sunita
2013-02-17, 15:49
untill now my usb modem was working fine.
the day i entered a usb drive of my cousin's into the computer, i am facing a problem because of a Viewdrive 1.0.0.0 virus that has made some mal-settings all over my computer.
1. the usb drive shows as a cd drive.. doesn't auto play. i re-installed it, but still the problem is there. driver is lost i guess. by good luck i had a copy of the driver so its working fine but i have to install the driver everytime i switch on my computer...
2. view drive virus spread to my local drives, d and e also. i manually deleted it as was mentioned in some site..
3. i tried to kill the virus by scanning through spybot and my anti virus both failed.
4. after going through many websites i did many things in manage computer, and also even have deleted the cache driver file that's located in the windows32 to no help...
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2012-06-15 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-12-18 Includes\Adware.sbi
2013-02-05 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi
2012-11-14 Includes\Dialer.sbi
2012-11-14 Includes\DialerC.sbi
2012-11-14 Includes\HeavyDuty.sbi
2012-11-14 Includes\Hijackers.sbi
2012-11-14 Includes\HijackersC.sbi
2012-11-14 Includes\iPhone.sbi
2012-11-14 Includes\Keyloggers.sbi
2012-12-18 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2012-11-21 Includes\Malware.sbi
2013-02-05 Includes\MalwareC.sbi
2012-11-14 Includes\PUPS.sbi
2013-02-05 Includes\PUPSC.sbi
2010-01-25 Includes\Revision.sbi
2012-11-14 Includes\Security.sbi
2012-11-14 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2012-11-14 Includes\Spyware.sbi
2012-11-14 Includes\SpywareC.sbi
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi
2013-02-06 Includes\TrojansC-02.sbi
2013-02-05 Includes\TrojansC-03.sbi
2013-01-28 Includes\TrojansC-04.sbi
2012-11-14 Includes\TrojansC-05.sbi
2013-02-04 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB973688)
--- Startup entries list ---
Located: HK_LM:Run, AVG_UI
command: "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
file: C:\Program Files\AVG\AVG2013\avgui.exe
size: 3147384
MD5: 9DADF1A809ECEC86F04BDE35190D59FE
Located: HK_LM:Run, Trend Micro RUBotted V2.0 Beta
command: C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
file: C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
size: 1103184
MD5: 04B69C2E8E1CE7A83082DFDFA61AD541
Located: HK_LM:Run, WinPatrol
command: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
file: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
size: 329824
MD5: D59D472AD56B4B3C084E4F8C2C23B0C5
Located: HK_CU:Run, Glary Memory Optimizer
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
file: C:\Program Files\Glary Utilities\memdefrag.exe
size: 108344
MD5: 54785B0FFCF17471B00406D5BD4BD41A
Located: HK_CU:Run, OpenDNS Updater
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: "C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
file: C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
size: 839680
MD5: 66CD0BEC783DCEA93C4BEDB0CC288425
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: Startup (common), COMODO Firewall.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
file: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
size: 6756048
MD5: 30A0B072E647757CEDDA9E306D410410
Located: Startup (disabled), Run Google Web Accelerator (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Digsby (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Google Talk, Labs Edition (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Kuma_Tray (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Miranda IM (2) (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name:
Date (created): 9/23/2012 8:43:36 PM
Date (last access): 11/12/2012 1:59:22 AM
Date (last write): 9/23/2012 8:43:36 PM
Filesize: 60568
Attributes: archive
MD5: F9616D202B0124D373D2D82A4AA66B1D
CRC32: 6A203B7B
Version: 11.0.0.379
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDHelper.dll
info link: http://www.safer-networking.org/
info source: Safer-Networking Ltd.
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 6/15/2012 6:46:56 PM
Date (last access): 6/15/2012 6:46:56 PM
Date (last write): 1/26/2009 3:31:02 PM
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 42272
Attributes: archive
MD5: DC365B6E595683F67BC21A203432E336
CRC32: ADEC3F07
Version: 6.0.290.11
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_01
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description: Java Runtime Environment 1.4.2
classification: Legitimate
known filename: %ProgramFiles%\Java\j2re1.4.2_01\bin\NPJPI142_01.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_21
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_21-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_26
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_29.dll
Short name: NPJPI1~1.DLL
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 141088
Attributes: archive
MD5: A8F3D654E83D928FBBD4714D2D54AB39
CRC32: A1FB5317
Version: 6.0.290.11
--- Process list ---
PID: 1504 ( 780) C:\Windows\system32\taskhost.exe
size: 49152
MD5: 72E953215CADE1A726C04AAFDF6B463D
PID: 2032 (1232) C:\Windows\system32\Dwm.exe
size: 92672
MD5: 505BF4D1CADEB8D4F8BCD08D944DE25D
PID: 2072 ( 568) C:\Windows\Explorer.EXE
size: 2616320
MD5: 8B88EBBB05A0E56B7DCC708498C02B3E
PID: 3068 (2072) C:\Program Files\AVG\AVG2013\avgui.exe
size: 3147384
MD5: 9DADF1A809ECEC86F04BDE35190D59FE
PID: 3080 (2072) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
size: 329824
MD5: D59D472AD56B4B3C084E4F8C2C23B0C5
PID: 3092 (2072) C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
size: 1103184
MD5: 04B69C2E8E1CE7A83082DFDFA61AD541
PID: 3212 (2072) C:\Program Files\Glary Utilities\memdefrag.exe
size: 108344
MD5: 54785B0FFCF17471B00406D5BD4BD41A
PID: 3256 (2072) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 3268 (2072) C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
size: 839680
MD5: 66CD0BEC783DCEA93C4BEDB0CC288425
PID: 3288 (2072) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
size: 6756048
MD5: 30A0B072E647757CEDDA9E306D410410
PID: 2500 ( 908) C:\Windows\system32\igfxsrvc.exe
size: 252952
MD5: D9C51528488EA0D98D3C4D02ABD16759
PID: 5756 (5616) C:\Windows\system32\ping.exe
size: 15360
MD5: 6242E3D67787CCBF4E06AD2982853144
PID: 5764 ( 688) C:\Windows\system32\conhost.exe
size: 271360
MD5: 310E9119D0A1CFDF1DA897089B533D81
PID: 5720 (5556) C:\Program Files\Mozilla Firefox\firefox.exe
size: 917400
MD5: D7826A7440444F40E0406CF37FD2FA88
PID: 4328 (3256) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 300 ( 4) smss.exe
size: 69632
PID: 372 ( 356) avgrsx.exe
PID: 412 ( 372) avgcsrvx.exe
PID: 616 ( 608) csrss.exe
size: 6144
PID: 664 ( 608) wininit.exe
size: 96256
PID: 688 ( 672) csrss.exe
size: 6144
PID: 736 ( 672) winlogon.exe
size: 286720
PID: 780 ( 664) services.exe
size: 259072
PID: 792 ( 664) lsass.exe
size: 22528
PID: 800 ( 664) lsm.exe
size: 267776
PID: 908 ( 780) svchost.exe
size: 20992
PID: 992 ( 780) svchost.exe
size: 20992
PID: 1096 ( 780) cmdagent.exe
PID: 1144 ( 780) svchost.exe
size: 20992
PID: 1200 ( 780) svchost.exe
size: 20992
PID: 1232 ( 780) svchost.exe
size: 20992
PID: 1260 ( 780) svchost.exe
size: 20992
PID: 1388 ( 780) svchost.exe
size: 20992
PID: 1564 ( 780) svchost.exe
size: 20992
PID: 1696 ( 780) spoolsv.exe
size: 317440
PID: 1816 ( 780) armsvc.exe
PID: 1840 ( 780) avgidsagent.exe
PID: 1876 ( 780) avgwdsvc.exe
PID: 1904 ( 780) CISVC.EXE
size: 20480
PID: 1952 ( 780) SMSvcHost.exe
PID: 364 ( 780) svchost.exe
size: 20992
PID: 628 ( 780) rpcapd.exe
PID: 856 ( 780) RUBotSrv.exe
PID: 2136 ( 780) svchost.exe
size: 20992
PID: 2228 ( 780) ToolbarUpdater.exe
PID: 2336 ( 780) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 2408 (1876) avgnsx.exe
PID: 2420 (1876) avgemcx.exe
PID: 2192 ( 780) SearchIndexer.exe
size: 427520
PID: 2356 ( 780) svchost.exe
size: 20992
PID: 1344 (1232) WUDFHost.exe
size: 195584
PID: 4188 ( 908) WmiPrvSE.exe
PID: 5736 (1200) audiodg.exe
size: 100864
PID: 352 ( 780) svchost.exe
size: 20992
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2/17/2013 8:06:41 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
http://google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
Preserve
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://google.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchAssistant
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: Comodo LSP Provider over [MSAFD Tcpip [TCP/IP]]
GUID: {D08113D4-E213-4708-A4BC-8A305C872BC4}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 1: Comodo LSP Provider over [MSAFD Tcpip [UDP/IP]]
GUID: {B975E802-A6E1-4C44-A63D-04204D68CAEF}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 2: Comodo LSP Provider over [MSAFD Tcpip [RAW/IP]]
GUID: {DDD585B6-BAC6-4E62-A032-D78FA74C13E9}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 3: Comodo LSP Provider over [MSAFD Tcpip [TCP/IPv6]]
GUID: {2497F767-2FEC-4442-AE3B-CFF697334FD2}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 4: Comodo LSP Provider over [MSAFD Tcpip [UDP/IPv6]]
GUID: {7235CEBC-C1FD-4A92-967E-23ED029F37B8}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 5: Comodo LSP Provider over [MSAFD Tcpip [RAW/IPv6]]
GUID: {35617060-A0A4-48C2-B624-F93CB9C38961}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 6: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 7: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 8: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 9: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 10: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 11: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 12: RSVP TCPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 13: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 14: RSVP UDPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 15: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 16: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]
Protocol 17: CEmLSP.dll
GUID: {39EE151E-085C-467A-A5C2-3B2F970A03C6}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] SEQPACKET 82
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] DATAGRAM 82
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] SEQPACKET 70
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] DATAGRAM 70
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] SEQPACKET 31
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] DATAGRAM 31
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] SEQPACKET 47
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] DATAGRAM 47
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] SEQPACKET 44
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] DATAGRAM 44
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] SEQPACKET 41
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] DATAGRAM 41
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A3E413DF-089D-42E2-A3EA-583331F11AE3}] SEQPACKET 156
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A3E413DF-089D-42E2-A3EA-583331F11AE3}] DATAGRAM 156
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D6D27DAE-1570-4943-98C4-71846708DD6D}] SEQPACKET 163
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D6D27DAE-1570-4943-98C4-71846708DD6D}] DATAGRAM 163
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{BC341B66-8CF6-4216-B07F-5CCCF5A80EA1}] SEQPACKET 159
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{BC341B66-8CF6-4216-B07F-5CCCF5A80EA1}] DATAGRAM 159
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C5D3E087-3D2F-4549-A29D-79BF5BBAA31A}] SEQPACKET 158
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C5D3E087-3D2F-4549-A29D-79BF5BBAA31A}] DATAGRAM 158
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B68B894F-485B-4B5D-8A66-8A24DFC10B3C}] SEQPACKET 161
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B68B894F-485B-4B5D-8A66-8A24DFC10B3C}] DATAGRAM 161
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] SEQPACKET 83
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] DATAGRAM 83
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 46: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] SEQPACKET 71
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 47: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] DATAGRAM 71
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 48: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] SEQPACKET 63
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 49: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] DATAGRAM 63
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 50: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] SEQPACKET 48
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 51: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] DATAGRAM 48
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 52: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] SEQPACKET 45
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 53: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] DATAGRAM 45
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 54: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] SEQPACKET 42
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 55: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] DATAGRAM 42
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace
Namespace Provider 5: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
the day i entered a usb drive of my cousin's into the computer, i am facing a problem because of a Viewdrive 1.0.0.0 virus that has made some mal-settings all over my computer.
1. the usb drive shows as a cd drive.. doesn't auto play. i re-installed it, but still the problem is there. driver is lost i guess. by good luck i had a copy of the driver so its working fine but i have to install the driver everytime i switch on my computer...
2. view drive virus spread to my local drives, d and e also. i manually deleted it as was mentioned in some site..
3. i tried to kill the virus by scanning through spybot and my anti virus both failed.
4. after going through many websites i did many things in manage computer, and also even have deleted the cache driver file that's located in the windows32 to no help...
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2012-06-15 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-12-18 Includes\Adware.sbi
2013-02-05 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi
2012-11-14 Includes\Dialer.sbi
2012-11-14 Includes\DialerC.sbi
2012-11-14 Includes\HeavyDuty.sbi
2012-11-14 Includes\Hijackers.sbi
2012-11-14 Includes\HijackersC.sbi
2012-11-14 Includes\iPhone.sbi
2012-11-14 Includes\Keyloggers.sbi
2012-12-18 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2012-11-21 Includes\Malware.sbi
2013-02-05 Includes\MalwareC.sbi
2012-11-14 Includes\PUPS.sbi
2013-02-05 Includes\PUPSC.sbi
2010-01-25 Includes\Revision.sbi
2012-11-14 Includes\Security.sbi
2012-11-14 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2012-11-14 Includes\Spyware.sbi
2012-11-14 Includes\SpywareC.sbi
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi
2013-02-06 Includes\TrojansC-02.sbi
2013-02-05 Includes\TrojansC-03.sbi
2013-01-28 Includes\TrojansC-04.sbi
2012-11-14 Includes\TrojansC-05.sbi
2013-02-04 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB973688)
--- Startup entries list ---
Located: HK_LM:Run, AVG_UI
command: "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
file: C:\Program Files\AVG\AVG2013\avgui.exe
size: 3147384
MD5: 9DADF1A809ECEC86F04BDE35190D59FE
Located: HK_LM:Run, Trend Micro RUBotted V2.0 Beta
command: C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
file: C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
size: 1103184
MD5: 04B69C2E8E1CE7A83082DFDFA61AD541
Located: HK_LM:Run, WinPatrol
command: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
file: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
size: 329824
MD5: D59D472AD56B4B3C084E4F8C2C23B0C5
Located: HK_CU:Run, Glary Memory Optimizer
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
file: C:\Program Files\Glary Utilities\memdefrag.exe
size: 108344
MD5: 54785B0FFCF17471B00406D5BD4BD41A
Located: HK_CU:Run, OpenDNS Updater
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: "C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
file: C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
size: 839680
MD5: 66CD0BEC783DCEA93C4BEDB0CC288425
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1389538379-1606445692-3891605040-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
Located: Startup (common), COMODO Firewall.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
file: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
size: 6756048
MD5: 30A0B072E647757CEDDA9E306D410410
Located: Startup (disabled), Run Google Web Accelerator (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Digsby (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Google Talk, Labs Edition (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Kuma_Tray (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Miranda IM (2) (DISABLED)
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name:
Date (created): 9/23/2012 8:43:36 PM
Date (last access): 11/12/2012 1:59:22 AM
Date (last write): 9/23/2012 8:43:36 PM
Filesize: 60568
Attributes: archive
MD5: F9616D202B0124D373D2D82A4AA66B1D
CRC32: 6A203B7B
Version: 11.0.0.379
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDHelper.dll
info link: http://www.safer-networking.org/
info source: Safer-Networking Ltd.
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 6/15/2012 6:46:56 PM
Date (last access): 6/15/2012 6:46:56 PM
Date (last write): 1/26/2009 3:31:02 PM
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 42272
Attributes: archive
MD5: DC365B6E595683F67BC21A203432E336
CRC32: ADEC3F07
Version: 6.0.290.11
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_01
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description: Java Runtime Environment 1.4.2
classification: Legitimate
known filename: %ProgramFiles%\Java\j2re1.4.2_01\bin\NPJPI142_01.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_21
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_21-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_26
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 108320
Attributes: archive
MD5: F4AE1B6811B4E7B3F9B5C7F0FE76BBFC
CRC32: 0F37B160
Version: 6.0.290.11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_29
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_29.dll
Short name: NPJPI1~1.DLL
Date (created): 10/22/2011 12:30:00 AM
Date (last access): 10/22/2011 12:30:00 AM
Date (last write): 10/22/2011 12:30:00 AM
Filesize: 141088
Attributes: archive
MD5: A8F3D654E83D928FBBD4714D2D54AB39
CRC32: A1FB5317
Version: 6.0.290.11
--- Process list ---
PID: 1504 ( 780) C:\Windows\system32\taskhost.exe
size: 49152
MD5: 72E953215CADE1A726C04AAFDF6B463D
PID: 2032 (1232) C:\Windows\system32\Dwm.exe
size: 92672
MD5: 505BF4D1CADEB8D4F8BCD08D944DE25D
PID: 2072 ( 568) C:\Windows\Explorer.EXE
size: 2616320
MD5: 8B88EBBB05A0E56B7DCC708498C02B3E
PID: 3068 (2072) C:\Program Files\AVG\AVG2013\avgui.exe
size: 3147384
MD5: 9DADF1A809ECEC86F04BDE35190D59FE
PID: 3080 (2072) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
size: 329824
MD5: D59D472AD56B4B3C084E4F8C2C23B0C5
PID: 3092 (2072) C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
size: 1103184
MD5: 04B69C2E8E1CE7A83082DFDFA61AD541
PID: 3212 (2072) C:\Program Files\Glary Utilities\memdefrag.exe
size: 108344
MD5: 54785B0FFCF17471B00406D5BD4BD41A
PID: 3256 (2072) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 3268 (2072) C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
size: 839680
MD5: 66CD0BEC783DCEA93C4BEDB0CC288425
PID: 3288 (2072) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
size: 6756048
MD5: 30A0B072E647757CEDDA9E306D410410
PID: 2500 ( 908) C:\Windows\system32\igfxsrvc.exe
size: 252952
MD5: D9C51528488EA0D98D3C4D02ABD16759
PID: 5756 (5616) C:\Windows\system32\ping.exe
size: 15360
MD5: 6242E3D67787CCBF4E06AD2982853144
PID: 5764 ( 688) C:\Windows\system32\conhost.exe
size: 271360
MD5: 310E9119D0A1CFDF1DA897089B533D81
PID: 5720 (5556) C:\Program Files\Mozilla Firefox\firefox.exe
size: 917400
MD5: D7826A7440444F40E0406CF37FD2FA88
PID: 4328 (3256) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 300 ( 4) smss.exe
size: 69632
PID: 372 ( 356) avgrsx.exe
PID: 412 ( 372) avgcsrvx.exe
PID: 616 ( 608) csrss.exe
size: 6144
PID: 664 ( 608) wininit.exe
size: 96256
PID: 688 ( 672) csrss.exe
size: 6144
PID: 736 ( 672) winlogon.exe
size: 286720
PID: 780 ( 664) services.exe
size: 259072
PID: 792 ( 664) lsass.exe
size: 22528
PID: 800 ( 664) lsm.exe
size: 267776
PID: 908 ( 780) svchost.exe
size: 20992
PID: 992 ( 780) svchost.exe
size: 20992
PID: 1096 ( 780) cmdagent.exe
PID: 1144 ( 780) svchost.exe
size: 20992
PID: 1200 ( 780) svchost.exe
size: 20992
PID: 1232 ( 780) svchost.exe
size: 20992
PID: 1260 ( 780) svchost.exe
size: 20992
PID: 1388 ( 780) svchost.exe
size: 20992
PID: 1564 ( 780) svchost.exe
size: 20992
PID: 1696 ( 780) spoolsv.exe
size: 317440
PID: 1816 ( 780) armsvc.exe
PID: 1840 ( 780) avgidsagent.exe
PID: 1876 ( 780) avgwdsvc.exe
PID: 1904 ( 780) CISVC.EXE
size: 20480
PID: 1952 ( 780) SMSvcHost.exe
PID: 364 ( 780) svchost.exe
size: 20992
PID: 628 ( 780) rpcapd.exe
PID: 856 ( 780) RUBotSrv.exe
PID: 2136 ( 780) svchost.exe
size: 20992
PID: 2228 ( 780) ToolbarUpdater.exe
PID: 2336 ( 780) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 2408 (1876) avgnsx.exe
PID: 2420 (1876) avgemcx.exe
PID: 2192 ( 780) SearchIndexer.exe
size: 427520
PID: 2356 ( 780) svchost.exe
size: 20992
PID: 1344 (1232) WUDFHost.exe
size: 195584
PID: 4188 ( 908) WmiPrvSE.exe
PID: 5736 (1200) audiodg.exe
size: 100864
PID: 352 ( 780) svchost.exe
size: 20992
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 2/17/2013 8:06:41 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
http://google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
Preserve
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://google.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchAssistant
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: Comodo LSP Provider over [MSAFD Tcpip [TCP/IP]]
GUID: {D08113D4-E213-4708-A4BC-8A305C872BC4}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 1: Comodo LSP Provider over [MSAFD Tcpip [UDP/IP]]
GUID: {B975E802-A6E1-4C44-A63D-04204D68CAEF}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 2: Comodo LSP Provider over [MSAFD Tcpip [RAW/IP]]
GUID: {DDD585B6-BAC6-4E62-A032-D78FA74C13E9}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 3: Comodo LSP Provider over [MSAFD Tcpip [TCP/IPv6]]
GUID: {2497F767-2FEC-4442-AE3B-CFF697334FD2}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 4: Comodo LSP Provider over [MSAFD Tcpip [UDP/IPv6]]
GUID: {7235CEBC-C1FD-4A92-967E-23ED029F37B8}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 5: Comodo LSP Provider over [MSAFD Tcpip [RAW/IPv6]]
GUID: {35617060-A0A4-48C2-B624-F93CB9C38961}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 6: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 7: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 8: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 9: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 10: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 11: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 12: RSVP TCPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 13: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 14: RSVP UDPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 15: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 16: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]
Protocol 17: CEmLSP.dll
GUID: {39EE151E-085C-467A-A5C2-3B2F970A03C6}
Filename: C:\Windows\system32\CEmLSP.dll
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] SEQPACKET 82
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] DATAGRAM 82
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] SEQPACKET 70
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] DATAGRAM 70
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] SEQPACKET 31
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] DATAGRAM 31
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] SEQPACKET 47
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] DATAGRAM 47
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] SEQPACKET 44
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] DATAGRAM 44
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] SEQPACKET 41
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] DATAGRAM 41
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{872E6D9D-B1FF-43C1-A25F-4BCAF0BA895B}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A3E413DF-089D-42E2-A3EA-583331F11AE3}] SEQPACKET 156
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A3E413DF-089D-42E2-A3EA-583331F11AE3}] DATAGRAM 156
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D6D27DAE-1570-4943-98C4-71846708DD6D}] SEQPACKET 163
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D6D27DAE-1570-4943-98C4-71846708DD6D}] DATAGRAM 163
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{BC341B66-8CF6-4216-B07F-5CCCF5A80EA1}] SEQPACKET 159
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{BC341B66-8CF6-4216-B07F-5CCCF5A80EA1}] DATAGRAM 159
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C5D3E087-3D2F-4549-A29D-79BF5BBAA31A}] SEQPACKET 158
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C5D3E087-3D2F-4549-A29D-79BF5BBAA31A}] DATAGRAM 158
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B68B894F-485B-4B5D-8A66-8A24DFC10B3C}] SEQPACKET 161
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B68B894F-485B-4B5D-8A66-8A24DFC10B3C}] DATAGRAM 161
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] SEQPACKET 83
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2330464C-52FD-4F8D-B5CA-BEF3EE051C74}] DATAGRAM 83
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 46: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] SEQPACKET 71
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 47: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A8134A1C-A56F-474E-A164-F0E9F9C30FA7}] DATAGRAM 71
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 48: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] SEQPACKET 63
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 49: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F61FCD49-AAE9-4558-88C0-2958CEBA7F29}] DATAGRAM 63
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 50: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] SEQPACKET 48
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 51: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5881E3AD-24CF-4C06-8D89-9345CD324BF5}] DATAGRAM 48
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 52: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] SEQPACKET 45
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 53: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7FD5595A-F775-4E03-A1A8-81FD5874CD5A}] DATAGRAM 45
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 54: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] SEQPACKET 42
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 55: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8411FDCB-8481-4B7A-A3BA-2720C8498FBB}] DATAGRAM 42
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace
Namespace Provider 5: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS