Results 1 to 10 of 10

Thread: Win32/Injector.DTD only on USB stick

  1. #1
    Member
    Join Date
    May 2009
    Posts
    43

    Default Win32/Injector.DTD only on USB stick

    Hello.

    When I scan normaly the disks with my security software Eset Smart Security 4.0.417.0, Eset finds nothing.
    When I scan normaly the computer with Eset Online Scanner, Eset Online Scanner finds nothing.
    When I scan normaly the computer with MBAM, MBAM finds nothing.
    When I scan normaly the computer with Spybot-S&D, Spybot-S&D finds nothing.
    All those above are valid also for scanning in the safe-mode.
    All those above are with external USB stick plugged and of course with check for scanning.
    BUT:
    WHEN ONLY THE USB STICK IS MARKED, RIGHT CLICK AND SCANNING WITH ESET SMART SECURITY, ESET FINDS THE TROJAN FROM THE TITLE, ON THE PATH FROM BELOW.
    R:\svchosts.exe>>AUTOIT>>script.au3-Win32/Injector.DTD trojan.
    The problem is that in this case, I have no option for cleaning.
    Please help.

    Best regards,
    Spandau

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

    Sorry for the delay but we get bit overwhelmed most times

    Please download Flash_Disinfector.exe by sUBs and save it to your desktop:

    • Double-click Flash_Disinfector.exe to run it.
    • Follow any prompts that may appear.
    • Wait until the program has finished scanning, then please exit the program.

    The tool may ask you to insert your flash drive, or other removable drives. Please do so and allow the tool to clean it up as well.


    Please restart your computer.








    Download DDS to your desktop DDS from one of the links below:

    Link 1
    Link 2

    • Double click the tool to run it.
    • A black Screen will open, just read the contents and do nothing.
    • When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
    • Copy/Paste the contents of 'DDS.txt' into your post.
    • 'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files)
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Member
    Join Date
    May 2009
    Posts
    43

    Default Win32/Injector.DTD only on USB stick

    Hello.

    Below are the requested copied file and attachment.
    About the delay, there is no problem; we thank you very much for what you are doing.



    DDS (Ver_10-12-12.02) - NTFSx86
    Run by a at 11:42:52.06 on Sat 12/18/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1449 [GMT 2:00]

    AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
    FW: ESET Personal firewall *Enabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
    C:\WINDOWS\tsnp2uvc.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\vsnp2uvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\program files\winamp toolbar\WinampTbServer.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Documents and Settings\a\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://google.com/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
    TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
    uRun: [<NO NAME>] c:\documents and settings\a\application data\1uVNW.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe
    mRun: [tsnp2uvc] c:\windows\tsnp2uvc.exe
    mRun: [PCSuiteTrayApplication] c:\progra~1\nokia\nokiap~1\LAUNCH~1.EXE -startup
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
    mPolicies-system: EnableLUA = 0 (0x0)
    IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
    IE: Download Using &BitSpirit - c:\program files\bitspirit\bsurl.htm
    IE: E&xport în Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\documents and settings\a\application data\dvdvideosoftiehelpers\youtubedownload.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261218873000
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: {7A624575-728D-4813-8B0B-92C1A1FA8AB4} = 213.154.124.1 193.231.252.1
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-27 107256]
    R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-4-27 731840]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
    R2 WFPVRENC;WinFast PVR2000 MPEG Encoder;c:\windows\system32\drivers\wfpvrenc.sys [2009-4-7 299392]
    R2 WFPVRTUNER;WinFast PVR2000 WDM Tuner;c:\windows\system32\drivers\wfpvrtun.sys [2009-4-7 33408]
    R2 WFPVRVIDEO;WinFast PVR2000 WDM Video Capture;c:\windows\system32\drivers\wfpvrcap.sys [2009-4-7 162688]
    R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2009-4-8 38656]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
    R3 WFPVRBAR;WinFast PVR2000 WDM Crossbar;c:\windows\system32\drivers\WFPVRBAR.sys [2009-4-7 9728]

    =============== Created Last 30 ================


    ==================== Find3M ====================

    2010-12-14 20:32:29 2 ----a-w- c:\windows\system32\Dvbpws.dll
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:34:11 78336 ----a-w- c:\windows\system32\ieencode.dll
    2010-11-06 00:34:11 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-06 00:34:11 17408 ----a-w- c:\windows\system32\corpol.dll
    2010-11-03 12:25:53 389120 ----a-w- c:\windows\system32\html.iec
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

    ============= FINISH: 11:43:20.79 ===============

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    A few things to go over.

    bitspirit <--File sharing programs like this are dangerous, your downloading that file from an unknown source, malware writers are aware of this and infecting some of the downloads. I would never allow any type of File Sharing on any of my systems. I strongly suggest that you uninstall it via Add Remove Programs in the Control Panel.



    Ask Toolbar

    * It promotes its toolbars on sites targeted at kids.
    * It promotes its toolbars through ads that appear to be part of other companies' sites.
    * It promotes its toolbars through other companies' spyware.
    * It is Installed without any disclosure whatsoever and without any consent from the user whatsoever.
    * It solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
    * It makes confusing changes to user's browsers - increasing Ask's revenues while taking users to pages they didn't intend to visit.




    You need to enable windows to show all files and folders, instructions Here


    Please go to: VirusTotal

    • Click the Browse button and search for the following file:
      c:\documents and settings\a\application data\1uVNW.exe <--This file
    • Click Open
    • Then click Send File
    • Please be patient while the file is scanned.
    • Once the scan results appear, please provide them in your next reply.

    If it says already scanned -- click "reanalyze now"

    Please post the results in your next reply.



    How are things running in general, any redirects from your browser or unwanted pop up windows ??
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #5
    Member
    Join Date
    May 2009
    Posts
    43

    Default Win32/Injector.DTD only on USB stick

    Hello.

    Unfortunately, I have not found the file 1uVNW.exe. I have looking it at first of course in the way you told me and then with Start/Search; no result. About windows to show all files and folders, be sure please that I have done 100% exactly how on the site is written.
    About your question, in general the things are running well; I have neither redirects from IE, nor unwanted pop-up windows.
    About Bitspirit, I'm sorry; I will disable it.
    About Ask Toolbar, I don't know for now how to disable; but I still think about.

    Best regards,
    Spandau

  6. #6
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Lets take one more look for that file

    Download and Run SystemLook

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :Filefind
      1uVNW.exe
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt





    AskToolbar has no uninstall ( nice people aren't they ) go ahead and run this program and lets see where it shows up and we can remove it

    OTL by OldTimer
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #7
    Member
    Join Date
    May 2009
    Posts
    43

    Default Win32/Injector.DTD only on USB stick

    Hello.

    Below, the requested informations: SystemLook, OTL and Extras.

    Best regards,
    Spandau

    SystemLook 04.09.10 by jpshortstuff
    Log created at 15:07 on 18/12/2010 by a
    Administrator - Elevation successful

    ========== Filefind ==========

    Searching for "1uVNW.exe"
    No files found.

    -= EOF =-
    ==========================================================

    OTL logfile created on: 12/18/2010 3:17:26 PM - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\a\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 59.61 Gb Total Space | 18.07 Gb Free Space | 30.31% Space Free | Partition Type: NTFS
    Drive D: | 263.67 Gb Total Space | 136.68 Gb Free Space | 51.84% Space Free | Partition Type: NTFS
    Drive E: | 272.88 Gb Total Space | 96.64 Gb Free Space | 35.41% Space Free | Partition Type: NTFS

    Computer Name: A-1D2D0368C7834 | User Name: a | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\a\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
    PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
    PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
    PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (Cracked By Wh!5t|eR)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\WINDOWS\tsnp2uvc.exe ()
    PRC - C:\WINDOWS\vsnp2uvc.exe (Sonix)
    PRC - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
    PRC - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe (Nokia.)
    PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\a\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (NMSAccess) -- C:\Program Files\Blaze Media Pro\NMSAccess32.exe File not found
    SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
    SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
    SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
    SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
    SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
    SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (ServiceLayer) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe (Nokia.)
    SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
    DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
    DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
    DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
    DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
    DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
    DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
    DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
    DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
    DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
    DRV - (TBPanel) -- C:\WINDOWS\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
    DRV - (Cardex) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
    DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\atl01_xp.sys (Attansic Technology corporation.)
    DRV - (WFPVRTUNER) -- C:\WINDOWS\system32\drivers\wfpvrtun.sys (Copyright @2000-2006 Leadtek Research Inc.)
    DRV - (WFPVRBAR) -- C:\WINDOWS\system32\drivers\WFPVRBAR.sys (Copyright @2000-2006 Leadtek Research Inc.)
    DRV - (WFPVRENC) -- C:\WINDOWS\system32\drivers\wfpvrenc.sys (Copyright @2000-2006 Leadtek Research Inc.)
    DRV - (WFPVRVIDEO) -- C:\WINDOWS\system32\drivers\wfpvrcap.sys (Copyright @2000-2006 Leadtek Research Inc.)
    DRV - (Nokia USB Phone Parent) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
    DRV - (Nokia USB Port) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
    DRV - (Nokia USB Modem) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
    DRV - (Nokia USB Generic) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
    DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14482&l=dis

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://flvtubesearch.co/?tmp=toolbar_FLVTube_homepage&prt=flvtubetb04ff&clid=7dd1451840ca47918bec14287b8b85e2&subid="

    FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/06/29 22:46:36 | 000,000,000 | ---D | M]

    [2009/04/07 19:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Mozilla\Extensions
    [2010/11/17 12:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\8l3witth.default\extensions
    [2010/11/17 12:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\8l3witth.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

    O1 HOSTS File: ([2010/12/11 14:19:30 | 000,426,196 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 14704 more lines...
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (Cracked By Wh!5t|eR)
    O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
    O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
    O4 - HKLM..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe ()
    O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
    O4 - HKCU..\Run: [] C:\Documents and Settings\a\Application Data\1uVNW.exe File not found
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
    O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
    O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\a\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm ()
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1261218873000 (WUWebControl Class)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/s...sh/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/04/08 07:20:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2010/12/18 11:31:16 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/12/18 11:31:16 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/12/18 11:31:16 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/12/18 15:08:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\a\Desktop\OTL.exe
    [2010/12/18 11:31:16 | 000,000,000 | RHSD | C] -- C:\autorun.inf
    [2010/11/27 11:24:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2009/08/08 08:45:37 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\a\Application Data\pcouffin.sys
    [2009/04/07 17:45:16 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
    [2009/04/07 17:45:14 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [3 C:\Documents and Settings\a\Application Data\*.tmp files -> C:\Documents and Settings\a\Application Data\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/12/18 15:09:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Desktop\OTL.exe
    [2010/12/18 15:06:13 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\a\Desktop\SystemLook.exe
    [2010/12/18 13:57:29 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
    [2010/12/18 11:41:02 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\a\Desktop\dds.scr
    [2010/12/18 11:34:07 | 000,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2010/12/18 11:34:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/12/18 11:29:32 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\a\Desktop\Flash_Disinfector.exe
    [2010/12/17 09:41:39 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/12/14 22:32:29 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
    [2010/12/14 21:02:38 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/12/14 21:00:46 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2010/12/11 14:19:30 | 000,426,196 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/12/11 11:37:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
    [2010/12/09 18:21:35 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/11/27 11:24:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
    [2010/11/18 20:12:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
    [2010/11/18 20:12:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [3 C:\Documents and Settings\a\Application Data\*.tmp files -> C:\Documents and Settings\a\Application Data\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/12/18 15:06:13 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\a\Desktop\SystemLook.exe
    [2010/12/18 11:40:57 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\a\Desktop\dds.scr
    [2010/12/18 11:29:31 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\a\Desktop\Flash_Disinfector.exe
    [2010/11/27 11:24:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
    [2010/10/09 08:51:56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
    [2010/10/09 08:51:55 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2010/10/09 08:51:55 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2010/10/09 08:51:55 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2010/09/21 23:00:00 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
    [2010/09/21 23:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
    [2010/07/15 21:16:01 | 000,025,548 | ---- | C] () -- C:\Documents and Settings\a\Application Data\a3SQLite3.dll
    [2010/07/15 20:10:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\a\Application Data\sysdirec.dll
    [2010/07/15 19:56:38 | 000,031,979 | ---- | C] () -- C:\Documents and Settings\a\Application Data\SQLite3.dll
    [2009/10/31 17:10:11 | 000,575,725 | ---- | C] () -- C:\Documents and Settings\a\Application Data\NMM-MetaData.db
    [2009/09/05 13:32:26 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\a\Application Data\vso_ts_preview.xml
    [2009/09/05 13:31:55 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\a\Application Data\inst.exe
    [2009/08/11 22:25:52 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
    [2009/08/08 08:45:37 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\a\Application Data\ezpinst.exe
    [2009/08/08 08:45:37 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\a\Application Data\pcouffin.cat
    [2009/08/08 08:45:37 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\a\Application Data\pcouffin.inf
    [2009/08/08 08:45:37 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\a\Application Data\pcouffin.log
    [2009/08/03 20:36:26 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
    [2009/07/27 12:16:22 | 000,156,065 | ---- | C] () -- C:\Program Files\Mulce la Bran.jpg
    [2009/05/20 00:08:27 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
    [2009/04/25 00:51:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2009/04/08 07:28:37 | 000,014,562 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
    [2009/04/08 07:27:52 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2009/04/08 07:27:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
    [2009/04/08 07:27:45 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2009/04/08 00:10:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2009/04/07 17:45:16 | 000,027,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
    [2009/04/07 17:45:16 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
    [2009/04/07 17:45:15 | 003,499,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
    [2009/04/07 17:29:09 | 000,169,472 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/04/07 17:11:19 | 000,000,514 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2009/04/07 16:45:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2009/02/19 11:26:38 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2009/02/19 11:26:38 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2009/02/19 11:26:38 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2009/02/19 11:26:38 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2009/02/19 11:26:38 | 000,007,237 | ---- | C] () -- C:\WINDOWS\cadx2.ini
    [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
    [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
    [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
    [2005/12/26 06:51:17 | 000,002,510 | -H-- | C] () -- C:\Documents and Settings\a\Application Data\alog.dat
    [2005/12/07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
    [2003/04/11 11:20:42 | 000,005,336 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

    ========== LOP Check ==========

    [2009/05/30 14:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\BitSpirit
    [2009/08/11 22:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\DAEMON Tools
    [2009/08/11 22:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\DAEMON Tools Lite
    [2009/08/11 22:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\DAEMON Tools Pro
    [2010/05/10 19:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Datalayer
    [2010/11/17 12:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\DVDVideoSoftIEHelpers
    [2009/04/07 17:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\ESET
    [2010/11/15 21:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\GetRightToGo
    [2009/07/17 12:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Leadertech
    [2010/11/17 17:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Leawo
    [2009/09/29 19:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Nokia
    [2009/07/17 11:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Nokia Multimedia Player
    [2010/10/26 17:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Participatory Culture Foundation
    [2009/09/29 19:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\PC Suite
    [2010/10/26 22:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\PCF-VLC
    [2009/08/08 01:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\SAU KP
    [2009/08/04 09:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Seven Zip
    [2010/07/22 22:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Softland
    [2010/08/10 21:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\streamripper
    [2009/05/23 14:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\TuneUp Software
    [2010/05/22 13:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Uniblue
    [2010/08/14 00:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Application Data\Vso
    [2009/08/11 22:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
    [2009/07/17 12:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
    [2009/08/11 22:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easy CD-DA Extractor
    [2010/06/29 22:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
    [2010/11/17 17:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
    [2009/07/17 12:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
    [2010/12/15 00:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/05/19 17:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
    [2010/11/08 18:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
    [2010/08/14 00:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
    [2009/08/04 09:41:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
    [2010/05/19 17:14:58 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
    [2010/12/18 13:57:29 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

    < End of report >
    ==========================================================

    OTL Extras logfile created on: 12/18/2010 3:17:26 PM - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\a\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 59.61 Gb Total Space | 18.07 Gb Free Space | 30.31% Space Free | Partition Type: NTFS
    Drive D: | 263.67 Gb Total Space | 136.68 Gb Free Space | 51.84% Space Free | Partition Type: NTFS
    Drive E: | 272.88 Gb Total Space | 96.64 Gb Free Space | 35.41% Space Free | Partition Type: NTFS

    Computer Name: A-1D2D0368C7834 | User Name: a | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 4

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\BitSpirit\BitSpirit.exe" = C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:BitSpirit -- (LANSPIRIT.NET)
    "Windows SafeAssign" = C:\Documents and Settings\a\Application Data\winlogon.exe -- File not found
    "Microsoft SecureAssist" = C:\Documents and Settings\a\Application Data\winlogon.exe -- File not found
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
    "{1240CF7E-11B6-4C95-B4E7-F524CF3F785A}" = Nokia Lifeblog
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
    "{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = Codec-TS SDK
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = CNR-WCAM613 Canyon PC Camera
    "{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
    "{436BD112-AC20-44FD-8B7A-7F6B6CD85745}" = MuzicaTV Download Studio
    "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
    "{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
    "{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
    "{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{90110418-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = De-interlace SDK
    "{9EF7918F-6283-48D4-8648-9FE84BE9FB41}" = The Orange Box
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
    "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
    "{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = TT-SB SDK
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
    "{BD72E64C-F0DB-40CB-846B-611C57D8AB0C}" = Nokia Multimedia Factory
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C21C71CB-3E5C-401C-91D2-DEDACDB26BAF}" = ESET Smart Security
    "{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
    "{C9618743-1A5C-461E-91C4-E013A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
    "{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
    "3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "ASCOM Platform 4.1" = ASCOM Platform 4.1
    "AtcL1" = Attansic L1 Gigabit Ethernet Driver
    "BitSpirit_is1" = BitSpirit v3.6.0.403 Stable
    "BSPlayer1" = BSPlayer
    "DAEMON Tools Toolbar" = DAEMON Tools Toolbar
    "doPDF 7 printer_is1" = doPDF 7.1 printer
    "DVD Decrypter" = DVD Decrypter (Remove Only)
    "Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12
    "Easy Video Joiner_is1" = Easy Video Joiner 5.21
    "ESET Online Scanner" = ESET Online Scanner v3
    "EXPERTool_is1" = EXPERTool 7.2
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InstallShield_{BD72E64C-F0DB-40CB-846B-611C57D8AB0C}" = Nokia Multimedia Factory
    "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.4 (Full)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MV2Player" = MV2Player (remove only)
    "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "NVIDIA Drivers" = NVIDIA Drivers
    "SpywareBlaster_is1" = SpywareBlaster 4.4
    "Streamripper" = Streamripper (Remove only)
    "SubtitleWorkshop" = Subtitle Workshop 2.51
    "The KMPlayer" = The KMPlayer (remove only)
    "TuneUp Utilities" = TuneUp Utilities
    "Ultra Video Splitter_is1" = Ultra Video Splitter 5.1.0713
    "VLC media player" = VideoLAN VLC media player 0.8.2-test3
    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    "Winamp" = Winamp
    "Winamp Toolbar" = Winamp Toolbar
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    Error - 6/26/2010 11:38:24 AM | Computer Name = A-1D2D0368C7834 | Source = .NET Runtime | ID = 0
    Description =

    [ System Events ]
    Error - 12/10/2010 2:34:37 PM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1058" attempting to start the service ImapiService
    with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}

    Error - 12/11/2010 6:51:00 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1084" attempting to start the service netman with
    arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    Error - 12/11/2010 6:51:11 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1084" attempting to start the service EventSystem
    with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 12/11/2010 6:51:54 AM | Computer Name = A-1D2D0368C7834 | Source = Service Control Manager | ID = 7001
    Description = The DNS Client service depends on the TCP/IP Protocol Driver service
    which failed to start because of the following error: %%31

    Error - 12/11/2010 6:51:54 AM | Computer Name = A-1D2D0368C7834 | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    AFD ehdrv epfwtdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

    Error - 12/11/2010 7:38:02 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1084" attempting to start the service EventSystem
    with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 12/11/2010 9:42:42 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1058" attempting to start the service ImapiService
    with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}

    Error - 12/13/2010 12:03:33 PM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1058" attempting to start the service ImapiService
    with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}

    Error - 12/18/2010 6:25:07 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1058" attempting to start the service ImapiService
    with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}

    Error - 12/18/2010 8:11:26 AM | Computer Name = A-1D2D0368C7834 | Source = DCOM | ID = 10005
    Description = DCOM got error "%1058" attempting to start the service ImapiService
    with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}

    [ TuneUp Events ]
    Error - 2/15/2010 2:49:21 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 2/15/2010 5:58:44 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 2/19/2010 1:13:20 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 2/22/2010 3:50:11 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 2/25/2010 3:03:10 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 3/1/2010 12:01:55 PM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 5/7/2010 10:55:57 AM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 5/7/2010 10:56:22 AM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 5/7/2010 10:57:42 AM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =

    Error - 5/15/2010 5:54:32 AM | Computer Name = A-1D2D0368C7834 | Source = TuneUp Program Statistics | ID = 131840
    Description =


    < End of report >

  8. #8
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Looks like your using a Cracked version of ESET ??
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #9
    Member
    Join Date
    May 2009
    Posts
    43

    Default Win32/Injector.DTD only on USB stick

    Yes.
    I'm from eastern Europe.
    Our paycheck is much smaller as in west.

  10. #10
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Sorry, there are people in this country and many others that cannot afford to pay for Anti Virus software. If you would search with Google you will find there are a few free legal versions that are more than adequate.





    Downloading and installing Cracked software is illegal and one of the fastest ways of infecting your system. We do not ( for any reason ) condone the use of illegal software and if I was to continue to help you it could be construed in the eyes of the law as aiding and abetting a crime. Basically your using stolen software.


    Sorry, this thread will now be closed. If you post back in the future for malware problems and illegal software is detected no help will be offered.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •