Results 1 to 8 of 8

Thread: No Action !!!

  1. #1
    Member boazboaz's Avatar
    Join Date
    Jan 2006
    Posts
    37

    Default No Action !!!

    SPYBOT didn't found anything for a long time ...(weeks)

    Is there a way to test the tool ?? (or am i simply bored)

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,491

    Default

    Hello.
    Why are you expecting to find an infection?

    If you would like to post a log so we can check it out:
    • Open SpyBot, check for and get any updates available.
    • Close all browsers, check for problems and fix everything found in red
    • Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools, and view report, ensure all the options are selected near the bottom except
    • Uncheck[ ] do not report disabled or known legitimate Items.
    • uncheck[ ] Include a list of services in report.
    • Uncheck[ ] Include uninstall list in report.
    • Now select (near the top) view report.
    • Press export in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach or post that report.


    Also see:
    So how did I get infected in the first place? By Tony Klein

    If you follow the advice given there you will probably avoid many infections.

    Cheers.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Member boazboaz's Avatar
    Join Date
    Jan 2006
    Posts
    37

    Default

    (NOTE for boaz: all files are on : C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.060424-1717 or ...Fixes.060326-1817)
    Result - Part 1
    --- Search result list ---


    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / Internet Explorer 6 / SP1: Windows XP Hotfix - KB905915
    / Windows XP / SP2: Windows XP Service Pack 2
    / Windows XP / SP3: Windows XP Hotfix - KB873339
    / Windows XP / SP3: Windows XP Hotfix - KB885250
    / Windows XP / SP3: Windows XP Hotfix - KB885835
    / Windows XP / SP3: Windows XP Hotfix - KB885836
    / Windows XP / SP3: Windows XP Hotfix - KB886185
    / Windows XP / SP3: Windows XP Hotfix - KB887472
    / Windows XP / SP3: Windows XP Hotfix - KB887742
    / Windows XP / SP3: Windows XP Hotfix - KB888113
    / Windows XP / SP3: Windows XP Hotfix - KB888302
    / Windows XP / SP3: Security Update for Windows XP (KB890046)
    / Windows XP / SP3: Windows XP Hotfix - KB890859
    / Windows XP / SP3: Windows XP Hotfix - KB891781
    / Windows XP / SP3: Security Update for Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Security Update for Windows XP (KB896358)
    / Windows XP / SP3: Security Update for Windows XP (KB896422)
    / Windows XP / SP3: Security Update for Windows XP (KB896423)
    / Windows XP / SP3: Security Update for Windows XP (KB896424)
    / Windows XP / SP3: Security Update for Windows XP (KB896428)
    / Windows XP / SP3: Update for Windows XP (KB898461)
    / Windows XP / SP3: Security Update for Windows XP (KB899587)
    / Windows XP / SP3: Security Update for Windows XP (KB899589)
    / Windows XP / SP3: Security Update for Windows XP (KB899591)
    / Windows XP / SP3: Security Update for Windows XP (KB900725)
    / Windows XP / SP3: Security Update for Windows XP (KB901017)
    / Windows XP / SP3: Security Update for Windows XP (KB901214)
    / Windows XP / SP3: Security Update for Windows XP (KB902400)
    / Windows XP / SP3: Security Update for Windows XP (KB904706)
    / Windows XP / SP3: Security Update for Windows XP (KB905414)
    / Windows XP / SP3: Security Update for Windows XP (KB905749)
    / Windows XP / SP3: Security Update for Windows XP (KB905915)
    / Windows XP / SP3: Security Update for Windows XP (KB908519)
    / Windows XP / SP3: Security Update for Windows XP (KB908531)
    / Windows XP / SP3: Update for Windows XP (KB910437)
    / Windows XP / SP3: Security Update for Windows XP (KB911562)
    / Windows XP / SP3: Security Update for Windows XP (KB911567)
    / Windows XP / SP3: Security Update for Windows XP (KB911927)
    / Windows XP / SP3: Security Update for Windows XP (KB912812)
    / Windows XP / SP3: Security Update for Windows XP (KB912919)
    / Windows XP / SP3: Security Update for Windows XP (KB913446)


    --- Startup entries list ---
    Located: HK_LM:Run, DSLAGENTEXE
    command: dslagent.exe USB
    file: C:\WINDOWS\system32\dslagent.exe
    size: 16384
    MD5: 940a5df447be0e587f06767712e53b77

    Located: HK_LM:Run, GSICONEXE
    command: gsicon.exe
    file: C:\WINDOWS\system32\gsicon.exe
    size: 90112
    MD5: 5d19b03a4a5c56b844e0677cb50f8dc4

    Located: HK_LM:Run, HPDJ Taskbar Utility
    command: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
    file: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
    size: 188416
    MD5: 2cec0358aeaf3d34e7faee85ed55e9eb

    Located: HK_LM:Run, McAfeeUpdaterUI
    command: "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    file: C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    size: 139320
    MD5: e4a7b1aa1e40676153a824ac00ec3450

    Located: HK_LM:Run, Network Associates Error Reporting Service
    command: "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
    file: C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    size: 147514
    MD5: 78915c3ad0024bacd46f41bf02ee4415

    Located: HK_LM:Run, ShStatEXE
    command: "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    file: C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    size: 94208
    MD5: 7fdd96f93adbe7e986aabae0ca446011

    Located: Startup (common), Adobe Reader Speed Launch.lnk
    command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    size: 29696
    MD5: 43362b96870ce8649f4f2ec893da93f0

    Located: System.ini, crypt32chain
    command: crypt32.dll
    file: crypt32.dll

    Located: System.ini, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll

    Located: System.ini, cscdll
    command: cscdll.dll
    file: cscdll.dll

    Located: System.ini, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, Schedule
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll

    Located: System.ini, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll

    Located: System.ini, termsrv
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll



    --- Browser helper object list ---
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    BHO name:
    CLSID name: AcroIEHlprObj Class
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: http://www.adobe.com/products/acrobat/readstep2.html
    info source: TonyKlein
    Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 1/12/2006 8:38:22 PM
    Date (last access): 4/17/2006
    Date (last write): 1/12/2006 8:38:22 PM
    Filesize: 63128
    Attributes: archive
    MD5: F17B2B264072B921FC66A0BE16626BAB
    CRC32: 5184CFEA
    Version: 7.0.7.142

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
    info link: http://toolbar.google.com/
    info source: TonyKlein
    Path: c:\program files\google\
    Long name: GoogleToolbar1.dll
    Short name: GOOGLE~1.DLL
    Date (created): 3/26/2006 7:03:30 PM
    Date (last access): 4/17/2006
    Date (last write): 4/7/2006 1:31:04 PM
    Filesize: 1191424
    Attributes: readonly archive
    MD5: 677C42CD9FE9C13B4B7B601A2E4065B0
    CRC32: 58231F90
    Version: 3.0.131.0



    --- ActiveX list ---
    DirectAnimation Java Classes (DirectAnimation Java Classes)
    DPF name: DirectAnimation Java Classes
    CLSID name:
    Installer:
    Codebase: file://C:\WINDOWS\Java\classes\dajava.cab
    description:
    classification: Legitimate
    known filename: %WINDIR%\Java\classes\dajava.cab
    info link:
    info source: Patrick M. Kolla

    Microsoft XML Parser for Java (Microsoft XML Parser for Java)
    DPF name: Microsoft XML Parser for Java
    CLSID name:
    Installer:
    Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
    description:
    classification: Legitimate
    known filename: %WINDIR%\Java\classes\xmldso.cab
    info link:
    info source: Patrick M. Kolla

    {2B26018A-1D8D-4C19-9A9B-F6C49453A21D} (LauncherV1 Class)
    DPF name:
    CLSID name: LauncherV1 Class
    Installer:
    Codebase: http://irc.msn.co.il/Tipo/launcher.cab
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: launcher.ocx
    Short name:
    Date (created): 2/14/2005 10:31:06 PM
    Date (last access): 4/17/2006
    Date (last write): 2/14/2005 10:31:06 PM
    Filesize: 413696
    Attributes: archive
    MD5: 387F4E24260F2DAFF672ACF446A6317C
    CRC32: A9D51940
    Version: 1.0.0.1

    {958FCAB0-616B-11D3-A63F-00001B322780} (TimetickerLittleHelpers.usfServer)
    DPF name:
    CLSID name: TimetickerLittleHelpers.usfServer
    Installer: C:\WINDOWS\Downloaded Program Files\TcpServer.INF
    Codebase: http://www.timeticker.com/Timeset/TcpServer.CAB
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: TCPSERVER.OCX
    Short name: TCPSER~1.OCX
    Date (created): 8/3/2001 9:40:32 AM
    Date (last access): 4/17/2006
    Date (last write): 8/3/2001 9:40:32 AM
    Filesize: 156160
    Attributes: archive
    MD5: D4CEF889BCB1178E1F17B052886EA4F8
    CRC32: 589D9B16
    Version: 2.2.0.5

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash8a.ocx
    Short name: FLASH8A.OCX
    Date (created): 1/2/2006 11:13:28 AM
    Date (last access): 4/17/2006
    Date (last write): 1/2/2006 11:13:28 AM
    Filesize: 1443464
    Attributes: readonly archive
    MD5: 3066BB99502AE33AE44F17954AF56B8F
    CRC32: 658FAE72
    Version: 8.0.24.0
    Last edited by boazboaz; 2006-04-25 at 15:25. Reason: removed code

  4. #4
    Member boazboaz's Avatar
    Join Date
    Jan 2006
    Posts
    37

    Default

    Result - Part 2



    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 364 ( 4) \SystemRoot\System32\smss.exe
    PID: 436 ( 364) \??\C:\WINDOWS\system32\csrss.exe
    PID: 460 ( 364) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 504 ( 460) C:\WINDOWS\system32\services.exe
    size: 108032
    MD5: C6CE6EEC82F187615D1002BB3BB50ED4
    PID: 516 ( 460) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 84885F9B82F4D55C6146EBF6065D75D2
    PID: 664 ( 504) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 708 ( 504) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 744 ( 504) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 788 ( 504) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 860 ( 504) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 996 ( 504) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
    PID: 1144 (1084) C:\WINDOWS\Explorer.EXE
    size: 1032192
    MD5: A0732187050030AE399B241436565E64
    PID: 1264 ( 504) C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    size: 102463
    MD5: A80F0E7DC789150C3AE4F504E3B96B06
    PID: 1304 ( 504) C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    size: 221191
    MD5: FE7985DAE11FA70829762C5AF39DBB27
    PID: 1344 ( 504) C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    size: 28672
    MD5: DAE0D925FA8D4AEC46E924A136B93A32
    PID: 1356 ( 664) C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
    size: 237623
    MD5: 331B69D20D0983B93BAF2F7E6DAEBB80
    PID: 2000 ( 504) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: F1958FBF86D5C004CF19A5951A9514B7
    PID: 2016 (1144) C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    size: 94208
    MD5: 7FDD96F93ADBE7E986AABAE0CA446011
    PID: 2024 (1144) C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    size: 139320
    MD5: E4A7B1AA1E40676153A824AC00EC3450
    PID: 2032 (1144) C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    size: 147514
    MD5: 78915C3AD0024BACD46F41BF02EE4415
    PID: 2044 (1144) C:\WINDOWS\system32\gsicon.exe
    size: 90112
    MD5: 5D19B03A4A5C56B844E0677CB50F8DC4
    PID: 124 (1144) C:\WINDOWS\system32\dslagent.exe
    size: 16384
    MD5: 940A5DF447BE0E587F06767712E53B77
    PID: 160 (1144) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
    size: 188416
    MD5: 2CEC0358AEAF3D34E7FAEE85ED55E9EB
    PID: 904 ( 504) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 832 (1144) C:\Program Files\Skype\Phone\Skype.exe
    size: 19543592
    MD5: BB6D574B1913E9E1C1D1BC1E69DAE29B
    PID: 3156 ( 664) C:\Program Files\Internet Explorer\iexplore.exe
    size: 93184
    MD5: E7484514C0464642BE7B4DC2689354C8
    PID: 3604 ( 664) C:\WINDOWS\system32\mdm.exe
    size: 124200
    MD5: 871D3099BB90947A492E4D025AA28DE3
    PID: 3812 (3156) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    size: 65536
    MD5: D4A76939AB8AAD4AFBFB4CECCF2628FD
    PID: 820 (1144) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 4 ( 0) System


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 4/17/2006 10:10:20 PM

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.google.com
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    file:///C:/Documents%20and%20Settings/BOAZ/My%20Documents/גל/עמוד%20הבית2.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://ie.search.msn.com/he/srchasst/srchasst.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://home.microsoft.com/access/autosearch.asp?p=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 3: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 4: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8F1725A1-A334-4C10-88D5-7B4FC88F57C3}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8F1725A1-A334-4C10-88D5-7B4FC88F57C3}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5FBD734-16EE-4D71-AB04-B2717AD5BE80}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5FBD734-16EE-4D71-AB04-B2717AD5BE80}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D40D060F-B7B7-4361-8526-6E83DCAA0521}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D40D060F-B7B7-4361-8526-6E83DCAA0521}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{828FB6E3-585E-4A09-A904-C4D9463261B1}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{828FB6E3-585E-4A09-A904-C4D9463261B1}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D3C5D728-346A-4F35-9ECB-AA0BA425CC69}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D3C5D728-346A-4F35-9ECB-AA0BA425CC69}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

    Namespace Provider 2: Network Location Awareness (NLA) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace
    Last edited by tashi; 2006-04-18 at 08:15. Reason: removed code

  5. #5
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Looks fine, are there any problems/search redirects/hijacks/excesive popups ?

    I assume this is something youve done
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    file:///C:/Documents%20and%20Settings/BOAZ/My%20Documents/גל/עמוד%20הבית2.htm

  6. #6
    Member boazboaz's Avatar
    Join Date
    Jan 2006
    Posts
    37

    Default

    No problems/search redirects/hijacks/excesive popups.

    And
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    file:///C:/Documents%20and%20Settings/BOAZ/My%20Documents/גל/עמוד%20הבית2.htm
    is my private home page.

    Just that the tool didn't found anything for a long time.

    Thank you very much !!!

  7. #7
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,491

    Default

    Happy surfing. :D
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  8. #8
    Member boazboaz's Avatar
    Join Date
    Jan 2006
    Posts
    37

    Default

    Till next time ............................

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •