Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No internet sound

Started by danielle07 , Mar 26 2011 03:17 AM

  • Please log in to reply

#1
danielle07
Posted 26 March 2011 - 03:17 AM

danielle07

    Member

  • Member
  • PipPip
  • 18 posts
Hi guys, before 2 days I had lost my internet sound and I can't get volume icon on task bar.

I tried as follows:
1. Click "Start"- Select "Run" - Type: sndvol32-> Everything is OK
2. My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
try to enter "wavemapper" and type "msacm32.drv", but "the specified value name already exsist"
3. I reinstal Flash player
4. Under Sounds and Audio in control panel I select a Default Device "SoundMax HD Audio" - everything OK, but when I try to open Troubleshoot it woun't open!
5. I can't open System information and Program compatibility wizard
6. Windows' "System Restore" has no bold dates, nor I can change back to previous months.
7. I did Panda online scaning, but it found nly tracking cookies, which I delete.
8. I did Malware and Spyware Cleaning with OTL:

OTL logfile created on: 26.3.2011 9:55:27 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\d\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000424 | Country: Slovenia | Language: SLV | Date Format: d.M.yyyy

503,00 Mb Total Physical Memory | 54,00 Mb Available Physical Memory | 11,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 36,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67,69 Gb Total Space | 47,80 Gb Free Space | 70,62% Space Free | Partition Type: NTFS
Drive D: | 6,83 Gb Total Space | 0,69 Gb Free Space | 10,13% Space Free | Partition Type: FAT32

Computer Name: PC365334651951 | User Name: d | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.03.26 09:45:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTL.exe
PRC - [2010.08.29 02:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.08.29 02:53:14 | 001,039,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.06.24 11:09:14 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2010.06.24 10:08:58 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.02 08:50:28 | 000,655,640 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
PRC - [2005.12.20 23:51:40 | 001,187,840 | ---- | M] () -- C:\WINDOWS\SMINST\Recguard.exe


========== Modules (SafeList) ==========

MOD - [2011.03.26 09:45:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTL.exe
MOD - [2010.08.23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (PCA)
SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2010.08.29 02:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.06.24 11:09:14 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010.06.24 10:08:58 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)


========== Driver Services (SafeList) ==========

DRV - [2010.06.09 19:16:12 | 000,528,128 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.10.12 18:15:30 | 000,317,072 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009.10.12 18:15:26 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kl1.sys -- (kl1)
DRV - [2009.06.30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009.06.22 12:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2009.04.30 21:56:32 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2008.05.08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2006.07.31 02:00:08 | 001,155,584 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.02.16 08:45:26 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.02.15 14:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.02.06 03:00:06 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006.01.19 14:50:40 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005.09.19 21:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 21:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.09.19 21:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 14:08:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 14:08:10 | 000,000,000 | ---D | M]

[2011.01.01 18:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\d\Application Data\Mozilla\Extensions
[2011.01.01 18:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\d\Application Data\Mozilla\Extensions\[email protected]
[2011.03.25 11:22:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions
[2010.12.10 12:36:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.03.13 08:42:04 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011.03.11 09:00:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.12.28 18:07:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.25 11:17:23 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2011.03.16 11:49:34 | 000,000,000 | ---D | M] ("RankChecker") -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2010.12.11 15:37:38 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2010.12.04 09:57:05 | 000,000,000 | ---D | M] (SEO Blogger) -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2010.12.11 15:37:38 | 000,000,000 | ---D | M] ("Seo Toolbar") -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2011.01.06 20:49:18 | 000,000,000 | ---D | M] ("Alexa Toolbar") -- C:\Documents and Settings\d\Application Data\Mozilla\Firefox\Profiles\m1rkzgvq.default\extensions\[email protected]
[2011.03.25 20:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.14 16:48:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.15 19:43:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.27 12:54:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.27 12:53:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011.03.22 12:18:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005..\Run: [Uniblue ProcessQuickLink 2] C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe (Uniblue)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2344020362-2420957732-2069177808-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://emea-access....SetupClient.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.223.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001.07.27 23:07:00 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.03.26 09:45:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTL.exe
[2011.03.25 17:06:59 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2011.03.25 17:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011.03.25 14:34:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\d\Recent
[2011.03.24 17:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Desktop\Noordvajkerhaut
[2011.03.24 12:37:55 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2011.03.22 18:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\Registry Mechanic
[2011.03.22 15:41:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.03.22 15:38:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.03.22 12:01:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.18 16:38:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011.03.18 11:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Desktop\AtticusEU
[2011.03.15 10:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\FileZilla
[2011.03.15 10:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011.03.14 10:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Desktop\WP Ganoderma
[2011.03.12 11:41:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2011.03.12 11:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\My Documents\My Web Sites
[2011.03.12 09:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Start Menu\Programs\Notepad++
[2011.03.12 09:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Notepad++
[2011.03.12 09:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2011.03.12 09:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\Notepad++
[2011.03.10 11:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Local Settings\Application Data\AVG Security Toolbar
[2011.03.09 08:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2011.03.08 16:49:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.03.08 15:30:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\d\Start Menu\Programs\Administrative Tools
[2011.03.07 08:36:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.03.03 16:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Desktop\IM
[2011.03.03 15:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Keyword Elite
[2011.03.03 14:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\SEO Elite
[2011.03.03 13:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Desktop\Key
[2011.03.03 11:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\Keyword Research Pro
[2011.03.03 10:41:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011.03.03 09:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.03.26 09:45:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTL.exe
[2011.03.26 08:06:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.26 08:06:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.25 16:50:58 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\d\Desktop\missing.reg
[2011.03.25 16:12:20 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\d\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2011.03.25 16:05:58 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011.03.25 11:24:38 | 000,367,836 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.25 11:24:38 | 000,062,702 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.25 11:23:34 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\d\Local Settings\Application Data\DelUnist.bat
[2011.03.25 09:40:45 | 000,376,520 | ---- | M] () -- C:\Documents and Settings\d\Desktop\DodelitevInPreklicNotranjihPooblastilNovosti_sl.pdf
[2011.03.25 08:54:07 | 000,296,653 | ---- | M] () -- C:\Documents and Settings\d\Desktop\LP-Navodilo_za_EXCEL_preglednico_SP_2010_1_0.pdf
[2011.03.24 12:50:27 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.22 12:18:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.21 09:49:37 | 000,000,235 | ---- | M] () -- C:\WINDOWS\amebis.ini
[2011.03.15 10:46:05 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\d\Desktop\FileZilla Client.lnk
[2011.03.13 23:54:58 | 006,547,780 | ---- | M] () -- C:\Documents and Settings\d\Desktop\WP osnova.pdf
[2011.03.11 07:41:43 | 005,294,390 | ---- | M] () -- C:\Documents and Settings\d\Desktop\_www_fbautocash.com_system_downloads_1_FBAutoCash.pdf
[2011.03.09 12:35:11 | 007,953,478 | ---- | M] () -- C:\Documents and Settings\d\Desktop\Google Domination Method.pdf
[2011.03.08 14:01:28 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.03.25 16:50:58 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\d\Desktop\missing.reg
[2011.03.25 11:23:34 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\d\Local Settings\Application Data\DelUnist.bat
[2011.03.25 09:40:42 | 000,376,520 | ---- | C] () -- C:\Documents and Settings\d\Desktop\DodelitevInPreklicNotranjihPooblastilNovosti_sl.pdf
[2011.03.25 08:54:05 | 000,296,653 | ---- | C] () -- C:\Documents and Settings\d\Desktop\LP-Navodilo_za_EXCEL_preglednico_SP_2010_1_0.pdf
[2011.03.22 12:06:49 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2011.03.22 12:06:45 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.03.15 10:46:04 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\d\Desktop\FileZilla Client.lnk
[2011.03.13 23:54:58 | 006,547,780 | ---- | C] () -- C:\Documents and Settings\d\Desktop\WP osnova.pdf
[2011.03.11 07:41:41 | 005,294,390 | ---- | C] () -- C:\Documents and Settings\d\Desktop\_www_fbautocash.com_system_downloads_1_FBAutoCash.pdf
[2011.03.10 13:07:55 | 003,021,489 | ---- | C] () -- C:\Documents and Settings\d\Desktop\Language Niche Domination.pdf
[2011.03.09 12:35:11 | 007,953,478 | ---- | C] () -- C:\Documents and Settings\d\Desktop\Google Domination Method.pdf
[2011.01.04 17:27:02 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011.01.01 18:19:23 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\windrv32.ini
[2010.11.18 09:18:05 | 000,051,616 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.09.09 09:37:26 | 000,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2010.07.08 11:49:23 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010.07.08 08:45:40 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010.07.08 08:45:39 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010.07.06 18:33:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2010.07.06 12:46:09 | 000,000,050 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2010.07.06 11:43:07 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010.07.03 12:29:10 | 000,000,519 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2010.05.14 21:21:16 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\d\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.18 14:55:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.04.15 19:22:29 | 000,000,235 | ---- | C] () -- C:\WINDOWS\amebis.ini
[2010.04.15 19:10:18 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\w32mkrc.dll
[2010.04.15 19:10:17 | 000,320,512 | ---- | C] () -- C:\WINDOWS\System32\w32mkde.exe
[2010.04.15 19:10:14 | 000,003,146 | ---- | C] () -- C:\WINDOWS\System32\vsort.com
[2010.04.11 19:49:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.11 19:23:55 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2010.04.11 18:56:36 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.09.16 16:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2009.04.30 21:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006.08.21 03:49:30 | 000,000,175 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.08.21 03:48:06 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.02.15 15:04:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.09.21 09:42:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.09.21 09:42:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.09.21 09:33:02 | 000,367,836 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.09.21 09:33:02 | 000,062,702 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.09.21 09:21:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.09.21 09:18:40 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.09.20 17:14:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.09.20 17:12:40 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.04 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.06.01 10:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003.06.20 13:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.28 09:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.05.28 09:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.28 01:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2001.03.06 18:47:48 | 000,077,560 | ---- | C] () -- C:\WINDOWS\System32\libungif.dll
[1998.05.07 03:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== LOP Check ==========

[2006.08.21 04:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2010.04.15 13:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2011.03.10 17:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.04.18 09:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010.05.08 08:01:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011.01.03 12:50:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.01.03 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010.12.16 13:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2010.10.23 14:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2011.01.04 18:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2011.03.10 08:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010.07.03 12:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2011.03.12 11:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2010.07.13 17:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2010.11.19 14:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010.07.13 17:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010.06.14 15:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011.02.15 13:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC
[2011.03.22 18:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.07.13 19:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeDraw
[2010.09.02 10:52:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010.09.05 18:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\12Voip
[2011.01.03 12:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\AVG10
[2011.02.15 13:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Azureus
[2011.03.07 07:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\BitTorrent
[2010.07.01 15:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Canon
[2011.01.18 19:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\CheckPoint
[2010.07.13 19:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Downloaded Installations
[2010.11.19 14:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\DriverCure
[2010.11.27 14:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\ElevatedDiagnostics
[2011.02.14 10:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\eMule
[2010.04.11 18:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\F-Secure
[2011.03.21 13:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\FileZilla
[2011.01.03 10:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\GetRightToGo
[2011.01.24 11:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\IBP
[2010.11.14 08:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Juniper Networks
[2011.03.13 09:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Keyword Research Pro
[2011.02.13 10:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\KompoZer
[2010.04.30 12:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Leadertech
[2011.02.01 11:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\MailFrontier
[2011.03.03 10:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010.07.03 10:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Millennia
[2010.07.03 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\MyHeritage
[2011.01.25 16:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Nitro PDF
[2011.03.12 09:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Notepad++
[2010.11.19 14:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\ParetoLogic
[2010.07.08 11:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\pdf995
[2010.08.02 16:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\PrimoPDF
[2011.03.22 18:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Registry Mechanic
[2006.08.21 04:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\SampleView
[2011.02.14 10:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\seo-wsb-free
[2010.11.27 11:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\Uniblue
[2010.11.11 09:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\d\Application Data\webex
[2006.08.21 04:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2011.01.19 20:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\CheckPoint
[2010.11.23 20:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\Juniper Networks
[2011.01.09 20:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\MailFrontier
[2011.01.30 21:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\Nitro PDF
[2006.08.21 04:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\SampleView
[2010.11.13 19:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimberly\Application Data\TomTom

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

I would be very thankfull for your time and help,
danielle
  • 0

Advertisements

#2
phillipcorcoran
Posted 26 March 2011 - 04:09 AM

phillipcorcoran

    Member 1K

  • Member
  • PipPipPipPip
  • 1,293 posts
Welcome to Geeks2Go!

We are not allowed to deal with OTL logs here. Only the malware team are allowed to read them.
Please post here: http://www.geekstogo...alware-removal/
  • 0

#3
danielle07
Posted 26 March 2011 - 11:34 PM

danielle07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Thank you phillipcorcoran.
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP