DSS main:
Deckard's System Scanner v20071014.68
Run by Fredrik Meltzer on 2008-06-11 14:19:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
48: 2008-06-11 12:19:12 UTC - RP48 - Deckard's System Scanner Restore Point
47: 2008-06-10 13:46:47 UTC - RP47 - Software Distribution Service 3.0
46: 2008-06-10 10:04:40 UTC - RP46 - System Checkpoint
45: 2008-06-08 23:48:28 UTC - RP45 - Software Distribution Service 3.0
44: 2008-06-08 11:07:29 UTC - RP44 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-04-28 13:31:48 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Fredrik Meltzer.exe) -------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:24, on 11.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Unlocker\UnlockerAssistant.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\Fredrik Meltzer\Desktop\dss.exe
D:\PROGRA~1\TRENDM~1\HIJACK~1\Fredrik Meltzer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft....k/?LinkId=74005O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4180 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 pcouffin (VSO Software pcouffin) - d:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Memory Controller
Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Manufacturer:
Name: PCI Memory Controller
PNP Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Other PCI Bridge Device
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Manufacturer:
Name: Other PCI Bridge Device
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Service:
-- Files created between 2008-05-11 and 2008-06-11 -----------------------------
2008-06-11 00:03:06 0 dr-h----- D:\Documents and Settings\Fredrik Meltzer\Recent
2008-06-09 01:50:25 0 d-------- D:\Program Files\MSXML 6.0
2008-06-09 01:49:03 0 d-------- D:\Program Files\MSXML 4.0
2008-06-08 13:07:32 0 d--h----- D:\WINDOWS\$hf_mig$
2008-06-08 12:48:18 0 d-------- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-08 12:45:41 0 d-------- D:\WINDOWS\system32\SoftwareDistribution
2008-06-08 05:40:08 0 d-------- D:\Program Files\Trend Micro
2008-06-08 05:02:26 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Malwarebytes
2008-06-08 05:02:25 0 d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 05:02:24 0 d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 05:02:06 0 d-------- D:\Program Files\Common Files\Download Manager
2008-06-06 19:22:15 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\mIRC
2008-06-06 19:22:14 0 d-------- D:\Program Files\mIRC
2008-06-06 16:26:49 0 d-------- D:\Program Files\FairUse Wizard 2
2008-06-06 16:26:18 47360 --a------ D:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-06 16:26:18 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Vso
2008-06-06 16:26:18 47360 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-06 16:26:08 0 d-------- D:\Program Files\DVDFab 5
2008-06-05 21:07:41 0 d-------- D:\Program Files\Maketorrent 2
2008-06-05 15:22:05 43698 --a------ D:\WINDOWS\system32\xvid-uninstall.exe
2008-06-05 15:21:46 0 d-------- D:\Program Files\AviSynth 2.5
2008-06-05 15:18:23 0 d-------- D:\Program Files\Gabest
2008-06-05 15:17:57 0 d-------- D:\Program Files\AutoGK
2008-06-02 22:54:57 0 d-------- D:\WINDOWS\system32\LogFiles
2008-05-30 23:42:34 0 d-------- D:\Documents and Settings\All Users\Application Data\GRETECH
2008-05-30 23:41:58 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\GRETECH
2008-05-30 23:41:45 0 d-------- D:\Program Files\GomPlayer
2008-05-29 15:04:23 0 d-------- D:\Program Files\Haali
2008-05-29 15:03:39 0 d-------- D:\Program Files\CoreCodec
2008-05-29 14:36:22 0 d-------- D:\Program Files\MediaInfo
2008-05-18 19:48:31 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Convivea
2008-05-18 19:48:30 0 d-------- D:\Program Files\Bit Che
2008-05-15 21:18:28 0 d-------- D:\Program Files\Java
2008-05-15 21:10:07 0 d-------- D:\Program Files\Common Files\Java
-- Find3M Report ---------------------------------------------------------------
2008-06-11 14:19:05 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\uTorrent
2008-06-09 13:27:13 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\dvdcss
2008-06-09 11:09:12 0 d-------- D:\Program Files\TrojanHunter 5.0
2008-06-08 05:16:54 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Desktopicon
2008-06-08 05:02:06 0 d-------- D:\Program Files\Common Files
2008-06-06 16:26:26 34 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\pcouffin.log
2008-06-06 16:26:18 1144 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\pcouffin.inf
2008-06-06 16:26:18 7887 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\pcouffin.cat
2008-06-06 09:33:39 551 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\AutoGK.ini
2008-06-04 14:21:36 0 d-------- D:\Program Files\Foxit Software
2008-05-30 14:11:20 771 --a------ D:\Documents and Settings\Fredrik Meltzer\Application Data\coreavc.ini
2008-05-08 02:03:52 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\LimeWire
2008-05-04 03:53:32 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Media Player Classic
2008-05-04 02:48:49 0 d-------- D:\Program Files\LimeWire
2008-04-28 23:27:39 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\vlc
2008-04-28 20:27:03 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\WinRAR
2008-04-28 20:16:23 0 d-------- D:\Program Files\uTorrent
2008-04-28 20:00:50 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Helios
2008-04-28 20:00:43 0 d-------- D:\Program Files\TextPad 5
2008-04-28 19:14:37 0 d-------- D:\Program Files\VideoLAN
2008-04-28 18:44:56 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Adobe
2008-04-28 18:35:04 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Opera
2008-04-28 18:34:55 0 d-------- D:\Program Files\Opera
2008-04-28 17:32:00 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Macromedia
2008-04-28 17:07:17 0 d-------- D:\Program Files\Common Files\ODBC
2008-04-28 17:07:14 0 d-------- D:\Program Files\Common Files\SpeechEngines
2008-04-28 17:06:50 62 --ahs---- D:\Documents and Settings\Fredrik Meltzer\Application Data\desktop.ini
2008-04-28 16:38:26 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\TrojanHunter
2008-04-28 15:46:41 298104 --a------ D:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-04-28 15:41:09 0 d-------- D:\Program Files\Common Files\InstallShield
2008-04-28 15:38:01 0 d-------- D:\Program Files\Marvell
2008-04-28 15:31:32 0 d-------- D:\Documents and Settings\Fredrik Meltzer\Application Data\Identities
2008-04-28 15:23:05 0 d-------- D:\Program Files\microsoft frontpage
2008-04-28 15:21:31 0 d--h----- D:\Program Files\WindowsUpdate
2008-04-28 15:20:41 0 d-------- D:\Program Files\Common Files\MSSoap
2008-04-28 15:20:34 0 d-------- D:\Program Files\Movie Maker
2008-04-28 15:19:38 21640 --a------ D:\WINDOWS\system32\emptyregdb.dat
2008-04-28 15:19:06 0 d-------- D:\Program Files\Online Services
2008-04-28 15:18:57 0 d-------- D:\Program Files\Windows Media Connect 2
2008-04-28 15:18:42 0 d-------- D:\Program Files\Messenger
2008-04-28 15:18:37 0 d-------- D:\Program Files\MSN Gaming Zone
2008-04-28 15:18:31 0 d-------- D:\Program Files\Windows NT
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [05.12.2007 01:41]
"nwiz"="nwiz.exe" [05.12.2007 01:41 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [05.12.2007 01:41]
"nod32kui"="D:\Program Files\Eset\nod32kui.exe" [28.04.2008 15:46]
"UnlockerAssistant"="D:\Program Files\Unlocker\UnlockerAssistant.exe" [01.03.2008 07:10]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [04.08.2004 03:56]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [22.07.2007 13:32]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"=regsvr32 /s /n /i:u shell32
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{541f4fc1-152e-11dd-8b54-806d6172696f}]
AutoRun\command- G:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-06-11 14:19:49 ------------
DSS Extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon 64 Processor 3800+
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 1023.48 MiB / 640.27 MiB
Pagefile Memory (total/avail): 2460.71 MiB / 2181.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.69 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 465.76 GiB total, 43.28 GiB free.
D: is Fixed (NTFS) - 111.78 GiB total, 94.15 GiB free.
E: is Fixed (NTFS) - 465.76 GiB total, 60.46 GiB free.
G: is CDROM (CDFS)
\\.\PHYSICALDRIVE0 - SAMSUNG HD120IJ - 111.79 GiB - 1 partition
\PARTITION0 - Installable File System - 111.78 GiB - D:
\\.\PHYSICALDRIVE1 - SAMSUNG HD501LJ - 465.76 GiB - 1 partition
\PARTITION0 - Installable File System - 465.76 GiB - E:
\\.\PHYSICALDRIVE2 - SAMSUNG HD501LJ - 465.76 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 465.76 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
Unable to create WMI object.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=D:\Documents and Settings\All Users
APPDATA=D:\Documents and Settings\Fredrik Meltzer\Application Data
CLIENTNAME=Console
CommonProgramFiles=D:\Program Files\Common Files
COMPUTERNAME=MELTZER
ComSpec=D:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=D:
HOMEPATH=\Documents and Settings\Fredrik Meltzer
LOGONSERVER=\\MELTZER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=D:\WINDOWS\system32;D:\WINDOWS;D:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=D:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=D:
SystemRoot=D:\WINDOWS
TEMP=D:\DOCUME~1\FREDRI~1\LOCALS~1\Temp
TMP=D:\DOCUME~1\FREDRI~1\LOCALS~1\Temp
USERDOMAIN=MELTZER
USERNAME=Fredrik Meltzer
USERPROFILE=D:\Documents and Settings\Fredrik Meltzer
windir=D:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Fredrik Meltzer
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
µTorrent --> "D:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player Plugin --> D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Auto Gordian Knot 2.45 --> D:\Program Files\AutoGK\uninst.exe
AviSynth 2.5 --> "D:\Program Files\AviSynth 2.5\Uninstall.exe"
Bit Che --> "D:\Program Files\Bit Che\unins000.exe"
CoreAVC Professional Edition (remove only) --> "D:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.2.5 --> "D:\Program Files\DVDFab 5\unins000.exe"
FairUse Wizard 2.6 --> "D:\Program Files\FairUse Wizard 2\unins000.exe"
Foxit PDF Creator --> D:\Program Files\Foxit Software\PDF Creator\FPC_Uninstall.exe
Foxit Reader --> D:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
GOM Player --> "D:\Program Files\GomPlayer\Uninstall.exe"
HijackThis 2.0.2 --> "D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Haali Media Splitter --> "D:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LimeWire 4.16.7 --> "D:\Program Files\LimeWire\uninstall.exe"
MakeTorrent v2.1 --> "D:\Program Files\Maketorrent 2\uninstall.exe"
Malwarebytes' Anti-Malware --> "D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
MediaInfo 0.7.7.0 --> D:\Program Files\MediaInfo\uninst.exe
mIRC --> D:\Program Files\mIRC\uninstall.exe _?=D:\Program Files\mIRC
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NOD32 antivirus system --> D:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX --> "D:\Program Files\Eset\unins000.exe"
NVIDIA Drivers --> D:\WINDOWS\system32\nvuninst.exe UninstallGUI
Opera 9.27 --> MsiExec.exe /X{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}
Spybot - Search & Destroy --> "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
TextPad 5 --> MsiExec.exe /X{B6EC7388-E277-4A5B-8C8F-71067A41BA64}
Unlocker 1.8.6 --> D:\Program Files\Unlocker\uninst.exe
VideoLAN VLC media player 0.8.6f --> D:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR archiver --> D:\Program Files\WinRAR\uninstall.exe
XviD MPEG4 Video Codec (remove only) --> "D:\WINDOWS\system32\xvid-uninstall.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type1992 / Error
Event Submitted/Written: 06/11/2008 10:25:11 AM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type1989 / Error
Event Submitted/Written: 06/10/2008 10:07:06 AM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type1987 / Error
Event Submitted/Written: 06/09/2008 10:58:25 AM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type1983 / Error
Event Submitted/Written: 06/09/2008 00:49:28 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application explorer.exe, version 6.0.2900.3111, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type1981 / Error
Event Submitted/Written: 06/08/2008 05:49:13 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application explorer.exe, version 6.0.2900.3111, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type4077 / Warning
Event Submitted/Written: 06/11/2008 00:56:11 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type4073 / Warning
Event Submitted/Written: 06/11/2008 11:15:18 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type4072 / Warning
Event Submitted/Written: 06/11/2008 10:46:25 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type4053 / Warning
Event Submitted/Written: 06/11/2008 10:26:16 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type4052 / Error
Event Submitted/Written: 06/11/2008 10:24:49 AM / 06/11/2008 10:25:20 AM
Event ID/Source: 14 / nv
Event Description:
Unknown error on
-- End of Deckard's System Scanner: finished at 2008-06-11 14:19:49 ------------
Kaspersky scan:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, June 11, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, June 11, 2008 12:06:09
Records in database: 851604
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\
Scan statistics:
Files scanned: 51074
Threat name: 4
Infected objects: 11
Suspicious objects: 0
Duration of the scan: 05:21:55
File name / Threat name / Threats count
D:\Documents and Settings\Fredrik Meltzer\Desktop\Meltzer\Nedlastinger\Install filer\mirc632.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.632 1
D:\Program Files\ESET\infected\DNWEMPAA.NQF Infected: Trojan.Win32.Monder.gen 1
D:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.632 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper 5.5.exe Infected: not-a-virus:PSWTool.Win32.FirePass.r 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper 5.5.exe Infected: not-a-virus:PSWTool.Win32.IEPassView.e 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.r00 Infected: not-a-virus:PSWTool.Win32.FirePass.r 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.r00 Infected: not-a-virus:PSWTool.Win32.IEPassView.e 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.r01 Infected: not-a-virus:PSWTool.Win32.FirePass.r 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.r01 Infected: not-a-virus:PSWTool.Win32.IEPassView.e 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.rar Infected: not-a-virus:PSWTool.Win32.FirePass.r 1
E:\Downloads\SpySweeper5.5-FULL\SpySweeper v5.0.7.1608.rar Infected: not-a-virus:PSWTool.Win32.IEPassView.e 1
The selected area was scanned.
Thanks for your help