Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: SPY BOT said infected

  1. #1
    Member
    Join Date
    Aug 2009
    Posts
    40

    Smile SPY BOT said infected

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:56:15 PM, on 9/1/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AOL 9.1\waol.exe
    C:\Program Files\AOL 9.1\shellmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
    O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) -
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
    O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://firepass.manh.com/vdesk/term...5500,0,50803,1
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1193645868421
    O16 - DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator) - https://firepass.manh.com/vdesk/term...=5500,0,0909,1
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://firepass.manh.com/vdesk/terminal/urxhost.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hookdll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 13190 bytes
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:56:15 PM, on 9/1/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AOL 9.1\waol.exe
    C:\Program Files\AOL 9.1\shellmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
    O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) -
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
    O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://firepass.manh.com/vdesk/term...5500,0,50803,1
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1193645868421
    O16 - DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator) - https://firepass.manh.com/vdesk/term...=5500,0,0909,1
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://firepass.manh.com/vdesk/terminal/urxhost.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hookdll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 13190 bytes

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi Need To Know

    Please post spybot report next
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Member
    Join Date
    Aug 2009
    Posts
    40

    Smile Spybot report -Settings=hkey_local_machines\software\microsoft\windowsnt\c


    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---

    2008-08-14 blindman.exe (1.0.0.8)
    2008-01-28 SDDelFile.exe (1.0.2.4)
    2008-08-14 SDFiles.exe (1.6.0.4)
    2008-08-14 SDMain.exe (1.0.0.6)
    2008-08-14 SDShred.exe (1.0.2.3)
    2008-08-14 SDUpdate.exe (1.6.0.9)
    2008-08-14 SDWinSec.exe (1.0.0.12)
    2008-07-30 SpybotSD.exe (1.6.0.31)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2009-02-27 unins000.exe (51.49.0.0)
    2008-08-14 Update.exe (1.6.0.7)
    2008-10-22 advcheck.dll (1.6.2.13)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-09-15 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2008-10-22 Tools.dll (2.1.6.8)
    2009-05-19 Includes\Adware.sbi
    2009-09-01 Includes\AdwareC.sbi
    2009-01-22 Includes\Cookies.sbi
    2009-05-19 Includes\Dialer.sbi
    2009-09-01 Includes\DialerC.sbi
    2009-01-22 Includes\HeavyDuty.sbi
    2009-05-26 Includes\Hijackers.sbi
    2009-09-01 Includes\HijackersC.sbi
    2009-06-23 Includes\Keyloggers.sbi
    2009-09-01 Includes\KeyloggersC.sbi
    2004-11-29 Includes\LSP.sbi
    2009-08-19 Includes\Malware.sbi
    2009-09-01 Includes\MalwareC.sbi
    2009-03-25 Includes\PUPS.sbi
    2009-09-01 Includes\PUPSC.sbi
    2009-01-22 Includes\Revision.sbi
    2009-01-13 Includes\Security.sbi
    2009-09-01 Includes\SecurityC.sbi
    2008-06-03 Includes\Spybots.sbi
    2008-06-03 Includes\SpybotsC.sbi
    2009-04-07 Includes\Spyware.sbi
    2009-09-01 Includes\SpywareC.sbi
    2009-06-08 Includes\Tracks.uti
    2009-08-25 Includes\Trojans.sbi
    2009-09-01 Includes\TrojansC.sbi
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll


    --- System information ---
    Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
    / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB887998)
    / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB930494)
    / .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    / Media Center 2005 / SP4: Update Rollup 2 for Windows XP Media Center Edition 2005
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
    / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
    / Windows / SP1: Microsoft National Language Support Downlevel APIs
    / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
    / Windows Media Player: Security Update for Windows Media Player (KB952069)
    / Windows Media Player: Security Update for Windows Media Player (KB973540)
    / Windows Media Player 10: Update for Windows Media Player 10 (KB913800)
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
    / Windows Media Player 10: Update for Windows Media Player 10 (KB926251)
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB936782)
    / Windows Media Player 10 / SP0: Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    / Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
    / Windows XP: Security Update for Windows XP (KB923689)
    / Windows XP: Security Update for Windows XP (KB941569)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB931768)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB933566)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB937143)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB939653)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB944533)
    / Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB956390)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB958215)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB960714)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB961260)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB963027)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB969897)
    / Windows XP / SP0: Update for Windows Internet Explorer 8 (KB971180)
    / Windows XP / SP0: Security Update for Windows Internet Explorer 8 (KB972260)
    / Windows XP / SP3: Security Update for Windows XP (KB929969)
    / Windows XP / SP3: Windows XP Service Pack 3
    / Windows XP / SP4: Security Update for Windows XP (KB923561)
    / Windows XP / SP4: Security Update for Windows XP (KB938464)
    / Windows XP / SP4: Security Update for Windows XP (KB938464-v2)
    / Windows XP / SP4: Security Update for Windows XP (KB946648)
    / Windows XP / SP4: Security Update for Windows XP (KB950760)
    / Windows XP / SP4: Security Update for Windows XP (KB950762)
    / Windows XP / SP4: Security Update for Windows XP (KB950974)
    / Windows XP / SP4: Security Update for Windows XP (KB951066)
    / Windows XP / SP4: Update for Windows XP (KB951072-v2)
    / Windows XP / SP4: Security Update for Windows XP (KB951376)
    / Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
    / Windows XP / SP4: Security Update for Windows XP (KB951698)
    / Windows XP / SP4: Security Update for Windows XP (KB951748)
    / Windows XP / SP4: Update for Windows XP (KB951978)
    / Windows XP / SP4: Security Update for Windows XP (KB952004)
    / Windows XP / SP4: Hotfix for Windows XP (KB952287)
    / Windows XP / SP4: Security Update for Windows XP (KB952954)
    / Windows XP / SP4: Security Update for Windows XP (KB953839)
    / Windows XP / SP4: Security Update for Windows XP (KB954211)
    / Windows XP / SP4: Security Update for Windows XP (KB954459)
    / Windows XP / SP4: Hotfix for Windows XP (KB954550-v5)
    / Windows XP / SP4: Security Update for Windows XP (KB954600)
    / Windows XP / SP4: Security Update for Windows XP (KB955069)
    / Windows XP / SP4: Update for Windows XP (KB955839)
    / Windows XP / SP4: Security Update for Windows XP (KB956391)
    / Windows XP / SP4: Security Update for Windows XP (KB956572)
    / Windows XP / SP4: Security Update for Windows XP (KB956744)
    / Windows XP / SP4: Security Update for Windows XP (KB956802)
    / Windows XP / SP4: Security Update for Windows XP (KB956803)
    / Windows XP / SP4: Security Update for Windows XP (KB956841)
    / Windows XP / SP4: Security Update for Windows XP (KB957095)
    / Windows XP / SP4: Security Update for Windows XP (KB957097)
    / Windows XP / SP4: Security Update for Windows XP (KB958644)
    / Windows XP / SP4: Security Update for Windows XP (KB958687)
    / Windows XP / SP4: Security Update for Windows XP (KB958690)
    / Windows XP / SP4: Security Update for Windows XP (KB959426)
    / Windows XP / SP4: Security Update for Windows XP (KB960225)
    / Windows XP / SP4: Security Update for Windows XP (KB960715)
    / Windows XP / SP4: Security Update for Windows XP (KB960803)
    / Windows XP / SP4: Security Update for Windows XP (KB960859)
    / Windows XP / SP4: Hotfix for Windows XP (KB961118)
    / Windows XP / SP4: Security Update for Windows XP (KB961371)
    / Windows XP / SP4: Security Update for Windows XP (KB961373)
    / Windows XP / SP4: Security Update for Windows XP (KB961501)
    / Windows XP / SP4: Update for Windows XP (KB967715)
    / Windows XP / SP4: Security Update for Windows XP (KB968537)
    / Windows XP / SP4: Security Update for Windows XP (KB969898)
    / Windows XP / SP4: Security Update for Windows XP (KB970238)
    / Windows XP / SP4: Hotfix for Windows XP (KB970653-v3)
    / Windows XP / SP4: Security Update for Windows XP (KB971557)
    / Windows XP / SP4: Security Update for Windows XP (KB971633)
    / Windows XP / SP4: Security Update for Windows XP (KB971657)
    / Windows XP / SP4: Security Update for Windows XP (KB973346)
    / Windows XP / SP4: Security Update for Windows XP (KB973354)
    / Windows XP / SP4: Security Update for Windows XP (KB973507)
    / Windows XP / SP4: Update for Windows XP (KB973815)
    / Windows XP / SP4: Security Update for Windows XP (KB973869)
    / Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


    --- Startup entries list ---
    Located: HK_LM:Run,
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, AOLDialer
    command: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    file: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    size: 71216
    MD5: B9B78F0D9AEBCA8F717680FBABBB5FF4

    Located: HK_LM:Run, ArcSoft Connection Service
    command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 195072
    MD5: F3293561CD1E181667BEFD44134F8E28

    Located: HK_LM:Run, AVG8_TRAY
    command: C:\PROGRA~1\AVG\AVG8\avgtray.exe
    file: C:\PROGRA~1\AVG\AVG8\avgtray.exe
    size: 2007832
    MD5: ADB19E69937A076BDE7D08928248F5C8

    Located: HK_LM:Run, ccApp
    command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    size: 58992
    MD5: 84EC0B55BCBE872F999ACDCE58E3F67D

    Located: HK_LM:Run, DellSupportCenter
    command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    size: 206064
    MD5: 3917664C26B4344768C288BBA6FEFCB6

    Located: HK_LM:Run, DLA
    command: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    file: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    size: 122940
    MD5: CEFD0E35B35AFD9D1C2FEC9AF81AFDB8

    Located: HK_LM:Run, DMXLauncher
    command: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    file: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, dscactivate
    command: "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    file: C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
    size: 16384
    MD5: 267B3A856E9F4DB1CABD4E6DB71E07D2

    Located: HK_LM:Run, ehTray
    command: C:\WINDOWS\ehome\ehtray.exe
    file: C:\WINDOWS\ehome\ehtray.exe
    size: 67584
    MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F

    Located: HK_LM:Run, HostManager
    command: C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    file: C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    size: 41824
    MD5: 22870F235504152FE8873986A3D94905

    Located: HK_LM:Run, igfxhkcmd
    command: C:\WINDOWS\system32\hkcmd.exe
    file: C:\WINDOWS\system32\hkcmd.exe
    size: 77824
    MD5: 82ADC58B63E069AC4641A33EA9841E54

    Located: HK_LM:Run, igfxpers
    command: C:\WINDOWS\system32\igfxpers.exe
    file: C:\WINDOWS\system32\igfxpers.exe
    size: 114688
    MD5: A0E2FFB7B0FCE82AA3BCC3105306C45C

    Located: HK_LM:Run, igfxtray
    command: C:\WINDOWS\system32\igfxtray.exe
    file: C:\WINDOWS\system32\igfxtray.exe
    size: 94208
    MD5: 5656D65A9A9F1E3D68D64A350CFF1732

    Located: HK_LM:Run, ISUSPM Startup
    command: "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    file: C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
    size: 249856
    MD5: 9E109B03018763FDCB075CE74547BE22

    Located: HK_LM:Run, ISUSScheduler
    command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    size: 81920
    MD5: 583B7D111304BE63D7D9CB65482D2187

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files\iTunes\iTunesHelper.exe"
    file: C:\Program Files\iTunes\iTunesHelper.exe
    size: 292128
    MD5: 741DCAEC21B5A9A1D068FE8692A30D68

    Located: HK_LM:Run, Lexmark 1200 Series
    command: "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    file: C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
    size: 57344
    MD5: CBDA2D5F8338812923B92D80F410AD5E

    Located: HK_LM:Run, MSKDetectorExe
    command: C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    file: C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
    size: 1117184
    MD5: 60EAC5EBBF0849010CB6941D44E39AB6

    Located: HK_LM:Run, Norton Ghost 10.0
    command: "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
    file: C:\Program Files\Norton Ghost\Agent\GhostTray.exe
    size: 1537696
    MD5: 294F5038A9D2AC73A8C6F3888F97FB42

    Located: HK_LM:Run, OutpostFeedBack
    command: "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
    file: C:\Program Files\Agnitum\Outpost Firewall\feedback.exe
    size: 428032
    MD5: 43129B804AC901F45DFDF3D3153B882D

    Located: HK_LM:Run, OutpostMonitor
    command: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
    file: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
    size: 2374464
    MD5: B4A1F482599FB41878B4EF8363282A4D

    Located: HK_LM:Run, QuickTime Task
    command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
    file: C:\Program Files\QuickTime\qttask.exe
    size: 413696
    MD5: FABAD2BFD44661D8CC627E5485BFAFAF

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre6\bin\jusched.exe"
    file: C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 90E0F7FDCAC66FB50C1CE1A1C7396642

    Located: HK_CU:Run, DellSupport
    where: PE_C_ADMINISTRATOR...
    command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    file: C:\Program Files\DellSupport\DSAgnt.exe
    size: 460784
    MD5: B75FDBF14073D72C50624CC8338DD534

    Located: HK_CU:Run, AOL Fast Start
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: "C:\Program Files\AOL 9.1\AOL.EXE" -b
    file: C:\Program Files\AOL 9.1\AOL.EXE
    size: 50528
    MD5: D29055D3F0AAE264E906FC50B0883B30

    Located: HK_CU:Run, ctfmon.exe
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

    Located: HK_CU:Run, DellSupport
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    file: C:\Program Files\DellSupport\DSAgnt.exe
    size: 460784
    MD5: B75FDBF14073D72C50624CC8338DD534

    Located: HK_CU:Run, DellSupportCenter
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    size: 206064
    MD5: 3917664C26B4344768C288BBA6FEFCB6

    Located: HK_CU:Run, MsnMsgr
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
    size: 5674352
    MD5: C4281AD865739E71FD1E4DAC19A68D60

    Located: HK_CU:Run, SpybotSD TeaTimer
    where: S-1-5-21-1420787331-2628367206-2861657422-1005...
    command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    size: 2260480
    MD5: 390679F7A217A5E73D756276C40AE887

    Located: Startup (common), Adobe Reader Speed Launch.lnk
    where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
    command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    size: 29696
    MD5: DEB88AEF013DD1EEFB462D7CAD642166

    Located: Startup (common), Digital Line Detect.lnk
    where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
    command: C:\Program Files\Digital Line Detect\DLG.exe
    file: C:\Program Files\Digital Line Detect\DLG.exe
    size: 24576
    MD5: B66E56733E2CD6A10FDA5919625FBF46

    Located: Startup (common), Kodak EasyShare software.lnk
    where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
    command: C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    file: C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    size: 282624
    MD5: FBB5B5B4D8C96624C7D57C5FB25F387D

    Located: Startup (user), ERUNT AutoBackup.lnk
    where: C:\Documents and Settings\Dimension E 310\Start Menu\Programs\Startup...
    command: C:\Program Files\ERUNT\AUTOBACK.EXE
    file: C:\Program Files\ERUNT\AUTOBACK.EXE
    size: 38912
    MD5: E00DE20F0F6BED5CD2160247DDC9443B

    Located: WinLogon, avgrsstarter
    command: avgrsstx.dll
    file: avgrsstx.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, crypt32chain
    command: crypt32.dll
    file: crypt32.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cscdll
    command: cscdll.dll
    file: cscdll.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, dimsntfy
    command: %SystemRoot%\System32\dimsntfy.dll
    file: %SystemRoot%\System32\dimsntfy.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, igfxcui
    command: igfxdev.dll
    file: igfxdev.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, Schedule
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, termsrv
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, WgaLogon
    command: WgaLogon.dll
    file: WgaLogon.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!



    --- Browser helper object list ---
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: AcroIEHlprObj Class
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: http://www.adobe.com/products/acrobat/readstep2.html
    info source: TonyKlein
    Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 12/14/2004 2:56:50 AM
    Date (last access): 9/4/2009 1:39:48 AM
    Date (last write): 12/14/2004 2:56:50 AM
    Filesize: 63136
    Attributes: archive
    MD5: 42729C3DE75A7A51FC6F9EF6546C9199
    CRC32: 4D60BD07
    Version: 7.0.0.1333

    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (WormRadar.com IESiteBlocker.NavFilter)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: WormRadar.com IESiteBlocker.NavFilter
    CLSID name: AVG Safe Search
    Path: C:\Program Files\AVG\AVG8\
    Long name: avgssie.dll
    Short name:
    Date (created): 5/9/2009 10:13:56 PM
    Date (last access): 9/4/2009 1:39:52 AM
    Date (last write): 8/16/2009 10:42:28 AM
    Filesize: 1111320
    Attributes: archive
    MD5: 726F21F6723ECEBA37DCF325E1A5FFEC
    CRC32: 170FF9EA
    Version: 8.5.0.405

    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 5/20/2008 6:37:00 AM
    Date (last access): 9/4/2009 3:18:00 AM
    Date (last write): 9/15/2008 2:25:44 PM
    Filesize: 1562960
    Attributes:
    MD5: 35F73F1936BDE91F1B6995510A61E7A8
    CRC32: BE6A5D15
    Version: 1.6.2.14

    {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: DriveLetterAccess
    description: Hewlett-Packard's DLA software
    classification: Unknown
    known filename: tfswshx.dll
    info link:
    info source: TonyKlein
    Path: C:\WINDOWS\System32\DLA\
    Long name: DLASHX_W.DLL
    Short name:
    Date (created): 6/19/2006 7:32:50 AM
    Date (last access): 9/4/2009 1:40:00 AM
    Date (last write): 9/8/2005 5:20:00 AM
    Filesize: 110652
    Attributes: archive
    MD5: 8EF6619212E5500022AB22FF11E68D3B
    CRC32: 132215F0
    Version: 5.20.8.0

    {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} (AOL Toolbar Launcher)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: AOL Toolbar Launcher
    CLSID name: AOL Toolbar Launcher
    Path: C:\Program Files\AOL\AOL Toolbar 5.0\
    Long name: aoltb.dll
    Short name:
    Date (created): 3/23/2007 4:35:32 PM
    Date (last access): 9/4/2009 1:40:02 AM
    Date (last write): 3/23/2007 4:35:32 PM
    Filesize: 1025584
    Attributes: archive
    MD5: 011F8C5B56074CA0262824C709C0CD5A
    CRC32: C1DC388E
    Version: 5.0.17.1

    {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name:

    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Sign-in Helper
    Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 7/7/2006 1:29:52 PM
    Date (last access): 9/4/2009 1:40:04 AM
    Date (last write): 7/7/2006 1:29:52 PM
    Filesize: 324416
    Attributes: archive
    MD5: 52A70C80A446FA3BBCDAF59A9AB26AF4
    CRC32: B1456034
    Version: 4.0.249.1

    {A3BC75A2-1F87-4686-AA43-5347D756017C} (AVG Security Toolbar BHO)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: AVG Security Toolbar BHO
    Path: C:\Program Files\AVG\AVG8\Toolbar\
    Long name: IEToolbar.dll
    Short name: IETOOL~1.DLL
    Date (created): 6/25/2009 4:30:00 PM
    Date (last access): 9/4/2009 1:40:08 AM
    Date (last write): 7/24/2009 9:55:58 AM
    Filesize: 1090816
    Attributes: archive
    MD5: CFB52F9EB909FF7B9D92158A9ED77A54
    CRC32: 80C0D88F
    Version: 2.507.24.1

    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Toolbar Helper
    Path: C:\Program Files\Windows Live Toolbar\
    Long name: msntb.dll
    Short name:
    Date (created): 10/19/2007 12:20:48 PM
    Date (last access): 9/4/2009 1:40:10 AM
    Date (last write): 10/19/2007 12:20:48 PM
    Filesize: 546320
    Attributes: archive
    MD5: CEE1BE1DA21300208D07FBEAE9EA2B51
    CRC32: 12446524
    Version: 3.1.0.146

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 6/12/2009 6:17:48 AM
    Date (last access): 9/4/2009 1:40:12 AM
    Date (last write): 7/25/2009 5:23:04 AM
    Filesize: 41760
    Attributes: archive
    MD5: 1E57B1A44C7DFFA1C38534279C14B3CE
    CRC32: BA79295C
    Version: 6.0.150.3

    {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: JQSIEStartDetectorImpl
    CLSID name: JQSIEStartDetectorImpl Class
    Path: C:\Program Files\Java\jre6\lib\deploy\jqs\ie\
    Long name: jqs_plugin.dll
    Short name: JQS_PL~1.DLL
    Date (created): 6/12/2009 6:18:02 AM
    Date (last access): 9/4/2009 1:40:12 AM
    Date (last write): 7/25/2009 5:22:44 AM
    Filesize: 73728
    Attributes: archive
    MD5: 55E583817A2012FD75F1F8CF87EE760C
    CRC32: 7051D2F4
    Version: 6.0.150.3



    --- ActiveX list ---
    {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner)
    DPF name:
    CLSID name: F5 Networks CacheCleaner
    Installer: C:\WINDOWS\Downloaded Program Files\cachecleaner.inf
    Codebase:
    description:
    classification: Open for discussion
    known filename: cachecleaner.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: cachecleaner.dll
    Short name: CACHEC~1.DLL
    Date (created): 2/2/2007 11:56:02 PM
    Date (last access): 8/12/2009 4:57:24 AM
    Date (last write): 9/21/2005 4:38:28 PM
    Filesize: 108400
    Attributes: archive
    MD5: B08E3F1175B64B343A4E6F3152646207
    CRC32: 1FE02115
    Version: 5500.0.50921.1

    {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
    DPF name:
    CLSID name: MSN Photo Upload Tool
    Installer: C:\WINDOWS\Downloaded Program Files\MsnPUpld.inf
    Codebase: http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
    description:
    classification: Legitimate
    known filename: MsnPUpld.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: MsnPUpld.dll
    Short name:
    Date (created): 6/20/2006 3:44:04 PM
    Date (last access): 9/3/2009 6:00:30 PM
    Date (last write): 6/20/2006 3:44:04 PM
    Filesize: 379704
    Attributes: archive
    MD5: D2FB109C3F0DAAAA4A73E5921656DB3E
    CRC32: A13093E8
    Version: 10.0.913.0

    {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel)
    DPF name:
    CLSID name: F5 Networks SSLTunnel
    Installer: C:\WINDOWS\Downloaded Program Files\urTermProxy.inf
    Codebase: https://firepass.manh.com/vdesk/term...5500,0,50803,1
    description:
    classification: Legitimate
    known filename: urTermProxy.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: urTermProxy.dll
    Short name: URTERM~1.DLL
    Date (created): 2/3/2007 12:00:48 AM
    Date (last access): 8/12/2009 4:57:26 AM
    Date (last write): 8/3/2005 2:22:12 PM
    Filesize: 835968
    Attributes: archive
    MD5: E8ADFE0783BC6F86048DABA76056A66C
    CRC32: 17113456
    Version: 5500.0.50803.1

    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
    DPF name:
    CLSID name: MUWebControl Class
    Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
    Codebase: http://www.update.microsoft.com/micr...?1193645868421
    description:
    classification: Legitimate
    known filename: muweb.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\system32\
    Long name: muweb.dll
    Short name:
    Date (created): 7/30/2007 7:18:34 PM
    Date (last access): 9/3/2009 6:04:12 PM
    Date (last write): 10/16/2008 3:06:48 PM
    Filesize: 208744
    Attributes: archive
    MD5: D2E6F0A06391FE5556E8A1D6D5041A5E
    CRC32: 27FBFA7D
    Version: 7.2.6001.788

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_15
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_15.dll
    Short name: NPJPI1~1.DLL
    Date (created): 7/25/2009 3:00:36 AM
    Date (last access): 8/12/2009 4:57:26 AM
    Date (last write): 7/25/2009 5:23:04 AM
    Filesize: 136992
    Attributes: archive
    MD5: C79293AA0C64855B6FC3E0E874B472CE
    CRC32: EA2282C5
    Version: 6.0.150.3

    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
    DPF name:
    CLSID name:
    Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
    Codebase: http://fpdownload.macromedia.com/get.../ultrashim.cab
    description:
    classification: Open for discussion
    known filename:
    info link:
    info source: Safer Networking Ltd.

    {B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator)
    DPF name:
    CLSID name: F5 Networks 5250 Terminal emulator
    Installer: C:\WINDOWS\Downloaded Program Files\ur5250x.inf
    Codebase: https://firepass.manh.com/vdesk/term...=5500,0,0909,1
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: ur5250x.dll
    Short name:
    Date (created): 2/2/2007 11:59:34 PM
    Date (last access): 8/12/2009 4:57:26 AM
    Date (last write): 9/9/2005 9:06:32 PM
    Filesize: 181120
    Attributes: archive
    MD5: 4D7A9B893013E61B869FA6ACDD6B87B8
    CRC32: 47507FF9
    Version: 5500.0.909.1

    {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
    DPF name: Java Runtime Environment 1.4.2
    CLSID name:
    Installer:
    Codebase: http://java.sun.com/products/plugin/...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi142_03.dll
    info link:
    info source: Safer Networking Ltd.

    {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name:
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi150_11.dll
    info link:
    info source: Safer Networking Ltd.

    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name:
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi160_01.dll
    info link:
    info source: Safer Networking Ltd.

    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name:
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab

    {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_15
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_15.dll
    Short name: NPJPI1~1.DLL
    Date (created): 7/25/2009 3:00:36 AM
    Date (last access): 9/4/2009 3:18:12 AM
    Date (last write): 7/25/2009 5:23:04 AM
    Filesize: 136992
    Attributes: archive
    MD5: C79293AA0C64855B6FC3E0E874B472CE
    CRC32: EA2282C5
    Version: 6.0.150.3

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_15
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi150_06.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_15.dll
    Short name: NPJPI1~1.DLL
    Date (created): 7/25/2009 3:00:36 AM
    Date (last access): 9/4/2009 3:18:12 AM
    Date (last write): 7/25/2009 5:23:04 AM
    Filesize: 136992
    Attributes: archive
    MD5: C79293AA0C64855B6FC3E0E874B472CE
    CRC32: EA2282C5
    Version: 6.0.150.3

    {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class)
    DPF name:
    CLSID name: get_atlcom Class
    Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
    Codebase: http://www.adobe.com/products/acrobat/nos/gp.cab

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase: http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash10c.ocx
    Short name:
    Date (created): 7/17/2009 11:12:12 PM
    Date (last access): 9/4/2009 2:30:46 AM
    Date (last write): 7/17/2009 11:12:12 PM
    Filesize: 3979680
    Attributes: readonly archive
    MD5: 43C6ACDFB92A18C3E516E6BD5F1ACD51
    CRC32: D6F40D46
    Version: 10.0.32.18

    {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control)
    DPF name:
    CLSID name: F5 Networks Host Control
    Installer: C:\WINDOWS\Downloaded Program Files\urxhost.inf
    Codebase: https://firepass.manh.com/vdesk/terminal/urxhost.cab
    description:
    classification: Open for discussion
    known filename: urxhost.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: urxhost.dll
    Short name:
    Date (created): 9/28/2005 3:02:14 PM
    Date (last access): 8/12/2009 4:57:32 AM
    Date (last write): 9/28/2005 3:02:14 PM
    Filesize: 363376
    Attributes: archive
    MD5: B6E4CC6C5ECEEC468BCB99A4B72CAC6F
    CRC32: 67ECA82D
    Version: 5500.0.50928.1

    {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ()
    DPF name:
    CLSID name:
    Installer: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gp.inf
    Codebase: http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab



    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 900 ( 4) \SystemRoot\System32\smss.exe
    size: 50688
    PID: 996 ( 900) \??\C:\WINDOWS\system32\csrss.exe
    size: 6144
    PID: 1020 ( 900) \??\C:\WINDOWS\system32\winlogon.exe
    size: 507904
    PID: 1064 (1020) C:\WINDOWS\system32\services.exe
    size: 110592
    MD5: 65DF52F5B8B6E9BBD183505225C37315
    PID: 1076 (1020) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: BF2466B3E18E970D8A976FB95FC1CA85
    PID: 1260 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1308 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1348 (1064) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1384 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1616 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1760 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1768 (1668) C:\WINDOWS\Explorer.EXE
    size: 1033728
    MD5: 12896823FB95BFB3DC9B46BCAEDC9923
    PID: 1848 (1064) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    size: 165488
    MD5: BB98479C3135C05291D54DEBD7B310D5
    PID: 1928 (1064) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    size: 198256
    MD5: 69637EB41F3467DDA6CCCEBA7C320E0A
    PID: 156 (1064) C:\WINDOWS\system32\LEXBCES.EXE
    size: 311296
    MD5: A1043645D16915DF12A6F2E049922A18
    PID: 192 (1064) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
    PID: 212 ( 156) C:\WINDOWS\system32\LEXPPS.EXE
    size: 174592
    MD5: AF31E60B6BF71BD74B16DDF5C679FBA3
    PID: 320 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 364 (1064) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    size: 109056
    MD5: 769DB4F484957CC98153B3C1B5D1162F
    PID: 392 (1064) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    size: 46640
    MD5: 85180CF88C5EBAD73B452A43A004CA51
    PID: 404 (1064) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    size: 144712
    MD5: 7E94E567C1AA5ABE6174032B3DAB6C23
    PID: 436 (1064) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    size: 297752
    MD5: DB338A6BD3976904EB0F8343F51E64EB
    PID: 624 (1064) C:\Program Files\Bonjour\mDNSResponder.exe
    size: 238888
    MD5: 3F56903E124E820AEECE6D471583C6C1
    PID: 668 (1064) C:\WINDOWS\System32\GEARSec.exe
    size: 53248
    MD5: B6E01969246FCB67470E87E6957EE147
    PID: 720 (1064) C:\Program Files\Java\jre6\bin\jqs.exe
    size: 153376
    MD5: 112325F53AB720CA77825726D427FBDC
    PID: 816 (1064) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    size: 201968
    MD5: 777115C9CC675BD98127660712D2F784
    PID: 916 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 940 (1064) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
    PID: 1188 (1064) C:\WINDOWS\wanmpsvc.exe
    size: 65536
    MD5: EB9A99AB5D17B1727034FF191E6448D7
    PID: 1580 (1064) C:\WINDOWS\ehome\mcrdsvc.exe
    size: 99328
    MD5: DF0A511F38F16016BF658FCA0090CB87
    PID: 2256 (1064) C:\PROGRA~1\AVG\AVG8\avgemc.exe
    size: 908056
    MD5: B9AE3C63A53396CD669EF8AE9C9CBD85
    PID: 2288 ( 436) C:\Program Files\AVG\AVG8\avgrsx.exe
    size: 486680
    MD5: 65EA6EB029BB031773473AD9A78A666D
    PID: 2296 ( 436) C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    size: 595736
    MD5: A6CF4FF9BE1202800C22EC5A6A7CF4A6
    PID: 2740 (1064) C:\Program Files\Canon\CAL\CALMAIN.exe
    size: 96341
    MD5: 5753532C476B83119D85AA43B1B10AB3
    PID: 2804 (2256) C:\Program Files\AVG\AVG8\avgcsrvx.exe
    size: 693016
    MD5: 98D6BB2D06986E9E1051F2CBE3CF6E7A
    PID: 2972 (1064) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: 8C515081584A38AA007909CD02020B3D
    PID: 3440 (1768) C:\WINDOWS\ehome\ehtray.exe
    size: 67584
    MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F
    PID: 3460 (1768) C:\WINDOWS\system32\hkcmd.exe
    size: 77824
    MD5: 82ADC58B63E069AC4641A33EA9841E54
    PID: 3480 (1768) C:\WINDOWS\system32\igfxpers.exe
    size: 114688
    MD5: A0E2FFB7B0FCE82AA3BCC3105306C45C
    PID: 3488 (1768) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    size: 58992
    MD5: 84EC0B55BCBE872F999ACDCE58E3F67D
    PID: 3516 (1768) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    size: 81920
    MD5: 583B7D111304BE63D7D9CB65482D2187
    PID: 3524 (1768) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    size: 122940
    MD5: CEFD0E35B35AFD9D1C2FEC9AF81AFDB8
    PID: 3628 (1768) C:\Program Files\Common Files\AOL\1170479121\ee\AOLSoftware.exe
    size: 41824
    MD5: 22870F235504152FE8873986A3D94905
    PID: 3704 (1768) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    size: 206064
    MD5: 3917664C26B4344768C288BBA6FEFCB6
    PID: 3712 (1768) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 195072
    MD5: F3293561CD1E181667BEFD44134F8E28
    PID: 3720 (1768) C:\PROGRA~1\AVG\AVG8\avgtray.exe
    size: 2007832
    MD5: ADB19E69937A076BDE7D08928248F5C8
    PID: 3844 (1768) C:\Program Files\iTunes\iTunesHelper.exe
    size: 292128
    MD5: 741DCAEC21B5A9A1D068FE8692A30D68
    PID: 3860 (1768) C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 90E0F7FDCAC66FB50C1CE1A1C7396642
    PID: 3980 (1768) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
    PID: 468 (1768) C:\Program Files\DellSupport\DSAgnt.exe
    size: 460784
    MD5: B75FDBF14073D72C50624CC8338DD534
    PID: 2104 ( 636) C:\Program Files\AOL 9.1\waol.exe
    size: 39264
    MD5: 6DF2D7A89F81E1127535821FEAD8C55E
    PID: 680 (1768) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    size: 2260480
    MD5: 390679F7A217A5E73D756276C40AE887
    PID: 1892 (1768) C:\Program Files\Digital Line Detect\DLG.exe
    size: 24576
    MD5: B66E56733E2CD6A10FDA5919625FBF46
    PID: 3180 (1064) C:\Program Files\iPod\bin\iPodService.exe
    size: 542496
    MD5: E8E568EA584973DFD99AAC7D00A16287
    PID: 676 (2104) C:\Program Files\AOL 9.1\shellmon.exe
    size: 54624
    MD5: 92CA7FE0AED73DB79A2931446EEDEB2B
    PID: 3408 (2104) C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
    size: 63120
    MD5: CAA1EBD9AD92E6C6E83A5642EBC34CA6
    PID: 2636 ( 680) C:\WINDOWS\system32\NOTEPAD.EXE
    size: 69120
    MD5: 5E28284F9B5F9097640D58A73D38AD4C
    PID: 3612 ( 680) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4891984
    MD5: 9C8F0F34F66BB845B42F70E92A972B5F
    PID: 4 ( 0) System
    PID: 380 (1064) acs.exe
    PID: 3748 (1768) op_mon.exe


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 9/4/2009 3:18:15 AM

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.google.com
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 3: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 4: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8CC36E17-BFF8-4F78-B76F-BE30496C243D}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8CC36E17-BFF8-4F78-B76F-BE30496C243D}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F6B3C11-37E3-4715-8B3A-4025A3EDE8F7}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F6B3C11-37E3-4715-8B3A-4025A3EDE8F7}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{29B39846-0902-49E5-B96A-2F1FC54E9A72}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{29B39846-0902-49E5-B96A-2F1FC54E9A72}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2F9FBC39-C724-4E7B-AEFD-EDFE1FAC9BF8}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2F9FBC39-C724-4E7B-AEFD-EDFE1FAC9BF8}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C15E9028-5273-469F-9052-37C24F8850EF}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C15E9028-5273-469F-9052-37C24F8850EF}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B2B8567-DE40-4614-A603-C99B50543418}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5B2B8567-DE40-4614-A603-C99B50543418}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

    Namespace Provider 2: Network Location Awareness (NLA) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace

    Namespace Provider 3: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll
    Description: Apple Rendezvous protocol
    DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
    DB protocol: mdnsNSP

  4. #4
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    That looks like to be clean.

    Does it find something upon rescan?
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  5. #5
    Member
    Join Date
    Aug 2009
    Posts
    40

    Default

    No but I was concerned about info on the side that said don't run a fix. I do not know much about computers just learning

  6. #6
    Member
    Join Date
    Aug 2009
    Posts
    40

    Default

    Quote Originally Posted by Need To Know View Post
    No but I was concerned about info on the side that said don't run a fix. I do not know much about computers just learning
    Can you tell were it came from and how I can keep it from happening again ?
    I pretty much go to the same sites all the time.

  7. #7
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hard to say because there is nothing in report.

    Anyway, your spybot version is old. Download new version from here and post back if it finds something.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  8. #8
    Member
    Join Date
    Aug 2009
    Posts
    40

    Default You guys rock !!!!!!!

    " thanks shaba i will be making a donation "

  9. #9
    Member
    Join Date
    Aug 2009
    Posts
    40

    Default

    Quote Originally Posted by Need To Know View Post
    " thanks shaba i will be making a donation "


    just made a donation

  10. #10
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Thank you

    Before final instructions, does Symantec have antivirus?
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •