinstaller_enu.exe Eset installer. Then click that file to run the scanner.

If you accept the Terms of Use, check the box and click Start. It will take a couple minutes for the scanner to get ready. When the Computer scan settings display shows, check the following boxes:

Remove found threats
Scan unwanted applications

Next to "Current scan targets: Operating memory, Local drives", click the "Change" word. Make sure you place a check next to all disk drives, including any external drives that are attached (no need to check off the floppy or DVD/CD-Rom drives).

Then click the Advanced option, the place a check next to the following (if it is not already checked):

Enable Anti-Stealth technology

Click Start. This scan may take a while, so please be patient.

If infection is found, at the end of the scan click "List of found threats".

In that display, at the bottom, select the option to save the results as a text file, and save that to your desktop. Post that back here please.

Post that log and the Malwarebytes log please.


	Logged

petesake

Newbie

Posts: 13

Re: Samsung Laptop Running Slow

« Reply #10 on: October 26, 2011, 05:01:31 PM »

Malware Log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7996

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/21/2011 6:46:24 PM
mbam-log-2011-10-21 (18-46-24).txt

Scan type: Quick scan
Objects scanned: 185594
Time elapsed: 3 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ESETMARTIN LOG:

No Threats Found


	Logged

Jintan

Administrator
Hero Member

Posts: 3883

Re: Samsung Laptop Running Slow

« Reply #11 on: October 26, 2011, 06:20:47 PM »

A bit of a delay, but sure looks clean at this point. What issues are you still experiencing there now please?


	Logged

Pages: [1]

« previous next »