hi,

I'm having trouble with what I think is a browser hijack problem. Whenever I type a search into Google and then click on one of the resulting links, my browser gets redirected through a site called wxx.yahabags.com
Also....
When i do a scan in spybot, it would reach about half way and then reboot my pc with no warning?? im not sure is this is anything to do with the above?

Please help, heres the report from spybot.


--- Search result list ---


--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP3: DirectX Hotfix - KB825116
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB867282
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Update for Windows XP (KB931836)

--- Startup entries list ---
Located: HK_LM:Run,
command:
file:

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: c3ac6adec9f76b3863964c6906486eb2

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 108160
MD5: 26a15d8d5c81a3b053e82b01a5d8208e

Located: HK_LM:Run, CARPService
command: carpserv.exe
file: C:\WINDOWS\system32\carpserv.exe
size: 4608
MD5: ea3be7f5cdef0fe4df1bf6dbfe7abde0

Located: HK_LM:Run, DSLAGENTEXE
command: C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
file: C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
size: 16384
MD5: cdddb1e73f2fc3332fa15c5b2c922f98

Located: HK_LM:Run, DSLSTATEXE
command: C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
file:

Located: HK_LM:Run, LogitechCameraService(E)
command: C:\WINDOWS\system32\ElkCtrl.exe /automation
file: C:\WINDOWS\system32\ElkCtrl.exe
size: 262144
MD5: 35cadfc53e7d7e4336e7c9c04d66c82b

Located: HK_LM:Run, LVCOMSX
command: C:\WINDOWS\system32\LVCOMSX.EXE
file: C:\WINDOWS\system32\LVCOMSX.EXE
size: 225280
MD5: d168ad316f07904f2d0dcf7204e8b5e0

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: fa7eb9aff3d726a6bf0494bee7e378f6

Located: HK_LM:Run, SoundService
command: rundll32.exe "C:\WINDOWS\system32\naosjyav.dll",setvm
file: C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
size: 36975
MD5: 70de314a16e5a486a0ef2425014685b2

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: b8e684df9a97497edd2f87444a6307fb

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, LDM
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 67128
MD5: 57bae27e8aefbff9ea3a327da9518b49

Located: HK_CU:Run, swg
command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

Located: Startup (common), Logitech Desktop Messenger.lnk
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 67128
MD5: 57bae27e8aefbff9ea3a327da9518b49

Located: Startup (disabled), Adobe Reader Speed Launch (DISABLED)
command: C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
file: C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (disabled), Broadband Desktop Help (DISABLED)
command: C:\PROGRA~1\BROADB~1\bin\matcli.exe -boot
file: C:\PROGRA~1\BROADB~1\bin\matcli.exe
size: 217088
MD5: 9a06c7514dbbaad6ea1197ea321b8149

Located: Startup (disabled), BT Broadband Basic Help (DISABLED)
command: C:\PROGRA~1\BTBROA~1\bin\matcli.exe -boot
file:

Located: Startup (disabled), Logitech Desktop Messenger (DISABLED)
command: C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start
file: C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe
size: 226832
MD5: d922a8b4305b03706438fc85b676b821

Located: Startup (disabled), Ulead Photo Express 4.0 SE Calendar Checker (DISABLED)
command: C:\PROGRA~1\ULEADS~1\ULEADP~1.0SE\CalCheck.exe
file:

Located: Startup (disabled), Adobe Gamma (DISABLED)
command: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
file: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a

Located: Startup (disabled), LimeWire On Startup (DISABLED)
command: C:\PROGRA~1\LimeWire\LimeWire.exe -startup
file: C:\PROGRA~1\LimeWire\LimeWire.exe
size: 81920
MD5: 97918093dd905f51b2985ea597160b9e

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, gebcaxu
command: gebcaxu.dll
file: gebcaxu.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, sstqp
command: C:\WINDOWS\system32\sstqp.dll
file: C:\WINDOWS\system32\sstqp.dll
size: 280676
MD5: beb087664ac91a8f29e69643e8a514fd

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, winzzc32
command: winzzc32.dll
file: winzzc32.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, xxyayxy
command: xxyayxy.dll
file: xxyayxy.dll



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 09/24/2005 04:12:08
Date (last access): 04/01/2007
Date (last write): 12/18/2006 04:16:42
Filesize: 59032
Attributes: archive
MD5: 4EA3A6CD9D20584FFAFDB1E47DBF0E20
CRC32: 7B0A854F
Version: 7.0.9.50

{0966B9CB-D29B-4CB6-9FA8-CCE607140D12} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: sstqp.dll
Short name:
Date (created): 03/21/2007 20:18:42
Date (last access): 04/01/2007
Date (last write): 03/21/2007 20:18:48
Filesize: 280676
Attributes: hidden sysfile
MD5: BEB087664AC91A8F29E69643E8A514FD
CRC32: BB57CEE5

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name: SDHELPER.DLL
Date (created): 03/22/2007 12:17:38
Date (last access): 04/01/2007
Date (last write): 05/31/2005 01:04:00
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0

{57E218E6-5A80-4f0c-AB25-83598F25D7E9} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: yxhyijur.dll
Short name:
Date (created): 03/27/2007 12:03:14
Date (last access): 04/01/2007
Date (last write): 03/27/2007 12:03:14
Filesize: 48708
Attributes: archive
MD5: AB3AA8B99B817A0644DFB8EE69F4BE0A
CRC32: 37B4A569

{5ED7D3DE-6DBE-4516-8712-436325722327} (ohb)
BHO name: ohb
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 07/07/2006 12:29:52
Date (last access): 04/01/2007
Date (last write): 07/07/2006 12:29:52
Filesize: 324416
Attributes: archive
MD5: 52A70C80A446FA3BBCDAF59A9AB26AF4
CRC32: B1456034
Version: 4.0.249.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 01/25/2007 20:41:50
Date (last access): 04/01/2007
Date (last write): 01/19/2007 23:55:32
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978

{BC8E162A-CEB2-4E92-9344-30CBA32DC0C6} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: wgjtdheh.dll
Short name:
Date (created): 04/01/2007 21:43:34
Date (last access): 04/01/2007
Date (last write): 04/01/2007 21:43:36
Filesize: 132116
Attributes: archive
MD5: 84B39A034D1E38D636824325F77B3478
CRC32: 64A1F50B

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live Toolbar\
Long name: msntb.dll
Short name:
Date (created): 10/10/2006 23:26:40
Date (last access): 04/01/2007
Date (last write): 10/10/2006 23:26:40
Filesize: 544032
Attributes: archive
MD5: D638AFC241FCC42D15886CD26A3F1461
CRC32: EC0AD183
Version: 3.1.0.72

{E44527F6-1296-4A84-B67D-A6CEA6ED4B69} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: gebcaxu.dll
Short name:
Date (created): 03/30/2007 17:15:02
Date (last access): 04/01/2007
Date (last write): 03/30/2007 17:15:02
Filesize: 26730
Attributes: archive
MD5: 91AAEA67166D4057D7112B913930814C
CRC32: 2AE77F7A

--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\dajava.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
description:
classification: Legitimate
known filename: msgrchkr.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 05/29/2003 15:00:18
Date (last access): 04/01/2007
Date (last write): 05/29/2003 15:00:18
Filesize: 77408
Attributes: archive
MD5: 42D567DF86B9B7AC4A89664C9651B68B
CRC32: 47FF3D19
Version: 7.1.9502.1

{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name: QTPLUGIN.OCX
Date (created): 09/24/2006 12:10:32
Date (last access): 04/01/2007
Date (last write): 12/10/2006 22:37:08
Filesize: 562760
Attributes: archive
MD5: AADAA7AE58BFB72CC5EBC7A8BC5AA95D
CRC32: 2055A4F6
Version: 7.1.5.58

{05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object)
DPF name:
CLSID name: StagingUI Object
Installer:
Codebase: http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
description:
classification: Legitimate
known filename: StagingUI.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: StagingUI.ocx
Short name: STAGIN~1.OCX
Date (created): 01/24/2007 21:24:24
Date (last access): 02/13/2007
Date (last write): 01/24/2007 21:24:24
Filesize: 397720
Attributes: archive
MD5: FF58F2E8ADD7A21AC10888189A2DA62E
CRC32: 118A20A8
Version: 9.5.5579.1

{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
description:
classification: Legitimate
known filename: MessengerStatsPAClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~2.DLL
Date (created): 04/06/2004 19:03:54
Date (last access): 04/01/2007
Date (last write): 04/06/2004 19:03:54
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name: SWDIR.DLL
Date (created): 03/13/2005 20:48:24
Date (last access): 04/01/2007
Date (last write): 09/09/2004 14:49:12
Filesize: 54488
Attributes: archive
MD5: 943193399C341AC34E842CB07B5F29A0
CRC32: 12DEB8F4
Version: 10.1.0.11

{2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object)
DPF name:
CLSID name: CMediaMix Object
Installer: C:\WINDOWS\Downloaded Program Files\Medialogic.INF
Codebase: http://musicmix.messenger.msn.com/Medialogic.CAB
Path: C:\WINDOWS\system32\
Long name: MediaLogic.dll
Short name: MEDIAL~1.DLL
Date (created): 12/20/2005 11:00:40
Date (last access): 03/13/2007
Date (last write): 12/20/2005 11:00:40
Filesize: 253128
Attributes: archive
MD5: 0F768B295C27FB1BD9B3376575DD730A
CRC32: D7266458
Version: 1.0.1514.0

{2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab50997.cab
description:
classification: Legitimate
known filename: minesweeper.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: minesweeper.dll
Short name: MINESW~1.DLL
Date (created): 05/29/2003 15:00:22
Date (last access): 04/01/2007
Date (last write): 05/29/2003 15:00:22
Filesize: 84064
Attributes: archive
MD5: F951FD0EA383DF2D49CA0359E4A86968
CRC32: 50A69718
Version: 7.1.9502.1

{3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite)
DPF name:
CLSID name: MSN Games – Buddy Invite
Installer:
Codebase: http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
description:
classification: Legitimate
known filename: ZBuddy.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZBuddy.ocx
Short name: ZBUDDY.OCX
Date (created): 01/24/2007 21:24:24
Date (last access): 02/13/2007
Date (last write): 01/24/2007 21:24:24
Filesize: 232352
Attributes: archive
MD5: 560B653EF510810B4CEF62827E8C095F
CRC32: 13E185C2
Version: 9.5.5579.1

{3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA} (GUpdate Class)
DPF name:
CLSID name: GUpdate Class
Installer: C:\WINDOWS\Downloaded Program Files\GUpdate.inf
Codebase: http://ps.itv.mop.com/update/update/GUpdate-1.0.0.10-signed.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: gupdate.dll
Short name:
Date (created): 10/17/2006 16:46:22
Date (last access): 04/01/2007
Date (last write): 10/17/2006 16:46:22
Filesize: 274432
Attributes: archive
MD5: DBF062A1C4D99D383DCFBEA4F915ADCD
CRC32: 05CEE175
Version: 1.0.0.10

{5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object)
DPF name:
CLSID name: ZonePAChat Object
Installer:
Codebase: http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
description:
classification: Legitimate
known filename: ZPAChat.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZPAChat.ocx
Short name: ZPACHAT.OCX
Date (created): 01/24/2007 21:24:28
Date (last access): 02/13/2007
Date (last write): 01/24/2007 21:24:28
Filesize: 509848
Attributes: archive
MD5: A91F756CE0A17EB8EACE27A9086E215A
CRC32: 96795A06
Version: 9.5.5579.1

{5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
DPF name:
CLSID name: UnoCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF
Codebase: http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GAME_UNO1.dll
Short name: GAME_U~1.DLL
Date (created): 11/22/2006 23:22:42
Date (last access): 04/01/2007
Date (last write): 11/22/2006 23:22:42
Filesize: 372736
Attributes: archive
MD5: 491C8F47C0DCFBC1B1329B9B368AA78F
CRC32: 5BFD37C9
Version: 1.0.1123.1

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149895087859
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 05/26/2005 04:19:32
Date (last access): 03/13/2007
Date (last write): 05/26/2005 04:19:32
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_02
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_02\bin\
Long name: NPJPI150_02.dll
Short name: NPJPI1~1.DLL
Date (created): 03/04/2005 03:36:50
Date (last access): 03/27/2007
Date (last write): 03/04/2005 03:54:18
Filesize: 69746
Attributes: archive
MD5: 6C9A4C573C0C771D99D902EE06DA3CBB
CRC32: 55F989EE
Version: 5.0.20.9

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
description:
classification: Legitimate
known filename: messengerstatsclient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 05/29/2003 15:00:20
Date (last access): 04/01/2007
Date (last write): 05/29/2003 15:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1

{9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class)
DPF name:
CLSID name: PhotoPickConvert Class
Installer: C:\WINDOWS\Downloaded Program Files\PhtPkMSN.inf
Codebase: http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
description:
classification: Legitimate
known filename: PhtPkMSN.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: PhtPkMSN.dll
Short name: PHTPKMSN.DLL
Date (created): 04/12/2005 14:58:46
Date (last access): 04/01/2007
Date (last write): 04/12/2005 14:58:46
Filesize: 77824
Attributes: archive
MD5: 96D1957C46D090566C8243CC6A4D00AF
CRC32: 27BD22B7
Version: 10.0.910.0

{B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer)
DPF name:
CLSID name: MSN Games - Installer
Installer:
Codebase: http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab55579.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name: ZINTRO.OCX
Date (created): 07/18/2006 14:35:06
Date (last access): 02/13/2007
Date (last write): 01/24/2007 17:39:48
Filesize: 149544
Attributes: archive
MD5: AA9F01AD8F571FAF01C52081943E7FCF
CRC32: 19359EEF
Version: 9.5.5579.1

{BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: http://www.systemrequirementslab.com/sysreqlab.cab
description:
classification: Open for discussion
known filename: sysreqlab.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab.dll
Short name: SYSREQ~1.DLL
Date (created): 12/15/2006 08:46:58
Date (last access): 04/01/2007
Date (last write): 12/15/2006 08:46:58
Filesize: 394800
Attributes: archive
MD5: 1090F4E459E82A7D913550C1389B1417
CRC32: C1926AC6
Version: 2.20.0.0

{C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 02/22/2007 23:41:12
Date (last access): 03/10/2007
Date (last write): 02/22/2007 23:41:12
Filesize: 304544
Attributes: archive
MD5: 8945CCA5FC4F25168E8B6F401EFAF51F
CRC32: 0F12FD23
Version: 9.5.6907.1

{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_02
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_02.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_02\bin\
Long name: NPJPI150_02.dll
Short name: NPJPI1~1.DLL
Date (created): 03/04/2005 03:36:50
Date (last access): 04/01/2007
Date (last write): 03/04/2005 03:54:18
Filesize: 69746
Attributes: archive
MD5: 6C9A4C573C0C771D99D902EE06DA3CBB
CRC32: 55F989EE
Version: 5.0.20.9

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9b.ocx
Short name: FLASH9B.OCX
Date (created): 11/09/2006 14:46:28
Date (last access): 04/01/2007
Date (last write): 11/09/2006 14:46:28
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0

{DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator)
DPF name:
CLSID name: MSN Games – Game Communicator
Installer:
Codebase: http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
description:
classification: Legitimate
known filename: StProxy.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: StProxy.dll
Short name: STPROXY.DLL
Date (created): 01/24/2007 21:24:24
Date (last access): 04/01/2007
Date (last write): 01/24/2007 21:24:24
Filesize: 299432
Attributes: archive
MD5: C68867D8C7C098AA75A40D6BB1706BE4
CRC32: D775327E
Version: 9.5.5579.1

{F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class)
DPF name:
CLSID name: Solitaire Showdown Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
description:
classification: Legitimate
known filename: solitaireshowdown.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: solitaireshowdown.dll
Short name: SOLITA~1.DLL
Date (created): 05/29/2003 15:00:20
Date (last access): 04/01/2007
Date (last write): 05/29/2003 15:00:20
Filesize: 86112
Attributes: archive
MD5: 6E0E81210B17C225AD8DBB86F0C41E32
CRC32: 1C944476
Version: 7.1.9502.1

{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class)
DPF name:
CLSID name: pCastPanel Class
Installer: C:\WINDOWS\Downloaded Program Files\pCastctl.inf
Codebase: http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.94_signed.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: pCastCtl.dll
Short name: PCASTCTL.DLL
Date (created): 07/27/2006 16:16:22
Date (last access): 04/01/2007
Date (last write): 11/29/2006 10:52:08
Filesize: 1085440
Attributes: archive
MD5: FFDFCEA5A2B23B018881B2EF74BAD87E
CRC32: 612FC25F
Version: 1.0.0.94

--- Process list ---
PID: 0 ( 0) [System]
PID: 420 ( 4) \SystemRoot\System32\smss.exe
PID: 484 ( 420) \??\C:\WINDOWS\system32\csrss.exe
PID: 508 ( 420) \??\C:\WINDOWS\SYSTEM32\winlogon.exe
PID: 552 ( 508) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 568 ( 508) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 716 ( 552) C:\WINDOWS\system32\Ati2evxx.exe
size: 364544
MD5: 040C487C63FEF0DE230539B5D5CE0641
PID: 732 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 792 ( 552) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 832 ( 552) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 892 ( 552) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 916 ( 552) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1068 ( 552) C:\WINDOWS\system32\LEXBCES.EXE
size: 303104
MD5: 027D03D9D8AB95194A115A999E960AC0
PID: 1132 ( 552) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1140 (1068) C:\WINDOWS\system32\LEXPPS.EXE
size: 174592
MD5: 8D836E60877ED79C409712B9BE2DFC3B
PID: 1184 ( 552) c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
size: 81920
MD5: 493B1D854F98D611CCA249014C6E631A
PID: 1324 ( 552) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 59008
MD5: DC995DA2D258C0590C3AE07EC68BFEE6
PID: 1352 ( 552) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 132736
MD5: 8E33DA0415023EA7A9378AFA04D9BF4D
PID: 1408 ( 552) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 1452 ( 552) C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
size: 32768
MD5: 6F5049BD2E0944F20305F09D80BE272A
PID: 1528 ( 552) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1876 ( 552) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 255616
MD5: AA6691D73782FA5D94E0CED6D27C3DE8
PID: 1904 ( 552) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 1648 ( 508) C:\WINDOWS\SYSTEM32\Ati2evxx.exe
size: 364544
MD5: 040C487C63FEF0DE230539B5D5CE0641
PID: 2092 ( 556) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 2388 (2092) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: C3AC6ADEC9F76B3863964C6906486EB2
PID: 2404 (2092) C:\WINDOWS\system32\carpserv.exe
size: 4608
MD5: EA3BE7F5CDEF0FE4DF1BF6DBFE7ABDE0
PID: 2420 (2092) C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
size: 36975
MD5: 70DE314A16E5A486A0EF2425014685B2
PID: 2432 (2092) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: B8E684DF9A97497EDD2F87444A6307FB
PID: 2472 (2092) C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
size: 1658965
MD5: 642D1794FD0A1A15660A129303BDE42D
PID: 2492 (2092) C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
size: 16384
MD5: CDDDB1E73F2FC3332FA15C5B2C922F98
PID: 2524 (2092) C:\WINDOWS\system32\ElkCtrl.exe
size: 262144
MD5: 35CADFC53E7D7E4336E7C9C04D66C82B
PID: 2540 (2092) C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: FA7EB9AFF3D726A6BF0494BEE7E378F6
PID: 2552 (2092) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 108160
MD5: 26A15D8D5C81A3B053E82B01A5D8208E
PID: 2572 (2092) C:\WINDOWS\system32\LVCOMSX.EXE
size: 225280
MD5: D168AD316F07904F2D0DCF7204E8B5E0
PID: 2684 (2092) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 2708 (2092) C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A
PID: 2840 (2092) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 67128
MD5: 57BAE27E8AEFBFF9EA3A327DA9518B49
PID: 3216 (2092) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5354792
MD5: C1EE2387EDE907599EE3A6DE9493F672
PID: 940 (2092) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 264 (2092) C:\Program Files\Internet Explorer\iexplore.exe
size: 623616
MD5: 93A6A4F5293AE19E3B37021AABCF0902
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 04/01/2007 21:58:26

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.co.uk/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09D80008-3D67-43A2-9864-7BF781ABEF3D}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09D80008-3D67-43A2-9864-7BF781ABEF3D}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F531901-C8AB-41CE-A34B-9897745CA003}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F531901-C8AB-41CE-A34B-9897745CA003}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C23D1F70-FDE8-4EA0-965E-A4583D1B01FC}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C23D1F70-FDE8-4EA0-965E-A4583D1B01FC}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7BAB9BF-7D28-4B53-8DCA-9AFDE70007CD}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7BAB9BF-7D28-4B53-8DCA-9AFDE70007CD}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00A389F8-39EF-4A12-B138-823632605D60}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00A389F8-39EF-4A12-B138-823632605D60}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EDDBC8F6-AB1E-4FE7-A39C-70B05FBFE108}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EDDBC8F6-AB1E-4FE7-A39C-70B05FBFE108}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BA3B02E-E64B-440F-895C-A696251976C2}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BA3B02E-E64B-440F-895C-A696251976C2}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{693F0122-68FA-4FEA-9550-695C9F550B67}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{693F0122-68FA-4FEA-9550-695C9F550B67}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{45DD5281-4289-416E-89ED-6DF1FACC3DBE}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{45DD5281-4289-416E-89ED-6DF1FACC3DBE}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD62EF71-53A3-42B9-8543-8231FBF95973}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD62EF71-53A3-42B9-8543-8231FBF95973}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{23ADAC04-9BCA-428E-8D9F-2D7BA7422A18}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{23ADAC04-9BCA-428E-8D9F-2D7BA7422A18}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8B880502-7C9F-4B23-9907-D6BC3954C33D}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8B880502-7C9F-4B23-9907-D6BC3954C33D}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8B69677-46A6-401E-82A7-FA2C5B5D4F54}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8B69677-46A6-401E-82A7-FA2C5B5D4F54}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDDD3B19-2A0A-4684-803C-2264471AF039}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDDD3B19-2A0A-4684-803C-2264471AF039}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip_{90999EF5-DA9B-434B-B8BB-3225D7634EB6}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip_{90999EF5-DA9B-434B-B8BB-3225D7634EB6}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B8592BF-7B7B-4B0D-A9E4-FD40B48A8C69}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B8592BF-7B7B-4B0D-A9E4-FD40B48A8C69}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7961C3C3-6ACC-4A10-8135-C52CA642A243}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7961C3C3-6ACC-4A10-8135-C52CA642A243}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace


----------------END--------------

Hello.

If you still need assistance: "BEFORE you POST" -Preliminary Steps (http://forums.spybot.info/showthread.php?t=288)

That is the procedure for this particular forum. ;) Questions regarding Spybot-S&D: http://forums.spybot.info/forumdisplay.php?f=4

This topic has been archived.

If you need it re-opened please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.