Results 1 to 10 of 34

Thread: Delta.Toolbar and Win32.BitGuard

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2013-11-28, 23:40 #1
    multichild
    multichild is offline
    Junior Member
    Join Date
    Nov 2013
    Posts
    21

    Default Delta.Toolbar and Win32.BitGuard

    Hi all,

    First time on here, so hello to all.

    Am having trouble with my daughters laptop and have tried removing a few problems using Spbot Search & Destroy, and SUPERAntiSpyware and also running Microsft Security Essentials.

    In Spybot two things cant be removed and they are a part of Delta.Toolbar and Win32.BitGuard - This is what I can see.

    [SBI $ACF354C8] Program Directory C:\ProgramData\BrowserProtect\

    [SBI $93F166B5] Program directory C:\ProgramData\BitGuard\

    Then inside Quarantine in Microsoft Security Essentials I have 2 which again I cant remove

    Exploit:Java/CVE-2013-2423
    Exploit:Java/CVE-2013-0431

    Now Im not sure what else is on there, but we are having problems with the laptop and not sure what more to do.

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2
    Run by Aimee at 19:58:47 on 2013-11-28
    Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.1011.96 [GMT 0:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\Aimee\AppData\Local\Torch\Update\TorchCrashHandler.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uProxyOverride = <-loopback>
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [Facebook Update] "c:\users\aimee\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
    StartupFolder: c:\users\aimee\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    TCP: NameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9} : DHCPNameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9}\244564F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9}\244584F6D656845726D283738363 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9}\2445F40756E6A7F6E656D284 : DHCPNameServer = 192.168.22.22 192.168.22.23
    TCP: Interfaces\{609B9C73-9EBB-447B-82B3-D06CC1404EA9}\35B4950303638323 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{E964786B-4288-4F98-9A5E-0A7F3BE2CA5C} : DHCPNameServer = 172.20.10.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs= c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll
    SSODL: WebCheck - <orphaned>
    IFEO: bitguard.exe - tasklist.exe
    IFEO: bprotect.exe - tasklist.exe
    IFEO: browsemngr.exe - tasklist.exe
    IFEO: browserdefender.exe - tasklist.exe
    IFEO: browsermngr.exe - tasklist.exe
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-10 120088]
    R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2011-3-13 138400]
    R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-3-13 68768]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 104768]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-12-4 1153368]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-3-13 34976]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-3-13 259232]
    R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-3-13 24736]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-3-13 175776]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-3-13 49312]
    R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-3-13 141088]
    R3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-3-13 242336]
    R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys [2011-10-3 169472]
    R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys [2011-10-3 49664]
    R3 igddim32;igddim32;c:\windows\system32\drivers\igddim32.sys [2012-6-18 1336320]
    R3 igdkmd32;igdkmd32;c:\windows\system32\drivers\igdkmd32.sys [2012-6-18 417280]
    R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-6-18 278528]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-6-18 414824]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-7-25 162672]
    S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [2006-10-13 10288]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-11-28 108032]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTSUSTOR.SYS [2012-6-18 197224]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
    S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
    .
    =============== Created Last 30 ================
    .
    2013-11-28 18:10:50 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f9a882a7-13d5-406a-9bba-e96d8570099c}\mpengine.dll
    2013-11-28 16:56:00 7772552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-11-24 23:28:57 -------- d-----w- c:\programdata\Datamngr
    2013-11-24 21:22:36 -------- d-----w- c:\users\aimee\appdata\roaming\SUPERAntiSpyware.com
    2013-11-24 21:21:57 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2013-11-24 21:21:57 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-11-15 21:27:01 -------- d-----w- c:\programdata\BrowserProtect
    2013-11-15 21:27:01 -------- d-----w- c:\programdata\BitGuard
    2013-11-15 20:56:31 -------- d-----w- c:\programdata\TorchCrashHandler
    2013-11-15 20:55:38 152848 ----a-w- c:\windows\system32\COMDLG32.OCX
    2013-11-15 20:55:38 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
    2013-11-15 20:55:38 119568 ----a-w- c:\windows\system32\VB6FR.DLL
    2013-11-15 20:55:38 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
    2013-11-15 20:55:37 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
    2013-11-15 20:55:37 -------- d-----w- c:\users\aimee\appdata\roaming\TFP
    2013-11-15 20:52:51 -------- d-----w- c:\users\aimee\appdata\local\Torch
    2013-11-15 20:40:06 -------- d-----w- c:\programdata\Wincert
    2013-11-15 20:37:38 -------- d-----w- c:\program files\Movies Toolbar
    2013-11-14 08:47:24 247808 ----a-w- c:\windows\system32\schannel.dll
    2013-11-14 08:47:23 369848 ----a-w- c:\windows\system32\drivers\cng.sys
    2013-11-14 08:47:23 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2013-11-14 08:47:22 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2013-11-14 08:47:22 1038848 ----a-w- c:\windows\system32\lsasrv.dll
    2013-11-14 08:47:21 99840 ----a-w- c:\windows\system32\sspicli.dll
    2013-11-14 08:47:21 220160 ----a-w- c:\windows\system32\ncrypt.dll
    2013-11-14 08:47:21 22016 ----a-w- c:\windows\system32\lsass.exe
    2013-11-14 08:47:20 22016 ----a-w- c:\windows\system32\secur32.dll
    2013-11-14 08:47:20 15872 ----a-w- c:\windows\system32\sspisrv.dll
    2013-11-14 08:46:50 1796096 ----a-w- c:\windows\system32\authui.dll
    2013-11-14 08:46:48 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
    2013-11-14 08:46:47 168960 ----a-w- c:\windows\system32\credui.dll
    2013-11-14 08:46:12 305152 ----a-w- c:\windows\system32\gdi32.dll
    2013-11-14 08:45:04 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
    2013-11-14 08:45:03 656896 ----a-w- c:\windows\system32\nshwfp.dll
    2013-11-14 08:45:03 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
    2013-11-14 08:44:56 1168384 ----a-w- c:\windows\system32\crypt32.dll
    2013-11-07 09:29:40 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{03e81ad5-a2fc-49ec-9687-06372ff93a93}\gapaengine.dll
    .
    ==================== Find3M ====================
    .
    2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
    2013-09-27 09:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
    2013-09-27 09:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2013-09-14 00:48:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys
    2013-09-08 02:07:12 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-09-08 02:03:58 231424 ----a-w- c:\windows\system32\mswsock.dll
    2013-09-04 01:15:32 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
    2013-09-04 01:14:52 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2013-09-04 01:14:52 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
    2013-09-04 01:14:45 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
    2013-09-04 01:14:45 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
    2013-09-04 01:14:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
    2013-09-04 01:14:40 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
    .
    ============= FINISH: 20:01:29.46 ===============


    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-11-28 20:17:34
    -----------------------------
    20:17:34.202 OS Version: Windows 6.1.7601 Service Pack 1
    20:17:34.202 Number of processors: 4 586 0x3601
    20:17:34.202 ComputerName: AIMEE-PC UserName: Aimee
    20:17:42.455 Initialize success
    20:28:41.552 AVAST engine defs: 13112801
    20:30:02.766 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
    20:30:02.782 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 238475MB BusType: 3
    20:30:02.969 Disk 0 MBR read successfully
    20:30:02.985 Disk 0 MBR scan
    20:30:03.343 Disk 0 Windows 7 default MBR code
    20:30:03.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    20:30:03.546 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
    20:30:03.702 Disk 0 scanning sectors +488394752
    20:30:04.045 Disk 0 scanning C:\Windows\system32\drivers
    20:30:43.747 Service scanning
    20:31:18.223 Service MpKsl4b59ac68 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9A882A7-13D5-406A-9BBA-E96D8570099C}\MpKsl4b59ac68.sys **LOCKED** 32
    20:31:59.362 Modules scanning
    20:32:19.158 Disk 0 trace - called modules:
    20:32:19.704 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
    20:32:19.735 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85bcca48]
    20:32:19.751 3 CLASSPNP.SYS[86dae59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8408f028]
    20:32:28.659 AVAST engine scan C:\Windows
    20:32:35.133 AVAST engine scan C:\Windows\system32
    20:40:30.980 AVAST engine scan C:\Windows\system32\drivers
    20:41:29.060 AVAST engine scan C:\Users\Aimee
    20:54:53.726 Disk 0 MBR has been saved successfull y to "C:\Users\Aimee\Desktop\MBR.dat"
    20:54:54.209 The log file has been saved successfully to "C:\Users\Aimee\Desktop\aswMBR.txt"


    --- Search result list ---
    Delta.Toolbar: [SBI $20319BF7] User settings (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-3808433556-406660851-2857496050-1000\Software\DataMngr

    Delta.Toolbar: [SBI $15E43F9C] Settings (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr

    Delta.Toolbar: [SBI $ACF354C8] Program directory (Directory, nothing done)
    C:\ProgramData\BrowserProtect\

    Win32.BitGuard: [SBI $93F166B5] Program directory (Directory, nothing done)
    C:\ProgramData\BitGuard\


    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2012-12-04 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2013-11-06 Includes\Adware.sbi (*)
    2013-11-26 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2013-04-11 Includes\DialerC.sbi (*)
    2013-04-11 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2013-04-11 Includes\HijackersC.sbi (*)
    2013-10-16 Includes\iPhone.sbi (*)
    2013-06-25 Includes\Keyloggers.sbi (*)
    2013-10-30 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2013-05-29 Includes\Malware.sbi (*)
    2013-11-19 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-11-26 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2013-10-30 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2013-09-17 Includes\Spyware.sbi (*)
    2013-08-06 Includes\SpywareC.sbi (*)
    2012-11-19 Includes\Tracks.uti
    2013-01-16 Includes\Trojans.sbi (*)
    2013-11-05 Includes\TrojansC-02.sbi (*)
    2013-11-26 Includes\TrojansC-03.sbi (*)
    2013-10-22 Includes\TrojansC-04.sbi (*)
    2013-06-13 Includes\TrojansC-05.sbi (*)
    2013-04-19 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll



    --- System information ---
    Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)


    --- Startup entries list ---
    Located: HK_LM:Run, Adobe ARM
    command: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    file: C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    size: 958576
    MD5: 48BE298F7FD1BEF4D8FBACB04D8D95C4

    Located: HK_LM:Run, APSDaemon
    command: "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    file: C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    size: 59720
    MD5: 61E4289E91E88C90478D7F4BEB10DCF7

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files\iTunes\iTunesHelper.exe"
    file: C:\Program Files\iTunes\iTunesHelper.exe
    size: 152392
    MD5: A9F9D081518AC03A51C1195986076F42

    Located: HK_LM:Run, MSC
    command: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    file: c:\Program Files\Microsoft Security Client\msseces.exe
    size: 948440
    MD5: 03396637E1E1B4E333D00AED86178918

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    file: C:\Program Files\Common Files\Java\Java Update\jusched.exe
    size: 253816
    MD5: D63797E8E7781EE1500A810CB6194FA6

    Located: HK_CU:Run, SearchProtect
    where: .DEFAULT...
    command: \SearchProtect\bin\cltmng.exe
    file: \SearchProtect\bin\cltmng.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_CU:Run, Sidebar
    where: S-1-5-19...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1174016
    MD5: DCCA4B04AF87E52EF9EAA2190E06CBAC

    Located: HK_CU:RunOnce, mctadmin
    where: S-1-5-19...
    command: C:\Windows\System32\mctadmin.exe
    file: C:\Windows\System32\mctadmin.exe
    size: 93696
    MD5: BBA1A5B86134F496B926DDAF247DB871

    Located: HK_CU:Run, Sidebar
    where: S-1-5-20...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1174016
    MD5: DCCA4B04AF87E52EF9EAA2190E06CBAC

    Located: HK_CU:RunOnce, mctadmin
    where: S-1-5-20...
    command: C:\Windows\System32\mctadmin.exe
    file: C:\Windows\System32\mctadmin.exe
    size: 93696
    MD5: BBA1A5B86134F496B926DDAF247DB871

    Located: HK_CU:Run, Facebook Update
    where: S-1-5-21-3808433556-406660851-2857496050-1000...
    command: "C:\Users\Aimee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    file: C:\Users\Aimee\AppData\Local\Facebook\Update\FacebookUpdate.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_CU:Run, SUPERAntiSpyware
    where: S-1-5-21-3808433556-406660851-2857496050-1000...
    command: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    file: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    size: 5717272
    MD5: BC121F6E4432CBB79129201C191674AD

    Located: HK_CU:Run, SearchProtect
    where: S-1-5-18...
    command: \SearchProtect\bin\cltmng.exe
    file: \SearchProtect\bin\cltmng.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: Startup (user), ERUNT AutoBackup.lnk
    where: C:\Users\Aimee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup...
    command: C:\Program Files\ERUNT\AUTOBACK.EXE
    file: C:\Program Files\ERUNT\AUTOBACK.EXE
    size: 38912
    MD5: E00DE20F0F6BED5CD2160247DDC9443B

    Located: WinLogon, igfxcui
    command: igfxdev.dll
    file: igfxdev.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!



    --- Browser helper object list ---
    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDHelper.dll
    info link: http://www.safer-networking.org/
    info source: Safer-Networking Ltd.
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 04/12/2012 18:23:46
    Date (last access): 04/12/2012 18:23:46
    Date (last write): 26/01/2009 15:31:02
    Filesize: 1879896
    Attributes: archive
    MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
    CRC32: 5BA24007
    Version: 1.6.2.14

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Java(tm) Plug-In SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In SSV Helper
    Path: C:\Program Files\Java\jre7\bin\
    Long name: ssv.dll
    Short name:
    Date (created): 14/07/2013 21:33:22
    Date (last access): 14/07/2013 21:33:22
    Date (last write): 14/07/2013 21:33:22
    Filesize: 463272
    Attributes: archive
    MD5: 155915C088F11EEB9B342F4134F11C7E
    CRC32: 1A627FD9
    Version: 10.25.2.17

    {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} (IESpeakDoc)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: IESpeakDoc
    CLSID name: CIESpeechBHO Class
    Path: C:\Program Files\Bluetooth Suite\
    Long name: IEPlugIn.dll
    Short name:
    Date (created): 13/03/2011 09:58:06
    Date (last access): 18/06/2012 18:02:14
    Date (last write): 13/03/2011 09:58:06
    Filesize: 60576
    Attributes: archive
    MD5: 9E33A81ABB2A058AC25C6907D260C932
    CRC32: 84C66DF1
    Version: 7.2.0.65

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll
    info link: http://toolbar.google.com/
    info source: TonyKlein
    Path: C:\Program Files\Google\Google Toolbar\
    Long name: GoogleToolbar_32.dll
    Short name: GOOGLE~1.DLL
    Date (created): 18/06/2012 19:29:52
    Date (last access): 18/06/2012 19:29:52
    Date (last write): 10/10/2013 07:32:52
    Filesize: 194640
    Attributes: archive
    MD5: 6028E7AAC8630C27564D6164A589AB91
    CRC32: 5841059E
    Version: 7.5.4601.54

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files\Java\jre7\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 14/07/2013 21:33:18
    Date (last access): 14/07/2013 21:33:18
    Date (last write): 14/07/2013 21:33:18
    Filesize: 171944
    Attributes: archive
    MD5: 5B1E711B7F870B355B1BCD8874037EEF
    CRC32: 5776D394
    Version: 10.25.2.17



    --- ActiveX list ---
    {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control)
    DPF name:
    CLSID name: Microsoft Office Template and Media Control
    Installer: C:\Windows\Downloaded Program Files\ieawsdc.inf
    Codebase: http://office.microsoft.com/_layouts.../ieawsdc32.cab
    description:
    classification: Legitimate
    known filename: IEAWSDC.DLL
    info link:
    info source: Safer Networking Ltd.
    Path: C:\PROGRA~1\MICROS~3\OFFICE11\
    Long name: IEAWSDC.DLL
    Short name:
    Date (created): 26/08/2012 15:16:26
    Date (last access): 26/08/2012 15:16:26
    Date (last write): 26/08/2012 15:16:26
    Filesize: 196208
    Attributes: archive
    MD5: 1D4F4F0321DFE3427C34545A572D77AA
    CRC32: 6A9C51D3
    Version: 15.0.4420.0



    --- Process list ---
    PID: 2020 ( 584) C:\Windows\system32\taskhost.exe
    size: 49152
    MD5: 72E953215CADE1A726C04AAFDF6B463D
    PID: 2036 (1136) C:\Windows\system32\Dwm.exe
    size: 92672
    MD5: 505BF4D1CADEB8D4F8BCD08D944DE25D
    PID: 476 (2004) C:\Windows\Explorer.EXE
    size: 2616320
    MD5: 8B88EBBB05A0E56B7DCC708498C02B3E
    PID: 2184 ( 476) C:\Program Files\Microsoft Security Client\msseces.exe
    size: 948440
    MD5: 03396637E1E1B4E333D00AED86178918
    PID: 2280 ( 476) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    size: 253816
    MD5: D63797E8E7781EE1500A810CB6194FA6
    PID: 2344 ( 476) C:\Program Files\iTunes\iTunesHelper.exe
    size: 152392
    MD5: A9F9D081518AC03A51C1195986076F42
    PID: 2464 ( 476) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    size: 5717272
    MD5: BC121F6E4432CBB79129201C191674AD
    PID: 3404 (1856) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 5365592
    MD5: 0477C2F9171599CA5BC3307FDFBA8D89
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 320 ( 4) smss.exe
    size: 69632
    PID: 456 ( 392) csrss.exe
    size: 6144
    PID: 520 ( 392) wininit.exe
    size: 96256
    PID: 528 ( 512) csrss.exe
    size: 6144
    PID: 584 ( 520) services.exe
    size: 259072
    PID: 616 ( 512) winlogon.exe
    size: 286720
    PID: 624 ( 520) lsass.exe
    size: 22016
    PID: 636 ( 520) lsm.exe
    size: 267776
    PID: 816 ( 584) svchost.exe
    size: 20992
    PID: 904 ( 584) svchost.exe
    size: 20992
    PID: 984 ( 584) MsMpEng.exe
    PID: 1096 ( 584) svchost.exe
    size: 20992
    PID: 1136 ( 584) svchost.exe
    size: 20992
    PID: 1184 ( 584) svchost.exe
    size: 20992
    PID: 1232 ( 584) svchost.exe
    size: 20992
    PID: 1432 ( 584) svchost.exe
    size: 20992
    PID: 1608 ( 584) spoolsv.exe
    size: 317440
    PID: 1656 ( 584) svchost.exe
    size: 20992
    PID: 1800 ( 584) SASCore.exe
    PID: 1900 ( 584) armsvc.exe
    PID: 1992 ( 584) AppleMobileDeviceService.exe
    PID: 668 ( 584) Ath_CoexAgent.exe
    PID: 840 ( 584) AdminService.exe
    PID: 1148 ( 584) mDNSResponder.exe
    PID: 128 ( 584) svchost.exe
    size: 20992
    PID: 336 ( 584) TorchCrashHandler.exe
    PID: 2116 ( 584) SDWinSec.exe
    size: 1153368
    MD5: 794D4B48DFB6E999537C7C3947863463
    PID: 2752 ( 584) svchost.exe
    size: 20992
    PID: 3064 ( 584) NisSrv.exe
    PID: 3152 ( 584) iPodService.exe
    PID: 3352 ( 584) SearchIndexer.exe
    size: 427520


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 28/11/2013 22:18:50

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.google.com/
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.msn.com/?ocid=OIE9MSE&PC=UP09
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\System32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://go.microsoft.com/fwlink/p/?LinkId=255141
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://go.microsoft.com/fwlink/p/?LinkId=255141
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://go.microsoft.com/fwlink/?LinkId=54896


    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 3: MSAFD Tcpip [TCP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 4: MSAFD Tcpip [UDP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 5: MSAFD Tcpip [RAW/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 6: RSVP TCPv6 Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 7: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 8: RSVP UDPv6 Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 9: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 10: MSAFD RfComm [Bluetooth]
    GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Bluetooth
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD RfComm [Bluetooth]

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E964786B-4288-4F98-9A5E-0A7F3BE2CA5C}] SEQPACKET 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E964786B-4288-4F98-9A5E-0A7F3BE2CA5C}] DATAGRAM 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F896A17F-8756-4BF9-A9C3-C11708DC725C}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F896A17F-8756-4BF9-A9C3-C11708DC725C}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C23C8B41-BCB4-4291-9B31-CD61930568E1}] SEQPACKET 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C23C8B41-BCB4-4291-9B31-CD61930568E1}] DATAGRAM 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{609B9C73-9EBB-447B-82B3-D06CC1404EA9}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{609B9C73-9EBB-447B-82B3-D06CC1404EA9}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB6504AB-798C-4F3A-B7AB-A7C17A3592C3}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB6504AB-798C-4F3A-B7AB-A7C17A3592C3}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DD09BE04-AE74-412D-ABEF-39FAC83BD85C}] SEQPACKET 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DD09BE04-AE74-412D-ABEF-39FAC83BD85C}] DATAGRAM 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F0B3DDA5-6E3A-432F-9576-C1552045FC78}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F0B3DDA5-6E3A-432F-9576-C1552045FC78}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB06D334-7501-4540-A560-5471F5EA9013}] SEQPACKET 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB06D334-7501-4540-A560-5471F5EA9013}] DATAGRAM 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DB33FC2D-C102-45A0-A397-045D9229AD62}] SEQPACKET 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{DB33FC2D-C102-45A0-A397-045D9229AD62}] DATAGRAM 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{E964786B-4288-4F98-9A5E-0A7F3BE2CA5C}] SEQPACKET 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{E964786B-4288-4F98-9A5E-0A7F3BE2CA5C}] DATAGRAM 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F896A17F-8756-4BF9-A9C3-C11708DC725C}] SEQPACKET 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F896A17F-8756-4BF9-A9C3-C11708DC725C}] DATAGRAM 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{587A2D5B-6FE4-48F2-947A-F11095C15989}] SEQPACKET 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{587A2D5B-6FE4-48F2-947A-F11095C15989}] DATAGRAM 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C23C8B41-BCB4-4291-9B31-CD61930568E1}] SEQPACKET 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C23C8B41-BCB4-4291-9B31-CD61930568E1}] DATAGRAM 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{609B9C73-9EBB-447B-82B3-D06CC1404EA9}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{609B9C73-9EBB-447B-82B3-D06CC1404EA9}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AB6504AB-798C-4F3A-B7AB-A7C17A3592C3}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AB6504AB-798C-4F3A-B7AB-A7C17A3592C3}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename:
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace

    Namespace Provider 1: E-mail Naming Shim Provider
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: PNRP Cloud Namespace Provider
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: PNRP Name Namespace Provider
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 4: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename:
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 5: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

    Namespace Provider 6: Bluetooth Namespace
    GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
    Filename: %SystemRoot%\system32\wshbth.dll
    Description: Bluetooth
    DB filename: %SystemRoot%\system32\wshbth.dll
    DB protocol: Bluetooth-Namespace

    Namespace Provider 7: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll
    Description: Apple Rendezvous protocol
    DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
    DB protocol: mdnsNSP

    sorry here is the attachment
    Attached Files Attached Files
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules