Symptoms:
Stuttering audio, mouse pointer briefly sticks at a regular interval.
History:
Reinstalled Windows XP several times after attempting system restore. In the past a system restore had resolved the audio stutter problem temporarily, but it would always later resurface. Reinstalling windows also temporarily would solve the problem, but again it would always resurface later.
Recently I was working at my DAW. The behavior of the computer started to become erratic (I just assumed it was from high memory usage.) Then moments later there was a split second power surge (even the lamp in the room went out,) and after restarting my computer the audio was stuttering, and long with regular stutter in the mouse movement. I performed two system restores, and failing to resolve the issue re installed windows from the hard drive partition. Five times. The symptoms are showing no sign of going away anytime soon. Also my anti-virus, and other programs are showing a virus on my system.
I would assume that it could be the sound card, but no because it has done this before and discontinued the symptoms after a system restore. Also observe this data from my freshly reinstalled windows:
(in a possibly related issue my wireless mouse just quit working. could be a hardware issue. could be this as well as it stopped working after this: Trojan.Win32.Adware
Quarantine {87D80214-5A91-4C8B-959D-DB22549D255A} completed.)
MalwareBytes found nothing
AVAST:
Process 1988 [explorer.exe], memory block 0x0000000 Severity: High Threat: Win32:Malware-gen
Process 2196 [rundll32.exe], memory block 0x0000000 Severity: Medium Threat: Win32:RunDLLMod [susp]
Process 3596 [netwaiting.exe], memory block 0x0000000 Severity: Medium Threat: Win32:WrongInf-D [susp]
aswMBR:
21:24:57.890 File: C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1\A0000215.exe **INFECTED** Win32:Hrupka-D [Cryp]
VIPRER:
[CLEANING:] Item: C:\Program Files\DIGStream\digstream.exe, ID: 4
Trojan.Win32.Adware
Quarantine {87D80214-5A91-4C8B-959D-DB22549D255A} completed.
Clean Completed.
Clean time: 00:00:02
1 threats were cleaned.
OTL logfile created on: 9/13/2012 11:36:38 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Documents and Settings\Chris\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.37 Mb Total Physical Memory | 541.57 Mb Available Physical Memory | 52.97% Memory free
2.40 Gb Paging File | 2.04 Gb Available in Paging File | 84.87% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 86.58 Gb Total Space | 77.67 Gb Free Space | 89.71% Space Free | Partition Type: NTFS
Computer Name: DDXXQ1B1 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/13 23:36:04 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Chris\Local Settings\Temp\clclean.0001
PRC - [2012/09/13 21:53:45 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/08/21 05:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2006/05/24 10:52:13 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2006/04/06 15:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/01/02 10:13:52 | 001,126,400 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
PRC - [2005/12/28 13:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2005/12/28 12:56:16 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/12/28 12:55:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/12/28 12:52:32 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/11/16 15:35:16 | 000,397,312 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/10/31 11:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/08/12 15:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004/12/02 19:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
PRC - [2004/08/10 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/09/10 03:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/13 23:36:04 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Temp\clclean.0001.dir.0001\~df394b.tmp
MOD - [2012/09/13 15:55:05 | 001,810,944 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12091301\algo.dll
MOD - [2006/04/06 15:59:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/03/03 04:18:08 | 001,355,938 | ---- | M] () -- C:\WINDOWS\system32\CTMBHA.DLL
MOD - [2005/12/28 13:11:34 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005/12/28 13:11:34 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005/12/28 13:11:34 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005/11/16 11:05:08 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/08/30 00:13:42 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2005/08/16 22:02:56 | 001,257,472 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2005/08/16 22:02:56 | 001,224,704 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2005/08/16 22:02:54 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2005/08/16 22:02:54 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2005/08/16 22:02:54 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2005/08/16 22:02:54 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2005/08/16 22:02:54 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2005/08/16 22:00:04 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005/08/05 15:01:54 | 000,282,112 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2004/08/10 06:00:00 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2004/08/10 06:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/10 06:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/09/10 03:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe
MOD - [2003/03/20 17:11:02 | 000,073,728 | ---- | M] () -- C:\Program Files\Creative\VoiceCenter\AEWave.ax
========== Services (SafeList) ==========
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/05/24 10:52:13 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/04/06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/28 13:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 05:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/08/21 05:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/08/21 05:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/05/25 13:14:24 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2006/02/16 00:39:00 | 001,421,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/01/04 01:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/12/28 14:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/12/04 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/14 09:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 09:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 09:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 10:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/21 21:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 21:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 21:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/05/25 03:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 04:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 04:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/02/13 10:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = about:blank
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/13 13:34:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/13 13:11:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/09/13 13:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions
[2012/09/13 13:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/13 13:34:12 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BuildBU] c:\dell\bldbubg.exe ()
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [HTAReg] C:\Program Files\Creative\Sound Blaster Audigy ADVANCED MB\Product Registration\English\HTAReg.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VoiceCenter] C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03C02C4E-EFB1-445B-8BBE-D35D513ECBB1}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/13 22:32:13 | 000,101,112 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012/09/13 22:32:13 | 000,042,864 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2012/09/13 22:32:04 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/09/13 21:56:59 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.com
[2012/09/13 21:56:10 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.scr
[2012/09/13 21:53:45 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
[2012/09/13 20:25:00 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Chris\Desktop\aswMBR.exe
[2012/09/13 20:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\TrendMicro AntiThreat Toolkit
[2012/09/13 20:04:30 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/09/13 19:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Malwarebytes
[2012/09/13 19:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/13 19:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/09/13 19:52:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/13 19:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/13 19:23:39 | 006,798,312 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Chris\Desktop\attk_far_gui_x86.exe
[2012/09/13 19:23:15 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Chris\Desktop\mbam-setup-1.62.0.1300.exe
[2012/09/13 19:06:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Administrative Tools
[2012/09/13 14:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[2012/09/13 14:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\McAfee.com Personal Firewall
[2012/09/13 14:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2012/09/13 14:02:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\Gtek
[2012/09/13 14:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Macromedia
[2012/09/13 14:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Intel
[2012/09/13 14:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Identities
[2012/09/13 14:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Corel
[2012/09/13 14:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\ATI
[2012/09/13 14:02:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Chris\Application Data\Microsoft
[2012/09/13 14:02:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Chris\Cookies
[2012/09/13 14:02:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chris\Application Data
[2012/09/13 14:02:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\Favorites
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Sun
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Musicmatch
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\BVRP Software
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\ATI
[2012/09/13 14:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\ApplicationHistory
[2012/09/13 14:02:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chris\SendTo
[2012/09/13 14:02:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chris\Recent
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Startup
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\Start Menu
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\My Documents\My Pictures
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\My Documents\My Music
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\My Documents
[2012/09/13 14:02:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Accessories
[2012/09/13 14:02:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Templates
[2012/09/13 14:02:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\PrintHood
[2012/09/13 14:02:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\NetHood
[2012/09/13 14:02:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Local Settings
[2012/09/13 14:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Wildtangent
[2012/09/13 14:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\VoiceCenter
[2012/09/13 14:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Dell Accessories
[2012/09/13 14:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\Dell
[2012/09/13 14:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2012/09/13 13:34:43 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/09/13 13:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/09/13 13:34:42 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/09/13 13:34:41 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/09/13 13:34:40 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/09/13 13:34:40 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/09/13 13:34:38 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/09/13 13:34:38 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/09/13 13:34:37 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/09/13 13:34:02 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/09/13 13:34:02 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/09/13 13:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/13 13:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/09/13 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\Downloads
[2012/09/13 13:20:01 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/09/13 13:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Mozilla
[2012/09/13 13:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Mozilla
[2012/09/13 13:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/13 23:36:23 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/09/13 23:35:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/13 23:30:26 | 000,921,654 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\viprerescue log.bmp
[2012/09/13 22:31:35 | 118,116,352 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\VIPRERescue13044.exe
[2012/09/13 21:57:00 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.com
[2012/09/13 21:56:15 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.scr
[2012/09/13 21:53:45 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
[2012/09/13 21:41:33 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\MBR.dat
[2012/09/13 20:26:00 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Chris\Desktop\aswMBR.exe
[2012/09/13 20:23:56 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/09/13 20:04:12 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\housecall.guid.cache
[2012/09/13 19:53:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/13 19:24:09 | 006,798,312 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Chris\Desktop\attk_far_gui_x86.exe
[2012/09/13 19:23:38 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Chris\Desktop\mbam-setup-1.62.0.1300.exe
[2012/09/13 14:48:53 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Avast Results.bmp
[2012/09/13 14:02:46 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2012/09/13 14:02:34 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/13 14:02:28 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Windows Media Player.lnk
[2012/09/13 14:02:26 | 000,001,478 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2012/09/13 14:01:11 | 000,000,448 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/09/13 14:01:06 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2012/09/13 14:01:05 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\ISP signup reminder 1.job
[2012/09/13 13:59:22 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/09/13 13:37:52 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/09/13 13:34:43 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/09/13 13:32:29 | 093,654,616 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\avast_free_antivirus_setup.exe
[2012/09/13 13:22:00 | 000,033,024 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF
[2012/09/13 13:20:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/13 13:18:53 | 000,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2012/09/13 13:11:34 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/13 13:11:34 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/09/13 13:07:46 | 000,382,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/09/13 13:07:46 | 000,053,838 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/08/21 05:13:14 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/08/21 05:13:14 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/08/21 05:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/08/21 05:13:13 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/08/21 05:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/08/21 05:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/13 23:30:26 | 000,921,654 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\viprerescue log.bmp
[2012/09/13 22:10:23 | 118,116,352 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\VIPRERescue13044.exe
[2012/09/13 20:46:58 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\MBR.dat
[2012/09/13 20:04:12 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\housecall.guid.cache
[2012/09/13 19:52:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/13 14:48:52 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Avast Results.bmp
[2012/09/13 14:02:28 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Windows Media Player.lnk
[2012/09/13 14:02:08 | 000,002,007 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk
[2012/09/13 14:02:08 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro X.lnk
[2012/09/13 14:02:08 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk
[2012/09/13 14:02:08 | 000,001,478 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2012/09/13 14:02:08 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/13 14:02:08 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2012/09/13 14:02:07 | 000,001,298 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Media Center.lnk
[2012/09/13 14:02:07 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/09/13 14:02:06 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2012/09/13 14:02:05 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Remote Assistance.lnk
[2012/09/13 14:02:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Windows Media Player.lnk
[2012/09/13 14:02:05 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Internet Explorer.lnk
[2012/09/13 14:02:05 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Chris\Start Menu\Programs\Outlook Express.lnk
[2012/09/13 14:01:05 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\ISP signup reminder 1.job
[2012/09/13 13:59:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/09/13 13:34:43 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/09/13 13:34:38 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/09/13 13:26:36 | 093,654,616 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\avast_free_antivirus_setup.exe
[2012/09/13 13:18:53 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2012/09/13 13:11:34 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/13 13:11:34 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/09/13 13:11:33 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2006/05/24 10:50:06 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
========== LOP Check ==========
[2012/09/13 13:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2006/05/24 11:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/09/13 23:36:23 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012/09/13 14:01:05 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
========== Purity Check ==========
< End of report >