I got this error rpt when I tried to upload report:
"SpybotSD.Report.txt:
Your file of 27.7 KB bytes exceeds the forum's limit of 19.5 KB for this filetype."
I couldn't find all of the report exceptions you wanted un-checked.
I got this error rpt when I tried to upload report:
"SpybotSD.Report.txt:
Your file of 27.7 KB bytes exceeds the forum's limit of 19.5 KB for this filetype."
I couldn't find all of the report exceptions you wanted un-checked.
Hello.
Open Spybot:
- Click Mode
From the drop down menu choose:
- Advanced Mode
A warning will come up "Do you really want to switch to advanced mode"?
- Click Yes
A menu will appear on the left.
- Click on Tools
View Report.
If checked;
- Uncheck[ ] do not report disabled or known legitimate Items.
- Uncheck[ ] Include a list of services in report.
- Uncheck[ ] Include uninstall list in report.
- Uncheck[ ]Include list of Winsock LSPs in report.
- Now select (near the top) view report.
- Click export and in the 'save in' box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach or post that report.
Let us know if that works for you. Cheers.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
SpybotSD.Report040907.txt:
Your file of 22.9 KB bytes exceeds the forum's limit of 19.5 KB for this filetype.
I unchecked all the ones you wanted me to, except "... list of services.." which I could find listed.
Thanks again, Jim
Hi there.
Hmmm.
- Open Spybot-S&D and start a scan ("check for problems").
- After the scan, right-click in the results field and choose either "Save full report to file..." or
- "Copy full report to clipboard".
- Attach the file (or copy the report) to the email and send it to: detections(at)spybot.info (Replace AT with @)
Then, follow the procedure in this link: "BEFORE you POST" Start your own thread in the Malware Removal Forum
Once you have posted a helper will advise you as soon as available.
Cheers.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
hi tashi. i have the same problem with the rest here. i have read the previous message of yours and i followed it. i already saved the report.txt and here it is. kindly help me what to do next. pls. Thank u so much. hope to hear from u soon.
--- Search result list ---
MyWay.MyWebSearch: Program directory (Directory, fixing failed)
C:\Program Files\MyWebSearch\
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-07-12 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-07-11 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-07-11 Includes\DialerC.sbi (*)
2007-07-11 Includes\Hijackers.sbi (*)
2007-07-11 Includes\HijackersC.sbi (*)
2007-07-11 Includes\Keyloggers.sbi (*)
2007-07-11 Includes\KeyloggersC.sbi (*)
2007-07-11 Includes\Malware.sbi (*)
2007-07-11 Includes\MalwareC.sbi (*)
2007-07-11 Includes\PUPS.sbi (*)
2007-07-11 Includes\PUPSC.sbi (*)
2007-07-11 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-07-11 Includes\SecurityC.sbi (*)
2007-07-11 Includes\Spybots.sbi (*)
2007-07-11 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-07-03 Includes\Trojans.sbi (*)
2007-07-11 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll
--- System information ---
Unknown Windows version 6.0 (Build: 6000)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
--- Startup entries list ---
Located: HK_LM:Run, Acer Tour
command:
file:
Located: HK_LM:Run, Acer Tour Reminder
command: C:\Acer\AcerTour\Reminder.exe
file: C:\Acer\AcerTour\Reminder.exe
size: 151552
MD5: c9a427b89a40727b0098f574d4fce371
Located: HK_LM:Run, AcerOrbicamRibbon
command: "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
file: C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
size: 754712
MD5: 0fda0dcaf7010d2ea924ebf5c1ed0281
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: 2200c98c049de1a7638ea0edba1c8882
Located: HK_LM:Run, eDataSecurity Loader
command: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
file: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
size: 464168
MD5: 0921a68e8fe9b25dd0effab949376b5f
Located: HK_LM:Run, eRecoveryService
command:
file:
Located: HK_LM:Run, HotKeysCmds
command: C:\Windows\system32\hkcmd.exe
file: C:\Windows\system32\hkcmd.exe
size: 106496
MD5: bf3e01c18ce6cdef16b0df23e1dcf376
Located: HK_LM:Run, IgfxTray
command: C:\Windows\system32\igfxtray.exe
file: C:\Windows\system32\igfxtray.exe
size: 98304
MD5: 1c64dd02fde078608549c62398de2fef
Located: HK_LM:Run, LManager
command: C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
file: C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
size: 483328
MD5: 7a657bb5e406ebc7ad8fd099a54f3bb7
Located: HK_LM:Run, LogitechCommunicationsManager
command: "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
file: C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
size: 304664
MD5: c81579a9763263fb6fe79334f5029dc4
Located: HK_LM:Run, LVCOMSX
command: "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
file: C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
size: 244512
MD5: 31e73e0fd0ffb364c4b32f46a6775db1
Located: HK_LM:Run, My Web Search Bar Search Scope Monitor
command: "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
file:
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\RUNDLL32.EXE
size: 44544
MD5: 4b555106290bd117334e9a08761c035a
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file: C:\Windows\system32\RUNDLL32.EXE
size: 44544
MD5: 4b555106290bd117334e9a08761c035a
Located: HK_LM:Run, NvSvc
command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
file: C:\Windows\system32\RUNDLL32.EXE
size: 44544
MD5: 4b555106290bd117334e9a08761c035a
Located: HK_LM:Run, OneCareUI
command: "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
file: C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
size: 66944
MD5: 0d5c785bbe8fd4545738f17e9e6d025a
Located: HK_LM:Run, PCMService
command: "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
file: C:\Program Files\Acer\Acer Arcade\PCMService.exe
size: 151552
MD5: 2862436e1ce0825b561ef37c2143c18a
Located: HK_LM:Run, Persistence
command: C:\Windows\system32\igfxpers.exe
file: C:\Windows\system32\igfxpers.exe
size: 81920
MD5: 8e899a1a7c4670ce4ec1337cbf989787
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4186112
MD5: 32e4e820edbd675009605f90dd97ee6c
Located: HK_LM:Run, SetPanel
command:
file:
Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 815104
MD5: f98281ef23616f751fabe97a6ec5dbe6
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file:
Located: HK_LM:Run, WPCUMI
command: C:\Windows\system32\WpcUmi.exe
file: C:\Windows\system32\WpcUmi.exe
size: 176128
MD5: c456658af90f42be3cdf1048f9cdb5ca
Located: HK_LM:RunOnce, SpybotSnD
command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09ca174a605b480318731e691dc98539
Located: HK_CU:Run, ISUSPM Startup
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 249856
MD5: 1c46fc1ab600766b8554580204806e84
Located: HK_CU:Run, msnmsgr
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: c4281ad865739e71fd1e4dac19a68d60
Located: HK_CU:Run, WMPNSCFG
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 201728
MD5: 20ef9002cff89c4c1077e4415ec7297b
Located: HK_CU:Run, Yahoo! Pager
command: "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
file: C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
size: 4670968
MD5: 81bcd9b9a86c3559f5bcfe56519a9a19
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), Bluetooth.lnk
command: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
file: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 703280
MD5: 3fac23d4b003c1bf7a8f355cf3a504b6
Located: Startup (common), Empowering Technology Launcher.lnk
command: C:\Acer\Empowering Technology\eAPLauncher.exe
file: C:\Acer\Empowering Technology\eAPLauncher.exe
size: 528384
MD5: c849d57292e58a9e1c55559930fd1082
Located: Startup (common), WinZip Quick Pick.lnk
command: C:\Program Files\WinZip\WZQKPICK.EXE
file: C:\Program Files\WinZip\WZQKPICK.EXE
size: 394856
MD5: d79ddd73eee4266ae7dc2cbd87b56090
Located: System.ini, avgwlntf
command: avgwlntf.dll
file: avgwlntf.dll
Located: System.ini, igfxcui
command: igfxdev.dll
file: igfxdev.dll
--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
BHO name:
CLSID name: Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
Long name: yt.dll
Short name:
Date (created): 3/17/2007 5:53:36 PM
Date (last access): 3/17/2007 5:53:36 PM
Date (last write): 9/27/2006 2:42:50 PM
Filesize: 441408
Attributes: archive
MD5: 2F56D8F57D4CCCD8970F59A40989545F
CRC32: 74FB5695
Version: 2006.9.27.1
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/14/2004 1:56:50 AM
Date (last access): 7/14/2005 5:26:38 AM
Date (last write): 12/14/2004 1:56:50 AM
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 7/12/2007 8:49:16 PM
Date (last access): 7/12/2007 8:49:16 PM
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (Yahoo! IE Services Button)
BHO name:
CLSID name: Yahoo! IE Services Button
Path: C:\Program Files\Yahoo!\common\
Long name: yiesrvc.dll
Short name:
Date (created): 4/8/2007 12:06:28 PM
Date (last access): 4/8/2007 12:06:28 PM
Date (last write): 10/31/2006 3:29:16 PM
Filesize: 198136
Attributes: archive
MD5: F8981F09E8DA4FDB7F6B6E2B5361AEAE
CRC32: 2CDBBB6C
Version: 2006.10.31.3
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: ssv.dll
Short name:
Date (created): 10/12/2006 3:10:58 AM
Date (last access): 10/12/2006 3:10:58 AM
Date (last write): 10/12/2006 3:25:44 AM
Filesize: 434279
Attributes: archive
MD5: D62E335F137D9E0F9F4DBE09564959B1
CRC32: 72699310
Version: 5.0.90.3
{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
BHO name:
CLSID name:
{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} (ShowBarObj Class)
BHO name:
CLSID name: ShowBarObj Class
Path: C:\Windows\system32\
Long name: ActiveToolBand.dll
Short name: ACTIVE~2.DLL
Date (created): 2/6/2007 11:53:44 PM
Date (last access): 5/13/2007 11:22:22 AM
Date (last write): 2/6/2007 11:53:44 PM
Filesize: 299008
Attributes: archive
MD5: EB9ADC7836FCA7A00F8DD5583E94F7E2
CRC32: 686FFE67
Version: 3.0.0.2
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 8/31/2006 8:33:06 PM
Date (last access): 5/13/2007 1:41:32 AM
Date (last write): 8/31/2006 8:33:06 PM
Filesize: 322368
Attributes: archive
MD5: E43F7CFDEE2B00A22C96C168147B20D3
CRC32: 2AEACC43
Version: 4.100.313.1
--- ActiveX list ---
{149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control)
DPF name:
CLSID name: SpinTop DRM Control
Installer:
Codebase: file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
Path: C:\Windows\DOWNLO~1\CONFLICT.1\
Long name: stg_drm.ocx
Short name:
Date (created): 6/28/2007 10:06:24 AM
Date (last access): 6/28/2007 10:06:24 AM
Date (last write): 6/20/2007 7:39:04 PM
Filesize: 111952
Attributes: archive
MD5: 5D4C6F050999A533E0A5D414A15057C4
CRC32: C3C8A548
Version: 1.0.0.5
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\Windows\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/s...irector/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\Windows\system32\macromed\Director\
Long name: swdir.dll
Short name:
Date (created): 6/19/2007 2:07:02 PM
Date (last access): 6/19/2007 2:08:36 PM
Date (last write): 5/2/2007 12:32:04 PM
Filesize: 182512
Attributes: archive
MD5: 95F03ABE4B96C50CF4DA8245819138E4
CRC32: 12E5BB80
Version: 10.2.0.22
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
DPF name:
CLSID name: YInstStarter Class
Installer: C:\Program Files\Yahoo!\Common\yinst.inf
Codebase: C:\Program Files\Yahoo!\Common\yinsthelper.dll
description: Yahoo! Installation helper
classification: Legitimate
known filename: %SystemRoot%\Downloaded Program Files\yinsthelper.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Yahoo!\common\
Long name: yinsthelper.dll
Short name: YINSTH~1.DLL
Date (created): 4/8/2007 12:06:34 PM
Date (last access): 4/8/2007 12:06:34 PM
Date (last write): 7/30/2006 1:25:34 PM
Filesize: 188968
Attributes: archive
MD5: 18B54B53CEE0E7204495BAB864EBBF03
CRC32: 6D72BB93
Version: 2006.4.14.2
{639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object)
DPF name:
CLSID name: CPlayFirstDinerDash2Control Object
Installer: C:\Windows\Downloaded Program Files\DinerDash2.1.0.0.68.inf
Codebase: http://zone.msn.com/bingame/dsh2/def...2.1.0.0.68.cab
Path: C:\Windows\Downloaded Program Files\
Long name: DinerDash2.1.0.0.68.dll
Short name: DINERD~2.DLL
Date (created): 12/16/2006 10:48:56 PM
Date (last access): 12/16/2006 10:48:56 PM
Date (last write): 12/16/2006 10:48:56 PM
Filesize: 2094696
Attributes: archive
MD5: 798B45F88A24390241A7B4CAB9F83A8A
CRC32: 0DBFA143
Version: 1.0.0.68
{7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class)
DPF name:
CLSID name: MJLauncherCtrl Class
Installer: C:\Windows\Downloaded Program Files\mjolauncher.inf
Codebase: http://messenger.zone.msn.com/EN-US/...jolauncher.cab
description:
classification: Legitimate
known filename: mjolauncher.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\Downloaded Program Files\
Long name: mjolauncher.dll
Short name: MJOLAU~1.DLL
Date (created): 10/3/2006 3:48:28 PM
Date (last access): 10/3/2006 3:48:28 PM
Date (last write): 10/3/2006 3:48:28 PM
Filesize: 327680
Attributes: archive
MD5: 026E1291E47AE30EBB1D3427B09567AA
CRC32: FFACA8C9
Version: 1.0.0.11
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 10/12/2006 3:10:58 AM
Date (last access): 10/12/2006 3:10:58 AM
Date (last write): 10/12/2006 3:25:44 AM
Filesize: 69746
Attributes: archive
MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
CRC32: 2A32A9A2
Version: 5.0.90.3
{9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class)
DPF name:
CLSID name: PhotoPickConvert Class
Installer: C:\Windows\Downloaded Program Files\PhtPkMSN.inf
Codebase: http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab
description:
classification: Legitimate
known filename: PhtPkMSN.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\Downloaded Program Files\
Long name: PhtPkMSN.dll
Short name:
Date (created): 4/12/2005 2:58:46 PM
Date (last access): 4/12/2005 2:58:46 PM
Date (last write): 4/12/2005 2:58:46 PM
Filesize: 77824
Attributes: archive
MD5: 96D1957C46D090566C8243CC6A4D00AF
CRC32: 27BD22B7
Version: 10.0.910.0
{B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer)
DPF name:
CLSID name: MSN Games - Installer
Installer:
Codebase: http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 2/19/2007 11:26:28 AM
Date (last access): 2/19/2007 11:26:28 AM
Date (last write): 2/19/2007 11:26:28 AM
Filesize: 159128
Attributes: archive
MD5: E681AC948003CCA59C6C00D3F5EC3D4B
CRC32: C8723760
Version: 9.5.6649.1
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary...t.cab56907.cab
Path: C:\Windows\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 2/22/2007 11:41:12 PM
Date (last access): 2/22/2007 11:41:12 PM
Date (last write): 2/22/2007 11:41:12 PM
Filesize: 304544
Attributes: archive
MD5: 8945CCA5FC4F25168E8B6F401EFAF51F
CRC32: 0F12FD23
Version: 9.5.6907.1
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_09.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 10/12/2006 3:10:58 AM
Date (last access): 10/12/2006 3:10:58 AM
Date (last write): 10/12/2006 3:25:44 AM
Filesize: 69746
Attributes: archive
MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
CRC32: 2A32A9A2
Version: 5.0.90.3
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 10/12/2006 3:10:58 AM
Date (last access): 10/12/2006 3:10:58 AM
Date (last write): 10/12/2006 3:25:44 AM
Filesize: 69746
Attributes: archive
MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
CRC32: 2A32A9A2
Version: 5.0.90.3
{CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control)
DPF name:
CLSID name: ArmHelper Control
Installer:
Codebase: file:///C:/Program%20Files/Zuma/Images/armhelper.ocx
Path:
Long name: ./Images/armhelper.ocx
{DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object)
DPF name:
CLSID name: CPlayFirstDinerDashControl Object
Installer: C:\Windows\Downloaded Program Files\DinerDash.1.0.0.94.inf
Codebase: http://zone.msn.com/bingame/dash/def...h.1.0.0.94.cab
Path: C:\Windows\Downloaded Program Files\
Long name: DinerDash.1.0.0.94.dll
Short name: DINERD~1.DLL
Date (created): 12/18/2006 6:21:44 PM
Date (last access): 12/18/2006 6:21:44 PM
Date (last write): 12/18/2006 6:21:44 PM
Filesize: 1730152
Attributes: archive
MD5: 4D4BB2E65A1BD8CC3EB58C1149BD435A
CRC32: 9EC256AC
Version: 1.0.0.94
--- Process list ---
PID: 408 ( 4) \SystemRoot\System32\smss.exe
PID: 536 ( 524) C:\Windows\system32\csrss.exe
size: 7680
MD5: 117B7C8A8B026A5DCE5E3180ED05E823
PID: 568 ( 524) C:\Windows\system32\wininit.exe
size: 95744
MD5: D4385B03E8CCCEE6F0EE249F827C1F3E
PID: 588 ( 576) C:\Windows\system32\csrss.exe
size: 7680
MD5: 117B7C8A8B026A5DCE5E3180ED05E823
PID: 620 ( 568) C:\Windows\system32\services.exe
size: 279552
MD5: 329CF3C97CE4C19375C8ABCABAE258B0
PID: 632 ( 568) C:\Windows\system32\lsass.exe
size: 7680
MD5: 6A0E382E74280E4CC0DF17FE2661D003
PID: 640 ( 568) C:\Windows\system32\lsm.exe
size: 210944
MD5: 77F52395637906269B91264FFE576B51
PID: 784 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 804 ( 576) C:\Windows\system32\winlogon.exe
size: 308224
MD5: 9F75392B9128A91ABAFB044EA350BAAD
PID: 876 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 916 ( 620) C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
size: 18832
MD5: 4636AEBD28D9968C570DC927F5831E09
PID: 1040 ( 620) C:\Windows\System32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1072 ( 620) C:\Windows\System32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1092 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1232 ( 620) C:\Windows\system32\SLsvc.exe
size: 2605568
MD5: A1DCD30534835CB67733AD00175125A6
PID: 1276 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1416 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1608 ( 620) C:\Windows\System32\spoolsv.exe
size: 124928
MD5: DA612EF2556776DF2630B68BF2D48935
PID: 1632 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1784 ( 620) C:\Windows\system32\agrsmsvc.exe
size: 9216
MD5: 39E435C90C9C4F780FA0ED05CA3C3A1B
PID: 1828 ( 620) C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
size: 353280
MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
PID: 1912 ( 620) C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
size: 49664
MD5: 30A14F65DB477DC00A64A5A24E96919C
PID: 1940 ( 620) C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
size: 192512
MD5: A61C6AA3A694165EE57D3A4833060E4F
PID: 1964 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 1976 (1940) C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
size: 192512
MD5: A61C6AA3A694165EE57D3A4833060E4F
PID: 1988 ( 620) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
size: 254014
MD5: 7DABC3F712E3D9C6ACBE9A9CDC5B3D30
PID: 336 ( 620) C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
size: 1073152
MD5: 18AA92BA15EBB0C61C72308C6F20DD0E
PID: 424 ( 620) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
size: 457512
MD5: F87DDE13D57062DA8EBA2368667D8130
PID: 948 ( 620) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
size: 24576
MD5: 7A9E8C1BE235D0B0CA784A13FC960B6A
PID: 1704 ( 620) C:\Acer\Empowering Technology\eNet\eNet Service.exe
size: 126976
MD5: B462C73B8B9498A8F0F895B757733698
PID: 1020 ( 620) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
size: 61440
MD5: 559C9B7800FAC92FC515CD0003D7C631
PID: 1464 ( 620) C:\Acer\Mobility Center\MobilityService.exe
size: 107008
MD5: 842684E0DF20A59E293DA1C6F0DFE261
PID: 2080 ( 620) C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
size: 28728
MD5: F21358195988883EA4B76E8A68D046D4
PID: 2240 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 2268 ( 620) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
size: 143360
MD5: 3608232AA691B72B1F696ACB9852EE3F
PID: 2300 ( 620) C:\Windows\system32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 2368 ( 620) C:\Windows\System32\svchost.exe
size: 22016
MD5: 10DA15933D582D2FEDCF705EFE394B09
PID: 2392 ( 620) C:\Windows\system32\SearchIndexer.exe
size: 287744
MD5: 5DE40982E3AE45DC00586A93637B351B
PID: 2432 ( 620) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
size: 114748
MD5: F7CA67BF5BFE5988CA021723D45397D5
PID: 2580 ( 620) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
size: 49152
MD5: 448E6DEFA9DFB76207A529FC0FB64069
PID: 2636 ( 620) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
size: 24576
MD5: 247BD99D52950EA6B761FA07D87E59ED
PID: 2676 (1072) C:\Windows\system32\Dwm.exe
size: 83456
MD5: E87B968F3D49117445893EB0503FE34F
PID: 2712 (2668) C:\Windows\Explorer.EXE
size: 2923520
MD5: FD8C53FB002217F6F888BCF6F5D7084D
PID: 2748 ( 620) C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
size: 822600
MD5: 5BEA8FF7FD6C5B6B6EBB50996B91E4D8
PID: 2808 ( 620) C:\Program Files\Microsoft Windows OneCare Live\winss.exe
size: 597376
MD5: F00D24F8108D216AEBE338951102829D
PID: 2876 ( 620) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
size: 135168
MD5: D4DBD5DF926A2A16F6F148559E006075
PID: 3388 ( 784) C:\Windows\system32\wbem\wmiprvse.exe
size: 245248
MD5: CD8A7F4847DD181903E6B2F1924E723E
PID: 3488 ( 784) C:\Windows\system32\wbem\unsecapp.exe
size: 37376
MD5: E19C7BCE081B85F86F03AE9D82FFA77B
PID: 3720 (1092) C:\Windows\system32\taskeng.exe
size: 166400
MD5: 1226E9FAE5B8508801EC974E3C9D9C14
PID: 3788 (1092) C:\Windows\system32\taskeng.exe
size: 166400
MD5: 1226E9FAE5B8508801EC974E3C9D9C14
PID: 1892 (2808) C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
size: 66944
MD5: 0D5C785BBE8FD4545738F17E9E6D025A
PID: 2344 (2712) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 815104
MD5: F98281EF23616F751FABE97A6EC5DBE6
PID: 2100 (2712) C:\Windows\RtHDVCpl.exe
size: 4186112
MD5: 32E4E820EDBD675009605F90DD97EE6C
PID: 2872 (2712) C:\Program Files\Acer\Acer Arcade\PCMService.exe
size: 151552
MD5: 2862436E1CE0825B561EF37C2143C18A
PID: 256 (2712) C:\Windows\System32\igfxtray.exe
size: 98304
MD5: 1C64DD02FDE078608549C62398DE2FEF
PID: 968 (2712) C:\Windows\System32\hkcmd.exe
size: 106496
MD5: BF3E01C18CE6CDEF16B0DF23E1DCF376
PID: 3756 (2712) C:\Windows\System32\igfxpers.exe
size: 81920
MD5: 8E899A1A7C4670CE4EC1337CBF989787
PID: 1844 (2712) C:\Program Files\Launch Manager\QtZgAcer.EXE
size: 483328
MD5: 7A657BB5E406EBC7AD8FD099A54F3BB7
PID: 1176 (2712) C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
size: 304664
MD5: C81579A9763263FB6FE79334F5029DC4
PID: 3476 (2712) C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
size: 244512
MD5: 31E73E0FD0FFB364C4B32F46A6775DB1
PID: 2632 (2712) C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
size: 754712
MD5: 0FDA0DCAF7010D2EA924EBF5C1ED0281
PID: 3028 (2712) C:\Windows\System32\wpcumi.exe
size: 176128
MD5: C456658AF90F42BE3CDF1048F9CDB5CA
PID: 4068 (2712) C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
size: 464168
MD5: 0921A68E8FE9B25DD0EFFAB949376B5F
PID: 2840 (2712) C:\Program Files\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: 2200C98C049DE1A7638EA0EDBA1C8882
PID: 2656 (2712) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 201728
MD5: 20EF9002CFF89C4C1077E4415EC7297B
PID: 496 (2712) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5674352
MD5: C4281AD865739E71FD1E4DAC19A68D60
PID: 3512 (2712) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 703280
MD5: 3FAC23D4B003C1BF7A8F355CF3A504B6
PID: 3852 (2712) C:\Program Files\WinZip\WZQKPICK.EXE
size: 394856
MD5: D79DDD73EEE4266AE7DC2CBD87B56090
PID: 776 (1496) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 2776 ( 620) C:\Program Files\Windows Media Player\wmpnetwk.exe
size: 895488
MD5: ACB2E63D50157E3EA7140F29D9E76A48
PID: 3144 (2100) C:\Users\ACERVA~1\AppData\Local\Temp\RtkBtMnt.exe
size: 208896
MD5: 5EF87457AB8A58694EBE35E55D093D04
PID: 3992 (1560) C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
size: 724992
MD5: 0ADB949BF976F5ADA38519F012035CB0
PID: 3824 (1560) C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
size: 462848
MD5: 6614BB708D98A56FBC8B7421F65D2542
PID: 3064 (1560) C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
size: 393216
MD5: 2B6E0D6C6DA433E54B706B41A936A01F
PID: 2420 (2188) C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
size: 103928
MD5: F9AB943EB3CF38867FFEC53E9FC39EB5
PID: 3376 ( 784) C:\Windows\system32\igfxext.exe
size: 122880
MD5: 2FEEC3D1BD39D4654E3211DBD9CD673F
PID: 2092 ( 784) C:\Windows\system32\igfxsrvc.exe
size: 196608
MD5: FECF9E330E70110ECEB6DD84995D9F5F
PID: 3616 ( 784) C:\Windows\system32\wbem\wmiprvse.exe
size: 245248
MD5: CD8A7F4847DD181903E6B2F1924E723E
PID: 5560 (2712) C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
size: 7637104
MD5: 77C6AB4E70E7FC35E17B8ED919408B62
PID: 4980 (2712) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 1200 (1040) audiodg.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 7/13/2007 9:56:47 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://g.msn.com/0SEENPH/SAOS01?FORM=TOOLBR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://g.msn.com/0SEENPH/SAOS01?FORM=TOOLBR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://g.msn.com/0SEENPH/SAOS01?FORM=TOOLBR
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://us.rd.yahoo.com/customize/ie/...ch/search.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://en.ph.acer.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://en.ph.acer.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
--- Winsock Layered Service Provider list ---
Protocol 0: Parental Controls LSP over [MSAFD Tcpip [TCP/IP]]
GUID: {89DCB360-F485-47E9-9D19-3EFEB44A4504}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 1: Parental Controls LSP over [MSAFD Tcpip [UDP/IP]]
GUID: {61D7A199-3ED9-4817-B77A-C888BC3DAC5D}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 2: Parental Controls LSP over [MSAFD Tcpip [TCP/IPv6]]
GUID: {2A2BDAC5-D6A7-4104-AB06-8DE1E5CCA5F2}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 3: Parental Controls LSP over [MSAFD Tcpip [UDP/IPv6]]
GUID: {A9F3E014-38FB-4563-8E6C-913E29BA01EF}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 4: Parental Controls LSP over [RSVP TCPv6 Service Provider]
GUID: {7A6860C1-1FAE-4248-B3B6-CE51A38176D2}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 5: Parental Controls LSP over [RSVP TCP Service Provider]
GUID: {3B1A6250-38CB-404B-A0A3-03AC352DC7E2}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 6: Parental Controls LSP over [RSVP UDPv6 Service Provider]
GUID: {BF03E382-993E-47ED-A44E-8BE0F5559FF6}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 7: Parental Controls LSP over [RSVP UDP Service Provider]
GUID: {8002A382-4216-4FBF-B83D-843F629EB99F}
Filename: C:\Windows\system32\wpclsp.dll
Protocol 8: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 9: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 10: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 11: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 12: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 13: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 14: RSVP TCPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 15: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 16: RSVP UDPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 17: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 18: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5E10BF44-6F9F-417F-A66F-3F203670F9E8}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5E10BF44-6F9F-417F-A66F-3F203670F9E8}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4A94E04A-844B-4736-BBAA-67103F4CD588}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4A94E04A-844B-4736-BBAA-67103F4CD588}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6BCBB0AB-0127-40B2-B6E5-2F33DFE1451F}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6BCBB0AB-0127-40B2-B6E5-2F33DFE1451F}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5E10BF44-6F9F-417F-A66F-3F203670F9E8}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5E10BF44-6F9F-417F-A66F-3F203670F9E8}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4A94E04A-844B-4736-BBAA-67103F4CD588}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4A94E04A-844B-4736-BBAA-67103F4CD588}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{6BCBB0AB-0127-40B2-B6E5-2F33DFE1451F}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{6BCBB0AB-0127-40B2-B6E5-2F33DFE1451F}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: Parental Controls LSP
GUID: {572F18CF-62F6-4456-BE0E-AF2D8FDBCE0B}
Filename: C:\Windows\system32\wpclsp.dll
Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 2: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 3: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 4: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 5: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 6: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace
sorry for the long message. i cant post it in the attachment file due to required maximum 19 kilobytes files only. my file has 44kb thats why. sorry. thanks.
Hello mcvcgja20.
I don't see any Windows Updates or a Service Pack,Let's take a different look at the system./ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
Please see this topic: Sun Microsystems~Java. Security vunerability in older versions left on system
Then follow the procedure in this link:
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) and start your own thread in the Malware Removal Forum
A helper will advise you when available.
Last edited by tashi; 2007-07-13 at 17:54. Reason: added info
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016