Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Low on Memory XP with 3.5 G of RAM

Started by TobCapone , Dec 03 2010 05:21 PM

  • Please log in to reply

#1
TobCapone
Posted 03 December 2010 - 05:21 PM

TobCapone

    New Member

  • Member
  • Pip
  • 2 posts
Hello,

I am hoping someone could help me out or point me in the right direction. I have searched other postings, tried a few things with no resolution, and have reached the end of my technical knowledge. My beloved workhorse of a machine is having problems.

Thank you in advance for your assistance.

ISSUE: After several hours of use (2-3 hours) my PC starts having memory problems and freezes. When I restart the PC (either forced or normal) it corrects the problem for another 2-3 hours as long as I am running only 1 application at a time.

ERROR MESSAGES: 1) "Your system is running low on resources," 2)Several other warnings/beeps come up but I can't read them due to insufficient memory. 3)system is noticeably slower (opening applications, toggling between programs, overall process speed)

WHAT I HAVE DONE SO FAR: 1) ran anti-virus and spyware programs, none of them indicate any problems 2) Adjusted my Paging File size 3) Defragged VM using PageDefrag 4) Ran MBAM (which doesn't work)

SYSTEM AND ANTI-VIRUS PROGRAM INFORMATION:
  • Dell Laptop D630 Latitude
  • XP Professional SP2
  • 3.5 GB of RAM
  • 2.5 GHz Core 2 Duo CPU
  • 45 GB of Free Hard Disk Space
  • Malwarebytes Anti-Malware
  • Avira AntiVir Personal
  • Microsoft Security Essentials
  • SUPERAntiSpyware

OTL Logfile:
OTL logfile created on: 12/3/2010 2:51:30 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\pclark\My Documents\Downloads\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
9.00 Gb Paging File | 7.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 5360 8832 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 29.67 Gb Free Space | 39.81% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 202.65 Gb Free Space | 43.51% Space Free | Partition Type: NTFS

Computer Name: LTPLAY-VCR-055 | User Name: pclark | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/29 14:20:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pclark\My Documents\Downloads\OTL\OTL.exe
PRC - [2010/11/23 15:42:03 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/11/07 17:00:31 | 002,324,848 | ---- | M] (GFI Software Ltd.) -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe
PRC - [2010/11/02 16:18:36 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/02 16:18:35 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/02 16:18:35 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/10/29 10:33:42 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/29 10:33:40 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/06/30 03:26:28 | 000,026,984 | ---- | M] (Gladinet, INC) -- C:\Program Files\Gladinet\Gladinet Cloud Desktop\GladFileMonSvc.exe
PRC - [2010/04/27 11:17:40 | 000,590,632 | ---- | M] (GFI Software Ltd.) -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/02/25 21:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/10/06 09:28:13 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/01/17 20:21:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/10/14 20:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2007/12/03 16:33:40 | 020,525,056 | ---- | M] ( ) -- C:\Program Files\D-Link\D-Link WNA-2330 Notebook Adapter\wirelesscm.exe
PRC - [2007/07/02 12:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/13 02:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/06 15:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 13:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/04/13 01:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2007/04/13 01:50:00 | 000,251,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe
PRC - [2007/03/21 12:42:38 | 000,364,629 | ---- | M] (Atheros) -- C:\Program Files\D-Link\D-Link WNA-2330 Notebook Adapter\acs.exe
PRC - [2007/02/21 11:28:36 | 000,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/02/21 11:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/02/21 11:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/02/21 11:16:48 | 000,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007/02/21 11:10:00 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/02/19 13:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007/02/19 13:26:32 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/02/08 12:55:22 | 000,032,144 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\ssonsvr.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/10/26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2006/09/08 14:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2004/01/08 09:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2003/12/01 11:38:16 | 000,892,928 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe


========== Modules (SafeList) ==========

MOD - [2010/11/29 14:20:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pclark\My Documents\Downloads\OTL\OTL.exe
MOD - [2006/08/25 07:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/04 04:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/01/08 09:50:00 | 000,024,064 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2004/01/08 09:50:00 | 000,006,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll
MOD - [2003/12/01 11:31:44 | 000,004,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\itchhk.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/07 17:00:31 | 002,324,848 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe -- (GFIBckHSched)
SRV - [2010/11/02 16:18:36 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/02 16:18:35 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/06/30 03:26:28 | 000,026,984 | ---- | M] (Gladinet, INC) [Auto | Running] -- C:\Program Files\Gladinet\Gladinet Cloud Desktop\GladFileMonSvc.exe -- (GladFileMonSvc)
SRV - [2010/04/27 11:17:40 | 000,590,632 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe -- (GFIBckHAtt)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/01/17 20:21:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/06/30 15:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2007/04/13 01:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2007/04/13 01:50:00 | 000,251,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe -- (Wuser32)
SRV - [2007/03/21 12:42:38 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files\D-Link\D-Link WNA-2330 Notebook Adapter\acs.exe -- (ACS)
SRV - [2007/02/21 11:28:36 | 000,643,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/02/21 11:16:48 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2007/02/21 11:10:00 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2007/02/19 13:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - [2010/11/22 10:15:28 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/02 16:18:37 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/05/10 10:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/05/11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/28 05:38:26 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2007/07/06 23:30:00 | 000,057,376 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2007/06/25 17:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/21 21:58:32 | 000,547,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/05/16 17:14:58 | 005,707,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/05/14 11:21:16 | 000,057,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007/04/13 01:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007/03/16 18:10:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/02/25 06:05:24 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/02/23 14:47:34 | 000,056,576 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/02/21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/19 13:27:34 | 001,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/16 14:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/11/02 15:47:36 | 000,989,696 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 15:47:00 | 000,209,152 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/02 15:46:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/04/19 14:57:22 | 000,512,896 | ---- | M] (Polycom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PlcmAEC.sys -- (PlcmAEC)
DRV - [2005/11/28 10:44:06 | 000,011,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbstuff5.sys -- (kbstuff)
DRV - [2005/11/28 10:44:04 | 000,008,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\idisw2km.sys -- (idisw2km)
DRV - [2005/09/06 12:39:30 | 000,024,521 | ---- | M] (Nortel Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eacfilt.sys -- (Eacfilt)
DRV - [2005/09/06 12:39:14 | 000,155,184 | ---- | M] (Nortel Networks NA, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECSHM)
DRV - [2005/09/06 12:39:14 | 000,155,184 | ---- | M] (Nortel Networks NA, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECEXT)
DRV - [2005/08/25 18:28:00 | 001,240,576 | ---- | M] (Philips Consumer Electronics) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv41.sys -- (camvid40)
DRV - [2004/08/12 16:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/07/22 08:36:16 | 000,042,240 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2003/12/17 09:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 09:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/11/08 22:24:18 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\itchfltr.sys -- (itchfltr)
DRV - [2003/11/07 09:50:00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003/11/07 09:50:00 | 000,014,092 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://uplay.playground.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://uplay.playground.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...#overview-page"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:0.4.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12
FF - prefs.js..extensions.enabledItems: {103b0940-62c7-11db-bd13-0800200c9a66}:1.5
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {c33c5b47-69c8-45a4-a5e0-af85bbe628dd}:1.6.1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.6.18
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {D46E8522-6E86-44b1-A622-58C0668AD78E}:3.6.0
FF - prefs.js..keyword.URL: "http://www.google.co...earch?hl=en&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 10:33:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/02 21:25:22 | 000,000,000 | ---D | M]

[2008/12/08 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Extensions
[2010/12/03 10:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions
[2010/11/18 10:13:59 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/08/03 12:10:59 | 000,000,000 | ---D | M] (SpanishTrans) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{103b0940-62c7-11db-bd13-0800200c9a66}
[2010/12/03 10:02:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/09/01 17:26:15 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/03/26 13:13:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2010/01/21 10:31:07 | 000,000,000 | ---D | M] (Interclue) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}
[2010/11/04 19:12:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/06 12:06:08 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2010/01/12 21:08:24 | 000,000,000 | ---D | M] (Classic Compact) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}
[2010/10/18 11:32:33 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/04/18 10:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\[email protected]
[2010/10/06 11:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\[email protected]
[2009/11/17 13:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\[email protected]
[2009/10/17 13:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\[email protected]
[2010/01/12 21:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}\chrome\mozapps\extensions
[2009/06/14 11:09:38 | 000,001,381 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Mozilla\Firefox\Profiles\382dsqo8.default\searchplugins\Inquisitor.xml
[2010/12/03 10:03:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/01 11:14:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/21 08:38:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/23 20:53:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/02/05 16:09:34 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2009/02/05 16:09:34 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2009/02/05 16:09:32 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dimdim.lnk = C:\Program Files\Dimdim\Plugin\Application\Dimdim.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link WNA-2330 Notebook Adapter\wirelesscm.exe ( )
O4 - Startup: C:\Documents and Settings\pclark\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\pclark\Application Data\Dropbox\bin\Dropbox.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O15 - HKLM\..Trusted Domains: intrawest.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: lelivre ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: myapps ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: oneintrawest ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: rezolution.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: rtpsupport ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: service-now.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: service-now.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: tremblant.ca ([onestore] https in Trusted sites)
O15 - HKLM\..Trusted Domains: tremblant.ca ([onestore-fr] https in Trusted sites)
O15 - HKLM\..Trusted Domains: tremblant.ca ([transact] https in Trusted sites)
O15 - HKLM\..Trusted Domains: tremblant.ca ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: tremblantwebcams.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: trm-lelivre ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trm-livre-sp07 ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trmrtpval ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trm-sigma ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trm-web-dev ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trm-web-live ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: contoso.itw ([vm-iproj-ucs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: intrawest.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: lelivre ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: myapps ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: oneintrawest ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: playground.com ([extuplay] https in Trusted sites)
O15 - HKCU\..Trusted Domains: playground.com ([uplay] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rezolution.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: rtpsupport ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: service-now.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: service-now.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: tremblant.ca ([onestore] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tremblant.ca ([onestore-fr] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tremblant.ca ([transact] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tremblant.ca ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tremblantwebcams.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: trm-lelivre ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: trm-livre-sp07 ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: trmrtpval ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: trm-sigma ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: trm-web-dev ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: trm-web-live ([]http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1233871810424 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1233871802642 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = iDirectory.itw
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\pclark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\pclark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/27 11:17:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/02 22:25:50 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2010/12/01 11:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/01 11:14:10 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/11/29 14:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Business Plan Pro
[2010/11/27 12:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pclark\Local Settings\Application Data\Business Plan Pro Samples
[2010/11/23 21:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2010/11/23 21:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pclark\Local Settings\Application Data\Palo_Alto_Software
[2010/11/23 21:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pclark\Application Data\bppenu11
[2010/11/23 21:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pclark\Local Settings\Application Data\Downloaded Installations
[2010/11/19 14:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pclark\Desktop\Scans
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/03 14:49:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/03 14:41:59 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Business Plan Pro.lnk
[2010/12/03 14:35:43 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007 (2).lnk
[2010/12/03 14:29:25 | 000,000,065 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2010/12/03 14:23:49 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/03 14:23:29 | 000,467,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/03 14:23:29 | 000,079,936 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/03 14:21:11 | 000,000,497 | ---- | M] () -- C:\WINDOWS\SMSCFG.ini
[2010/12/03 14:19:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/03 14:19:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/03 14:18:58 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/12/03 14:18:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/03 10:33:39 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook 2007 (2).lnk
[2010/12/02 22:25:50 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2010/12/02 18:00:03 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\next.job
[2010/12/02 15:25:59 | 000,001,100 | ---- | M] () -- C:\Settings.ini
[2010/12/02 10:34:13 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2010/12/01 17:37:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\Dell Laptop Bi-weekly Backup.job
[2010/11/29 17:13:28 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/11/27 17:15:33 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office PowerPoint 2007 (2).lnk
[2010/11/22 10:15:28 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/11/12 13:42:57 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft MapPoint North America 2006 (2).lnk
[2010/11/12 11:07:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/11/12 10:40:23 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/09 13:52:23 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/08 12:21:52 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\pclark\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/07 16:45:19 | 000,000,856 | ---- | M] () -- C:\WINDOWS\tasks\Monthly Backup.job
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/29 14:44:04 | 000,002,541 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Business Plan Pro.lnk
[2010/11/12 11:07:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\pclark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/11/09 13:52:23 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/07 15:21:55 | 000,000,856 | ---- | C] () -- C:\WINDOWS\tasks\Monthly Backup.job
[2010/11/03 23:17:09 | 000,001,100 | ---- | C] () -- C:\Settings.ini
[2010/06/28 10:47:15 | 000,305,032 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/01 22:53:14 | 000,037,924 | ---- | C] () -- C:\Documents and Settings\pclark\Application Data\Comma Separated Values (Windows).ADR
[2010/03/01 21:28:10 | 000,038,474 | ---- | C] () -- C:\Documents and Settings\pclark\Application Data\Microsoft Excel 97-2003.ADR
[2009/11/23 13:46:52 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\xobni_installer_updater.log
[2008/12/23 12:49:21 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\pclark\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/21 15:55:46 | 000,308,736 | ---- | C] () -- C:\WINDOWS\System32\fpxlib.dll
[2008/12/21 15:55:46 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\jpeglib.dll
[2008/12/09 15:22:17 | 000,000,065 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2008/01/16 11:03:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/10/30 13:34:30 | 000,000,497 | ---- | C] () -- C:\WINDOWS\SMSCFG.ini
[2007/10/30 10:10:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/27 13:53:21 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/10/27 13:53:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2007/10/27 04:02:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

========== LOP Check ==========

[2008/12/09 15:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2008/11/25 16:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Berlitz
[2008/12/09 21:34:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/09/17 12:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dimdim
[2010/11/23 21:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2009/01/19 19:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2010/10/07 09:48:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1E27C978-6522-4AEE-BF9A-6B11E80724AA}
[2009/09/01 19:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Berlitz
[2010/11/23 21:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\bppenu11
[2008/12/09 21:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Canon
[2010/09/17 12:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\dimdim
[2010/12/03 14:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Dropbox
[2009/11/11 16:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\foobar2000
[2010/12/03 13:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\gSyncit
[2008/09/11 14:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\ICAClient
[2008/02/27 16:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\OfficeUpdate12
[2008/12/08 18:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Productivity Tools
[2010/10/06 15:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\SmartDraw
[2010/07/05 15:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\SpaceMonger
[2009/02/03 16:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Webex
[2008/12/11 10:29:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Windows Desktop Search
[2009/02/20 07:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\Windows Search
[2009/07/22 08:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pclark\Application Data\YouSendIt
[2010/11/07 16:45:19 | 000,000,856 | ---- | M] () -- C:\WINDOWS\Tasks\Monthly Backup.job
[2010/12/03 14:23:49 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/02 18:00:03 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\next.job

========== Purity Check ==========


< End of report >

Edited by TobCapone, 03 December 2010 - 05:33 PM.

  • 0

Advertisements

#2
TobCapone
Posted 06 December 2010 - 05:10 PM

TobCapone

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hello,

Still having problems with PC, wondering if anyone could suggest some idea?

Since the above post I have done the following but still have the same memory problems.
  • Uninstalled and re-installed MBAM
  • MBAM works but didn't catch any problems
  • Updated Superantivirus, ran it and that says I don't have a virus
  • Uninstalled and re-installed MBAM
  • Ran my other anti-virus programs and those say I don't have a virus
  • Uninstalled Skype v4.2, thinking that might be the problem
  • Read and followed all the instructions from this post: http://forums.malwar...525

Any other ideas? Something is clearly wrong but can't figure it out.

Thanks for the help,
Tob
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP