Suddenly my files disappeared. They appear hidden now.

View previous topic View next topic Go down

Suddenly my files disappeared. They appear hidden now.

Post by ravenspreadwings on Thu 07 Apr 2011, 1:18 pm

My desktop went black and everything disappeared. I did a system restore and now everything is back on the desktop. However, my personal files such as my pictures, music, videos are all hidden. Same with the favorites. The folders are there, but it appears empty. I turned on "show hidden files" and now they are all there, but as hidden files. How do I fix this? I used Malwarebytes and it found 42 infected files, and all were seemingly cleared.

Here is the OTL:


OTL logfile created on: 4/6/2011 9:51:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Linda\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 434.00 Mb Available Physical Memory | 42.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 183.60 Gb Free Space | 79.91% Space Free | Partition Type: NTFS

Computer Name: DB98Q5D1 | User Name: Linda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/06 21:45:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Linda\Desktop\OTL.com
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/03/24 20:38:28 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/10/01 14:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2007/09/13 18:49:48 | 000,202,088 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/23 12:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/22 23:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2007/01/22 23:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2007/01/22 23:19:26 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/11/03 18:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
PRC - [2006/10/11 17:48:50 | 000,532,480 | ---- | M] ( ) -- C:\WINDOWS\system32\dlcxcoms.exe
PRC - [2006/09/20 07:15:22 | 001,160,800 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/08/28 21:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/07/24 10:20:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/10/05 03:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE


========== Modules (SafeList) ==========

MOD - [2011/04/06 21:45:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Linda\Desktop\OTL.com
MOD - [2007/01/22 23:25:58 | 000,377,960 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCL40.DLL
MOD - [2006/09/20 07:14:28 | 000,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll
MOD - [2006/08/25 08:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/03/24 20:38:28 | 001,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/10/01 14:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/09/13 18:49:48 | 000,202,088 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2007/05/23 12:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007/01/22 23:19:34 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2007/01/22 23:19:28 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/01/16 13:52:26 | 000,072,328 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2007/01/16 11:25:28 | 000,045,696 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/10/11 17:48:50 | 000,532,480 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2006/09/20 07:15:22 | 001,160,800 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/09/20 07:14:18 | 000,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2006/07/25 18:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)


========== Driver Services (SafeList) ==========

DRV - [2010/09/15 14:07:08 | 000,270,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20110312.001\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2009/01/05 23:38:46 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/03 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008/09/03 04:00:00 | 000,099,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/08/20 04:00:00 | 000,873,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081020.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2008/08/20 04:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081020.003\NAVENG.SYS -- (NAVENG)
DRV - [2007/10/01 14:49:26 | 000,189,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/01 14:49:20 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/01 14:49:16 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/01 14:49:10 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/10/01 14:49:04 | 000,098,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/01 14:48:56 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/07/02 18:34:23 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/09/20 07:15:22 | 000,389,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/09/20 07:14:18 | 000,334,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/20 07:14:18 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/07/24 10:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/30 15:50:26 | 000,073,696 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2006/03/30 15:50:24 | 000,093,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2006/03/30 15:50:22 | 000,008,272 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2006/03/30 15:50:20 | 000,058,352 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [trioService] File not found
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_10)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1681cc18-e3a6-11de-add4-91d42563582a}\Shell\AutoRun\command - "" = F:\podcastready.exe
O33 - MountPoints2\{5f530596-3b87-11de-abbe-0019d1e26634}\Shell\AutoRun\command - "" = podcastready.exe
O33 - MountPoints2\{88645bc9-07b6-11df-adfc-b6c23893fdfa}\Shell\Auto\command - "" = F:\launcher.exe
O33 - MountPoints2\{88645bc9-07b6-11df-adfc-b6c23893fdfa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88645bc9-07b6-11df-adfc-b6c23893fdfa}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe
O33 - MountPoints2\{88645bce-07b6-11df-adfc-b6c23893fdfa}\Shell\Auto\command - "" = F:\launcher.exe
O33 - MountPoints2\{88645bce-07b6-11df-adfc-b6c23893fdfa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88645bce-07b6-11df-adfc-b6c23893fdfa}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16620634377289728)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/06 21:39:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Linda\Desktop\OTL.com
[2011/04/06 20:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Linda\Application Data\Malwarebytes
[2011/04/06 20:41:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/06 20:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/06 20:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/06 20:41:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/06 20:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/06 19:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Linda\Desktop\Jamz
[2011/04/06 18:47:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Linda\Recent
[2011/03/08 20:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Linda\Application Data\WinRAR
[2011/03/08 20:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/08 19:59:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Linda\Start Menu\Programs\project64 1.6
[2011/03/08 19:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Project64 1.6
[2011/03/08 19:25:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Linda\PrivacIE
[2011/03/08 19:23:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Linda\IETldCache
[2011/03/08 19:23:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/03/08 19:20:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/08 19:20:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/08 19:19:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/08 18:22:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/03/08 18:22:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/03/08 18:22:29 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/03/08 18:22:29 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/03/08 18:22:27 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/03/08 17:24:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Linda\My Documents\Favorites
[2008/06/29 10:56:46 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhcp.dll
[2008/06/29 10:56:45 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2008/06/29 10:56:44 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2008/06/29 10:56:43 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2008/06/29 10:56:42 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2008/06/29 10:56:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2008/06/29 10:56:42 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2008/06/29 10:56:41 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2008/06/29 10:56:41 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2008/06/29 10:56:39 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2008/06/29 10:56:39 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2008/06/29 10:56:37 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2008/06/29 10:56:36 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2008/06/29 10:56:36 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2008/06/29 10:56:34 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/06 21:45:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Linda\Desktop\OTL.com
[2011/04/06 21:13:46 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/06 21:03:50 | 000,003,350 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/04/06 21:03:38 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\System32\14AEB19F73.sys
[2011/04/06 20:59:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/06 20:59:21 | 1071,562,752 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/06 20:41:36 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/06 18:49:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/06 11:39:57 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\18669364
[2011/04/06 00:40:31 | 000,001,722 | -H-- | M] () -- C:\Documents and Settings\Linda\Application Data\wklnhst.dat
[2011/03/25 20:14:12 | 000,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Linda.job
[2011/03/20 15:56:28 | 000,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2011/03/19 21:03:09 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/03/13 11:32:20 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 11:32:20 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/10 17:01:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/08 19:23:41 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/06 20:41:36 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/06 19:31:11 | 1071,562,752 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/06 11:39:57 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\18669364
[2011/03/19 21:03:09 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/05 19:00:22 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/08 18:22:13 | 000,005,120 | R--- | C] () -- C:\WINDOWS\System32\HWDll.dll
[2009/02/13 14:20:20 | 000,000,233 | ---- | C] () -- C:\WINDOWS\KA.INI
[2008/11/26 23:21:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ump.INI
[2008/06/29 11:00:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2008/06/29 11:00:22 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2008/06/29 11:00:06 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2008/06/29 11:00:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2008/06/29 11:00:05 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2008/06/29 10:56:47 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2008/06/29 10:56:44 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2008/06/29 10:56:40 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2008/06/29 10:56:40 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2008/06/29 10:56:40 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2008/06/29 10:56:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2008/06/29 10:56:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2008/06/29 10:56:37 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2008/06/29 10:56:37 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2008/06/29 10:56:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2008/06/29 10:56:33 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DLCXcfg.dll
[2008/04/26 11:30:17 | 000,009,728 | -H-- | C] () -- C:\Documents and Settings\Linda\Application Data\dvd.bmk
[2008/04/25 16:23:58 | 000,001,722 | -H-- | C] () -- C:\Documents and Settings\Linda\Application Data\wklnhst.dat
[2008/04/02 22:58:29 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/02 18:05:13 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Linda\Local Settings\Application Data\fusioncache.dat
[2008/03/27 16:58:12 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008/03/27 16:35:09 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\14AEB19F73.sys
[2008/03/27 16:35:08 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/03/24 14:45:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2008/03/24 14:45:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2007/07/02 18:41:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/07/02 18:31:55 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/07/02 18:11:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2007/07/02 18:10:48 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 01:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,161,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,442,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,071,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin



Last edited by ravenspreadwings on Thu 07 Apr 2011, 1:24 pm; edited 1 time in total

ravenspreadwings

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-04-07
Operating System : Windows XP

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by ravenspreadwings on Thu 07 Apr 2011, 1:19 pm

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | -H-- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | -H-- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | -H-- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | -H-- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 13:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/10/20 01:33:26 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >
[2008/03/12 14:02:45 | 000,000,156 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\About Working Offline.url
[2007/12/23 22:42:06 | 000,000,290 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Baltimore Ravens Rotoworld.url
[2008/02/02 19:04:25 | 000,000,294 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Baltimore Ravens Rotoworld Rosters.url
[2008/01/12 01:57:45 | 000,000,174 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Baltimore Ravens Scout.url
[2007/07/14 21:41:00 | 000,000,214 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Baltimore Ravens.url
[2007/08/05 16:35:38 | 000,000,351 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Baltimore Sun Archive.url
[2007/07/15 18:38:16 | 000,000,202 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Beckett.url
[2007/07/06 22:01:36 | 000,000,232 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Card World.url
[2007/07/15 14:03:33 | 000,000,339 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Crime Library.url
[2007/10/02 16:43:10 | 000,000,350 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Doubleday Book Club.url
[2008/03/09 14:20:09 | 000,000,124 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\E-ZPass Delaware -.url
[2007/07/06 22:01:30 | 000,000,200 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Emulator Zone.url
[2007/07/15 17:44:58 | 000,000,215 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\ESPN MLB Standings.url
[2007/07/15 17:45:53 | 000,000,215 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\ESPN NBA Standings.url
[2007/07/15 17:43:54 | 000,000,215 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\ESPN NFL Standings.url
[2007/07/06 22:01:30 | 000,000,114 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\ESPN.url
[2007/07/06 22:01:30 | 000,000,222 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Game Genie Cheats.url
[2007/07/06 22:01:19 | 000,000,150 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\GBA Roms.url
[2007/07/06 22:01:19 | 000,000,114 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Ign.url
[2007/08/09 22:48:59 | 000,000,324 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Jamie Kennedy Experiment.url
[2008/01/01 16:12:08 | 000,000,228 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Legend Of Zelda Wind Waker Guides.url
[2007/11/20 20:48:20 | 000,000,213 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Mininova.url
[2008/01/26 04:25:19 | 000,000,208 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Mock Draft Headquarters.url
[2007/07/06 20:06:41 | 000,000,119 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\MSN.com.url
[2007/07/06 22:01:30 | 000,000,203 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\N64 Games.url
[2008/01/26 04:53:24 | 000,000,154 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\New Era Scouting.url
[2008/01/27 18:37:35 | 000,000,254 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL Draft CB Prospect Analysis.url
[2007/11/20 21:37:13 | 000,000,142 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL Draft Countdown.url
[2007/08/13 22:53:57 | 000,000,427 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL Photos.url
[2008/02/14 17:36:17 | 000,000,189 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL Players.url
[2007/07/29 14:49:53 | 000,000,185 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL.com - NFL Rosters.url
[2007/07/29 14:59:37 | 000,000,171 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\NFL.com.url
[2007/11/25 14:51:33 | 000,000,230 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Ninja Gaiden Guide.url
[2007/07/06 22:01:19 | 000,000,190 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Obsessed With Wrestling.url
[2007/11/20 21:11:07 | 000,000,183 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Pirate Bay.url
[2008/02/24 18:32:31 | 000,000,207 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Pro Football Talk.url
[2007/11/25 21:55:08 | 000,000,320 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Progressive Online.url
[2007/07/06 20:06:41 | 000,000,197 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Radio Station Guide.url
[2007/08/10 22:59:38 | 000,000,170 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Ravens Stats.url
[2007/07/22 13:25:52 | 000,000,227 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Ravens Sun.url
[2007/07/15 18:48:54 | 000,000,183 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Real Player.url
[2007/07/25 19:36:21 | 000,000,347 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Rhapsody Book Club.url
[2007/07/06 22:01:19 | 000,000,122 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Rom Hustler.url
[2007/07/06 22:01:19 | 000,000,201 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Rotten Tomatoes.url
[2007/07/15 15:42:10 | 000,000,170 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Russian Roms.url
[2007/09/28 11:26:47 | 000,000,239 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Search.url
[2000/05/08 05:20:00 | 000,001,485 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\sobook.url
[2007/11/20 18:47:45 | 000,000,277 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\The Fixer.url
[2008/02/25 02:31:18 | 000,004,289 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\TV Listings.url
[2007/12/23 19:59:30 | 000,000,305 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\USA Today.url
[2007/07/06 22:01:05 | 000,000,358 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Winamp 2 Skins.url
[2007/07/06 22:01:05 | 000,000,228 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Wrestling Crap.url
[2008/02/09 00:15:10 | 000,000,235 | -H-- | M] () -- C:\Documents and Settings\All Users\Favorites\Youtube Merril Hodge.url

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >
[2008/04/02 22:54:25 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace\IM\bak
[2008/04/02 22:31:28 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!\Messenger\bak

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2004/08/10 13:04:12 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2007/07/02 18:29:27 | 000,263,328 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/03/24 09:27:35 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/10 13:08:38 | 000,000,079 | -H-- | M] () -- C:\Documents and Settings\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2005/08/31 11:08:32 | 000,471,040 | -H-- | M] (Corel, Inc.) -- C:\Documents and Settings\Linda\My Documents\Player.exe
[2008/05/26 17:14:09 | 002,320,459 | -H-- | M] (Macrovision Corporation) -- C:\Documents and Settings\Linda\My Documents\SoftwareManagerUninstall.exe
[2008/04/02 20:58:25 | 025,755,448 | -H-- | M] (Microsoft Corporation) -- C:\Documents and Settings\Linda\My Documents\wmp11-windowsxp-x86-enu.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/03/24 09:27:34 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Linda\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/10 12:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 12:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 12:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2011/04/06 21:03:38 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\system32\14AEB19F73.sys
[2004/08/04 05:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/04 05:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/06/09 08:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DDMI2.sys
[2005/03/13 15:54:00 | 000,006,656 | ---- | M] (GTek Technologies Ltd.) -- C:\WINDOWS\system32\DLPT2.sys
[2005/02/08 11:37:52 | 000,007,626 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GPCIEnum.sys
[2004/06/15 14:55:56 | 000,007,882 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\GTKCMOS.sys
[2004/08/04 05:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/04 05:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/04 05:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2011/04/06 21:03:50 | 000,003,350 | -HS- | M] () -- C:\WINDOWS\system32\KGyGaAvL.sys
[2004/08/04 05:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/04 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/04 05:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/04 05:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/04 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 05:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 05:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 05:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2004/08/04 05:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/05/02 01:56:34 | 001,850,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/10/20 01:33:26 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %SYSTEMDRIVE%\*.* >
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/03/24 09:27:16 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/07/02 18:13:04 | 000,007,023 | RH-- | M] () -- C:\dell.sdr
[2011/04/06 21:33:09 | 008,657,772 | ---- | M] () -- C:\dlcx.log
[2010/05/22 20:18:42 | 000,000,266 | ---- | M] () -- C:\ez_log.htm
[2008/05/11 17:15:08 | 000,000,000 | ---- | M] () -- C:\faxendPdoc.log
[2011/04/06 20:59:21 | 1071,562,752 | -HS- | M] () -- C:\hiberfil.sys
[2008/03/24 12:16:37 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 05:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2011/04/06 20:59:20 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009/02/13 13:58:40 | 000,000,056 | R--- | M] () -- C:\RAYMAN.BAT
[2008/04/11 07:53:11 | 000,000,089 | -H-- | M] () -- C:\~tmp.txt

< %PROGRAMFILES%\*. >
[2008/03/24 14:46:15 | 000,000,000 | ---D | M] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2007/07/02 18:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/04/02 22:30:40 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2007/07/02 18:36:09 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2009/08/11 20:13:56 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/01/22 21:00:47 | 000,000,000 | ---D | M] -- C:\Program Files\Coby
[2011/04/06 20:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Common
[2009/08/11 20:07:26 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/07/02 18:14:52 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2008/06/29 10:59:22 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2010/10/13 19:59:30 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/07/02 18:30:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2010/09/12 21:45:13 | 000,000,000 | ---D | M] -- C:\Program Files\Dell PC Fax
[2010/09/12 20:35:37 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Photo AIO Printer 926
[2007/07/02 18:37:26 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2007/07/02 18:29:46 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2009/02/13 14:14:25 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive
[2008/03/24 14:49:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dl_cats
[2011/03/03 23:22:10 | 000,000,000 | ---D | M] -- C:\Program Files\Free Download Manager
[2008/04/06 17:46:23 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2008/12/02 01:16:12 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2007/07/02 18:31:24 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2008/04/13 15:30:02 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2007/07/02 18:29:41 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/03/08 19:23:25 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/04/02 21:53:08 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2008/12/01 23:45:56 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2008/11/26 23:16:18 | 000,000,000 | ---D | M] -- C:\Program Files\LocalAutorun
[2011/04/06 20:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/08/12 22:15:02 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2008/04/02 21:52:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microangelo
[2004/08/10 13:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/07/02 18:36:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2007/07/02 18:31:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2007/07/02 18:31:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2007/07/02 18:36:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/06/29 10:44:53 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/03/10 14:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/09/19 13:16:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2004/08/10 13:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 13:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/11/23 04:00:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/09/19 13:12:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/07/02 18:31:17 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2008/04/02 22:54:19 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace
[2004/08/10 13:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/07/02 18:29:52 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2008/10/16 07:03:47 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Internet Security
[2004/08/10 13:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/30 00:06:24 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/03/08 20:10:47 | 000,000,000 | ---D | M] -- C:\Program Files\Project64 1.6
[2009/09/19 13:16:04 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/07/02 18:32:53 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/02/11 17:01:13 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2011/04/06 20:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Shared
[2007/07/02 18:27:12 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2008/09/06 23:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\Simply Media
[2008/12/14 17:04:07 | 000,000,000 | ---D | M] -- C:\Program Files\Super Nintendo Games
[2009/01/05 23:38:46 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011/03/08 19:23:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/03/27 16:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/02/12 14:06:40 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/01/04 19:49:29 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media
[2011/01/04 19:36:06 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media Game Center
[2008/11/21 00:20:01 | 000,000,000 | ---D | M] -- C:\Program Files\Walgreens
[2008/04/02 21:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2008/06/29 10:44:54 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp2
[2008/06/29 10:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp3
[2008/04/02 21:01:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/03/14 02:06:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2004/08/10 13:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/03/08 20:09:35 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2004/08/10 13:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/02/12 00:48:05 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2004/08/10 12:57:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Linda\Application Data\desktop.ini
[2011/02/21 22:25:45 | 000,009,728 | -H-- | M] () -- C:\Documents and Settings\Linda\Application Data\dvd.bmk
[2011/04/06 00:40:31 | 000,001,722 | -H-- | M] () -- C:\Documents and Settings\Linda\Application Data\wklnhst.dat


< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/04 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/04 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2006/10/10 13:03:48 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/07/06 06:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2006/07/06 06:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\system32\drivers\iaStor.sys
[2006/10/10 13:03:48 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\i386\sp2.cab:usbstor.sys
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\i386\USBSTOR.SYS
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-20 16:59:12

< End of report >

ravenspreadwings

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-04-07
Operating System : Windows XP

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by ravenspreadwings on Thu 07 Apr 2011, 1:21 pm

Here is the Extras:

OTL Extras logfile created on: 4/6/2011 9:51:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Linda\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 434.00 Mb Available Physical Memory | 42.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 183.60 Gb Free Space | 79.91% Space Free | Partition Type: NTFS

Computer Name: DB98Q5D1 | User Name: Linda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- ()
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\dlcxcoms.exe" = C:\WINDOWS\system32\dlcxcoms.exe:*:Enabled:Lexmark Communications System -- ( )


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}" = Intel(R) PRO Network Connections
"{0CC27F8C-8A6C-4790-A621-2E9AEF27E464}" = SymNet
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}" = CC_ccProxyExt
"{30738666-9805-4926-A78F-91DA33B6C437}" = ccPxyCore
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3643EF5F-D28D-4B25-9FA1-8859FC303710}" = Coby Media Manager
"{3B29A786-5803-4E9E-9B58-3014A5B4E519}" = Norton AntiSpam
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{5677563D-0CB1-485F-9E18-C5025306BB3F}" = Norton AntiSpam
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{92495AFF-ECFB-4560-AD90-65BD6327BFC4}" = Texas Hold'em Poker
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2B676E6-FA49-48B9-A616-5FC5DD488006}" = W Photo Studio
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{FAD03728-DA19-4313-959F-872A9C432A86}" = Samsung USB Driver (MCCI 4.34) WHQL v3.0
"{FFB4DD53-28B7-4981-BFF0-9BD801F61095}" = Norton Internet Security
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CSCLIB" = Canon Camera Support Core Library
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"EOS Utility" = Canon Utilities EOS Utility
"Free Download Manager_is1" = Free Download Manager 3.0
"Grace's Quest: To Catch An Art Thief" = Grace's Quest: To Catch An Art Thief
"HyperCD" = HyperCD
"ie8" = Windows Internet Explorer 8
"InstallShield_{FAD03728-DA19-4313-959F-872A9C432A86}" = Samsung USB Driver (MCCI 4.34) WHQL v3.0
"JSNUMBER" = JumpStart Numbers
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Mystery Cruise" = Mystery Cruise
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"Ravens_PC_Screensaver" = Ravens_PC_Screensaver
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SearchAssist" = SearchAssist
"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2006 (Symantec Corporation)
"The Treasures of Mystery Island: The Gates of Fate" = The Treasures of Mystery Island: The Gates of Fate
"Tigger Too" = Disney's Tigger Too
"Undercover PI" = Undercover PI
"Universal Media Player" = Universal Media Player
"VLC media player" = VLC media player 1.0.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/6/2011 7:37:25 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752570
Description = 6006: LiveUpdate did not complete because the C:\Documents and Settings\All
Users\Application Data\Symantec\LiveUpdate\Downloads\Tri594\liveupdt.grd file failed
validation. Run LiveUpdate again.

Error - 4/6/2011 7:37:25 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752567
Description = 6001: LiveUpdate failed because the LiveUpdate package is corrupt.
Internal authentication files are not present. Please run LiveUpdate again. If
the error persists, contact your network administrator or LiveUpdate provider.

Error - 4/6/2011 7:37:36 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752570
Description = 6006: LiveUpdate did not complete because the C:\Documents and Settings\All
Users\Application Data\Symantec\LiveUpdate\Downloads\Tri604\liveupdt.grd file failed
validation. Run LiveUpdate again.

Error - 4/6/2011 7:37:36 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752567
Description = 6001: LiveUpdate failed because the LiveUpdate package is corrupt.
Internal authentication files are not present. Please run LiveUpdate again. If
the error persists, contact your network administrator or LiveUpdate provider.

Error - 4/6/2011 9:04:56 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752570
Description = 6006: LiveUpdate did not complete because the C:\Documents and Settings\All
Users\Application Data\Symantec\LiveUpdate\Downloads\Tri745\liveupdt.grd file failed
validation. Run LiveUpdate again.

Error - 4/6/2011 9:04:56 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752567
Description = 6001: LiveUpdate failed because the LiveUpdate package is corrupt.
Internal authentication files are not present. Please run LiveUpdate again. If
the error persists, contact your network administrator or LiveUpdate provider.

Error - 4/6/2011 9:05:13 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752570
Description = 6006: LiveUpdate did not complete because the C:\Documents and Settings\All
Users\Application Data\Symantec\LiveUpdate\Downloads\Tri797\liveupdt.grd file failed
validation. Run LiveUpdate again.

Error - 4/6/2011 9:05:13 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752567
Description = 6001: LiveUpdate failed because the LiveUpdate package is corrupt.
Internal authentication files are not present. Please run LiveUpdate again. If
the error persists, contact your network administrator or LiveUpdate provider.

Error - 4/6/2011 9:05:19 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752570
Description = 6006: LiveUpdate did not complete because the C:\Documents and Settings\All
Users\Application Data\Symantec\LiveUpdate\Downloads\Tri807\liveupdt.grd file failed
validation. Run LiveUpdate again.

Error - 4/6/2011 9:05:19 PM | Computer Name = DB98Q5D1 | Source = LiveUpdate | ID = 2752567
Description = 6001: LiveUpdate failed because the LiveUpdate package is corrupt.
Internal authentication files are not present. Please run LiveUpdate again. If
the error persists, contact your network administrator or LiveUpdate provider.

[ System Events ]
Error - 4/6/2011 7:26:13 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SPBBCDrv SYMTDI Tcpip

Error - 4/6/2011 7:26:18 PM | Computer Name = DB98Q5D1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 4/6/2011 7:27:37 PM | Computer Name = DB98Q5D1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 4/6/2011 7:27:47 PM | Computer Name = DB98Q5D1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 4/6/2011 7:28:50 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 4/6/2011 7:28:50 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 4/6/2011 7:28:50 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 4/6/2011 7:28:50 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 4/6/2011 7:28:50 PM | Computer Name = DB98Q5D1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SPBBCDrv SYMTDI Tcpip

Error - 4/6/2011 7:29:26 PM | Computer Name = DB98Q5D1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

ravenspreadwings

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-04-07
Operating System : Windows XP

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by Belahzur on Fri 08 Apr 2011, 12:12 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by ravenspreadwings on Sat 09 Apr 2011, 1:09 pm

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5363

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

4/8/2011 9:53:57 PM
mbam-log-2011-04-08 (21-53-57).txt

Scan type: Quick scan
Objects scanned: 160205
Time elapsed: 12 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ravenspreadwings

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-04-07
Operating System : Windows XP

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by ravenspreadwings on Sat 09 Apr 2011, 1:24 pm

This was 4-6-11 when was infected.
Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5363

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

4/6/2011 8:56:46 PM
mbam-log-2011-04-06 (20-56-46).txt

Scan type: Quick scan
Objects scanned: 157620
Time elapsed: 11 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 15
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 1
Files Infected: 21

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\mst123.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{A0E1054B-01EE-4D57-A059-4D99F339709F} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8E3C68CD-F500-4A2A-8CB9-132BB38C3573} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{986A8AC1-AB4D-4F41-9068-4B01C0197867} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\main.BHO.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\main.BHO (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0da89251-e09c-4b69-ac35-556cddbfaafd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\documents and settings\all users\application data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\Shared\shared.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\program files\Shared\lib.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\all users\favorites\error cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\Linda\favorites\error cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\error cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\all users\favorites\privacy protector.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\Linda\favorites\privacy protector.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\privacy protector.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\all users\favorites\spyware&malware protection.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\Linda\favorites\spyware&malware protection.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\spyware&malware protection.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\program files\Common\_helper.dll (Adware.DeepDive) -> Quarantined and deleted successfully.
c:\program files\Common\_helper.sig (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\Common\helper.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\program files\Common\helper.sig (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Shared\_lib.dll (Adware.Deepdive) -> Quarantined and deleted successfully.
c:\program files\Shared\_lib.sig (Adware.Deepdive) -> Quarantined and deleted successfully.
c:\program files\Shared\lib.sig (Adware.Deepdive) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\mst123.dll (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\Linda\local settings\Temp\0.9899924624583911.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\SeekmoSA\seekmosa_kyf_update.dat (Adware.Seekmo) -> Quarantined and deleted successfully.

ravenspreadwings

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-04-07
Operating System : Windows XP

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by Belahzur on Sun 10 Apr 2011, 5:35 am

Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Suddenly my files disappeared. They appear hidden now.

Post by Sponsored content Today at 1:11 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum