Last night I was downloading a friend's video from MegaUpload and as it started to download, I got infected with what it says is AntiMalware Doctor an obvious virus that's trying to scan my system and get my credit card information. I've used Malwarebytes, Avast, and RKill, with no success in doing anything. It looks like one of the .exe files the virus/malware is under is called "bagn70dol.exe". I also noticed "Flehia.exe" as well. I've tried using Malwarebytes, RKill, and Avast in safe mode and normal modes, and just don't know what else to do.
Below is the OTL log that I just ran. Again, I really really really appreciate any help you can provide!
***LOG BELOW:
OTL logfile created on: 6/14/2011 1:47:25 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Tiara\My Documents\Downloads
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.37 Mb Total Physical Memory | 186.68 Mb Available Physical Memory | 18.40% Memory free
2.38 Gb Paging File | 1.38 Gb Available in Paging File | 57.72% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.60 Gb Total Space | 21.71 Gb Free Space | 32.12% Space Free | Partition Type: NTFS
Computer Name: SAVEDGLORY | User Name: Tiara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2011/06/14 13:43:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tiara\My Documents\Downloads\OTL.exe
PRC - [2011/06/13 21:39:43 | 000,062,464 | ---- | M] ( ) -- C:\Documents and Settings\Tiara\Application Data\s5sf.exe
PRC - [2011/06/13 21:39:37 | 000,238,080 | ---- | M] () -- C:\Documents and Settings\Tiara\Local Settings\Temp\Fjl.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/22 21:22:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/09/13 12:48:14 | 000,097,384 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
PRC - [2010/09/13 12:48:12 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2010/02/21 17:09:32 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/05/27 12:00:24 | 000,753,664 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/19 18:58:30 | 000,083,504 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/08/22 14:32:18 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/03/24 22:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/08/10 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2004/08/10 04:00:00 | 000,069,632 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\lssas.exe
PRC - [2003/08/27 09:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
========== Modules (SafeList) ==========
MOD - [2011/06/14 13:43:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tiara\My Documents\Downloads\OTL.exe
MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/06/13 21:40:31 | 000,000,107 | -H-- | M] () [Auto | Stopped] -- C:\Documents and Settings\Tiara\Application Data\Plug.bat -- (Plug Manager)
SRV - [2011/06/13 21:40:10 | 000,000,105 | -H-- | M] () [Auto | Stopped] -- C:\Documents and Settings\Tiara\Application Data\LocalAccountAuthority.bat -- (Local Account Authority Service)
SRV - [2011/06/13 21:39:50 | 000,000,104 | -H-- | M] () [Auto | Stopped] -- C:\Documents and Settings\Tiara\Application Data\MouseDriver.bat -- (MouseDriver)
SRV - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/09/13 12:48:12 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2007/02/19 18:58:30 | 000,083,504 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/15 00:34:43 | 000,086,528 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/08/27 09:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
========== Driver Services (SafeList) ==========
DRV - [2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/22 18:01:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/06/10 00:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2007/04/17 19:34:56 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaD10BA.SYS -- (CdaD10BA)
DRV - [2006/12/18 18:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/12/15 00:32:29 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/12/15 00:26:55 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/11/22 23:34:36 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/08/25 06:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/03/24 22:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/14 22:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/14 21:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/12 23:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2004/02/13 15:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061215
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:myworld|http://www.flock.com/start/"
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\extensions\\{D53F4178-B58D-4E40-89BC-9873E1F02355}: C:\Documents and Settings\Tiara\Local Settings\Application Data\{D53F4178-B58D-4E40-89BC-9873E1F02355} [2011/06/13 17:27:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{913DB4E6-E193-4AF8-9FB8-AB7BD3EEF8DC}: C:\Documents and Settings\Adriann\Local Settings\Application Data\{913DB4E6-E193-4AF8-9FB8-AB7BD3EEF8DC} [2011/06/13 19:29:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/13 22:32:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\Program Files\Flock\flock\plugins [2011/01/23 14:59:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\Program Files\Flock\flock\components [2011/01/23 14:59:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/13 19:25:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/22 21:23:05 | 000,000,000 | ---D | M]
[2009/03/26 14:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Extensions
[2009/03/26 14:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Extensions\[email protected]
[2011/06/14 13:35:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Firefox\Profiles\hp1m1y0z.default\extensions
[2010/09/17 10:07:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Firefox\Profiles\hp1m1y0z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/19 14:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Firefox\Profiles\hp1m1y0z.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/06/13 17:27:06 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Tiara\Application Data\Mozilla\Firefox\Profiles\hp1m1y0z.default\extensions\[email protected]
[2011/06/14 13:35:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/09/05 21:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2007/06/27 20:20:19 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\DOCUMENTS AND SETTINGS\TIARA\APPLICATION DATA\FLOCK\BROWSER\PROFILES\KCD42Z1Z.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
[2008/06/17 23:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
O1 HOSTS File: ([2011/06/13 04:45:04 | 000,000,919 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 67.205.118.181 www.google.com
O1 - Hosts: 67.205.118.182 search.yahoo.com
O1 - Hosts: 67.205.118.182 www.bing.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cleanddm] File not found
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [oeqvxfh] C:\Documents and Settings\Tiara\Application Data\s5sf.exe ( )
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Vwamixaqabezaxeq] C:\WINDOWS\efixizux.dll ()
O4 - HKCU..\Run: [4ECYTQ9SIC] File not found
O4 - HKCU..\Run: [Afiroxuxuvijuk] File not found
O4 - HKCU..\Run: [bagn70dol.exe] File not found
O4 - HKCU..\Run: [ModemOnHold] File not found
O4 - HKCU..\Run: [W1WIWQ1NPG] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Amazon Unbox.lnk = C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tiara\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinn...am/skillgam.cab (SkillGam Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} http://www.worldwinn...v46/sol/sol.cab (Sol Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab (Hangman Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Tiara\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tiara\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{b7f7f922-9e8a-11db-a33e-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b7f7f922-9e8a-11db-a33e-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b7f7f922-9e8a-11db-a33e-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/14 07:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/13 22:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/06/13 22:33:11 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/06/13 22:33:11 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/06/13 22:33:06 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/06/13 22:33:06 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/06/13 22:33:05 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/13 22:33:04 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/06/13 22:33:04 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/06/13 22:33:01 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/06/13 22:32:08 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/06/13 22:32:04 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/06/13 22:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/13 22:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/13 21:49:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/06/13 21:49:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/06/13 21:40:37 | 000,069,632 | ---- | C] ( ) -- C:\Documents and Settings\Tiara\Application Data\9di3ccnqs.exe
[2011/06/13 21:39:46 | 000,062,464 | ---- | C] ( ) -- C:\Documents and Settings\Tiara\Application Data\s5sf.exe
[2011/06/13 19:53:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2011/06/13 17:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tiara\Local Settings\Application Data\{D53F4178-B58D-4E40-89BC-9873E1F02355}
[2011/06/13 17:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\PageRage
[2011/06/13 17:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/06/13 17:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tiara\Application Data\69AFB03868188CBEDA9905903C1559C3
[2011/05/19 21:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/19 21:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/05/19 21:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/05/19 21:08:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[8 C:\Documents and Settings\Tiara\My Documents\*.tmp files -> C:\Documents and Settings\Tiara\My Documents\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Tiara\Application Data\*.tmp files -> C:\Documents and Settings\Tiara\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/14 13:51:47 | 000,000,085 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\mlog
[2011/06/14 13:47:33 | 000,000,004 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\ylog
[2011/06/14 13:34:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 13:33:54 | 000,443,034 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/14 13:33:54 | 000,072,134 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/14 13:28:29 | 000,000,300 | -HS- | M] () -- C:\WINDOWS\tasks\Qmyuvv.job
[2011/06/14 13:28:22 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\tasks\pirvn.job
[2011/06/14 13:27:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/14 07:46:49 | 000,001,016 | ---- | M] () -- C:\WINDOWS\lsrslt.ini
[2011/06/13 22:33:04 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/13 22:09:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/13 21:41:06 | 000,069,632 | ---- | M] ( ) -- C:\Documents and Settings\Tiara\Application Data\9di3ccnqs.exe
[2011/06/13 21:40:31 | 000,000,107 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\Plug.bat
[2011/06/13 21:40:10 | 000,000,105 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\LocalAccountAuthority.bat
[2011/06/13 21:39:50 | 000,000,104 | -H-- | M] () -- C:\Documents and Settings\Tiara\Application Data\MouseDriver.bat
[2011/06/13 21:39:43 | 000,062,464 | ---- | M] ( ) -- C:\Documents and Settings\Tiara\Application Data\s5sf.exe
[2011/06/13 17:29:28 | 000,042,166 | ---- | M] () -- C:\Documents and Settings\Tiara\Application Data\wklnhst.dat
[2011/06/13 17:25:10 | 000,136,704 | RHS- | M] () -- C:\WINDOWS\System32\dsseco.dll
[2011/06/13 04:45:04 | 000,000,919 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/02 20:49:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/19 21:15:28 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[8 C:\Documents and Settings\Tiara\My Documents\*.tmp files -> C:\Documents and Settings\Tiara\My Documents\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Tiara\Application Data\*.tmp files -> C:\Documents and Settings\Tiara\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/14 07:46:49 | 000,001,016 | ---- | C] () -- C:\WINDOWS\lsrslt.ini
[2011/06/13 22:13:23 | 000,335,872 | ---- | C] () --
[2011/06/13 21:40:36 | 000,000,085 | -H-- | C] () -- C:\Documents and Settings\Tiara\Application Data\mlog
[2011/06/13 21:40:31 | 000,000,107 | -H-- | C] () -- C:\Documents and Settings\Tiara\Application Data\Plug.bat
[2011/06/13 21:40:13 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\Tiara\Application Data\ylog
[2011/06/13 21:40:10 | 000,000,105 | -H-- | C] () -- C:\Documents and Settings\Tiara\Application Data\LocalAccountAuthority.bat
[2011/06/13 21:39:50 | 000,000,104 | -H-- | C] () -- C:\Documents and Settings\Tiara\Application Data\MouseDriver.bat
[2011/06/13 17:25:10 | 000,136,704 | RHS- | C] () -- C:\WINDOWS\System32\dsseco.dll
[2011/06/13 17:25:10 | 000,000,304 | -HS- | C] () -- C:\WINDOWS\tasks\pirvn.job
[2011/06/13 17:25:10 | 000,000,300 | -HS- | C] () -- C:\WINDOWS\tasks\Qmyuvv.job
[2011/05/19 21:15:28 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/28 20:58:27 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Tiara\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/28 18:11:16 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2009/06/01 21:07:20 | 000,051,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/07/26 23:39:11 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/01 22:34:03 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/05/02 11:04:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/05/01 19:33:57 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/03/18 22:09:08 | 000,001,391 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/12/30 23:42:58 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\Tiara\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/29 19:35:36 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/12/29 19:35:36 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\E24C1E6E4D.sys
[2006/12/23 20:31:37 | 000,001,177 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/23 19:47:02 | 000,042,166 | ---- | C] () -- C:\Documents and Settings\Tiara\Application Data\wklnhst.dat
[2006/12/23 19:32:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/21 14:44:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Tiara\Local Settings\Application Data\fusioncache.dat
[2006/12/15 00:44:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/15 00:29:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/15 00:27:16 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/15 00:25:59 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/15 00:18:23 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/12/15 00:18:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/12/15 00:18:21 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/12/14 23:52:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/12/14 23:52:14 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/12/14 23:51:34 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/02 15:38:24 | 000,072,444 | ---- | C] () -- C:\WINDOWS\SetBrowser.exe
[2006/05/02 15:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2005/08/31 11:11:14 | 000,000,442 | ---- | C] () -- C:\WINDOWS\System32\dlcfplc.ini
[2005/08/16 03:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 03:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 03:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 03:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 03:27:59 | 000,258,248 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 03:18:42 | 000,374,272 | ---- | C] () -- C:\WINDOWS\efixizux.dll
[2005/08/16 03:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 03:18:33 | 000,443,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 03:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 03:18:33 | 000,072,134 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 03:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 03:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 03:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 03:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 03:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 03:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 03:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 03:18:08 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/08/05 13:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 16:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
========== LOP Check ==========
[2009/08/02 15:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/08/25 18:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/12/24 13:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon
[2011/06/13 22:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/04/17 19:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2008/09/16 07:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009/08/08 14:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2007/04/11 20:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2007/03/17 12:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2011/06/13 17:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/09/17 10:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/08/02 15:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/12/15 00:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/04/10 21:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/29 20:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/06/14 13:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\69AFB03868188CBEDA9905903C1559C3
[2006/12/23 19:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\acccore
[2010/06/28 20:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\AnvSoft
[2008/03/09 19:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\BitZipper
[2010/04/18 12:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Facebook
[2007/01/11 22:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Flock
[2011/04/13 20:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\HTC
[2008/09/16 07:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\ICQ
[2007/02/07 21:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\ICQLite
[2008/11/01 20:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\IMVU
[2008/11/01 20:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\IMVUClient
[2010/07/17 22:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Spacejock Software
[2007/03/18 20:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Template
[2008/04/02 21:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Thunderbird
[2007/01/11 19:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tiara\Application Data\Viewpoint
[2011/06/14 13:28:22 | 000,000,304 | -HS- | M] () -- C:\WINDOWS\Tasks\pirvn.job
[2011/06/14 13:28:29 | 000,000,300 | -HS- | M] () -- C:\WINDOWS\Tasks\Qmyuvv.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
< End of report >