--- Search result list ---
180Solutions.SearchAssistant: [SBI $AB2A8735] Executable (File, nothing done)
C:\WINDOWS\didduid.ini
180Solutions.SearchAssistant: [SBI $D1508A11] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}
2020Search: [SBI $FDE696BC] Library (File, nothing done)
C:\WINDOWS\bjam.dll
2020Search: [SBI $B014F6E9] Library (File, nothing done)
C:\WINDOWS\mspphe.dll
2020Search: [SBI $DD59D34B] Executable (File, nothing done)
C:\WINDOWS\mssvr.exe
2020Search: [SBI $1C86D773] Library (File, nothing done)
C:\WINDOWS\2020search2.dll
2020Search: [SBI $524079D1] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-92C6-CE7EB590A94D}
CoolWWWSearch.Leftovers: [SBI $C5CA9532] Library (File, nothing done)
C:\WINDOWS\2020search.dll
Clickspring.OuterInfo: [SBI $6A548512] Program group (Directory, nothing done)
C:\Documents and Settings\Home\Start Menu\Programs\Outerinfo\
Clickspring.OuterInfo: [SBI $75EA113C] Link (File, nothing done)
C:\Documents and Settings\Home\Start Menu\Programs\Outerinfo\Terms.lnk
Clickspring.OuterInfo: [SBI $713F81E0] Link (File, nothing done)
C:\Documents and Settings\Home\Start Menu\Programs\Outerinfo\Uninstall.lnk
Clickspring.OuterInfo: [SBI $77657C2F] Text file (File, nothing done)
C:\Program Files\Outerinfo\Terms.rtf
Clickspring.OuterInfo: [SBI $BEFF5FAC] Program directory (Directory, nothing done)
C:\Program Files\Outerinfo\FF\
Clickspring.OuterInfo: [SBI $5090E5D0] Data (File, nothing done)
C:\Program Files\Outerinfo\FF\install.rdf
Clickspring.OuterInfo: [SBI $6BBB3BE3] Program directory (Directory, nothing done)
C:\Program Files\Outerinfo\FF\components\
Clickspring.OuterInfo: [SBI $EECDCEE0] Installer (File, nothing done)
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt
Clickspring.OuterInfo: [SBI $498B6951] User settings (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1659004503-484061587-725345543-1004\Software\Mozilla\Firefox\Extensions\{59A40AC9-E67D-4155-B31D-4B7330FCD2D6}
Clickspring.OuterInfo: [SBI $F3FA0F85] Uninstall settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
IMNames: [SBI $11EE7C28] User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1659004503-484061587-725345543-1004\Software\IMAdvertiser
Smitfraud-C.: [SBI $8CE3DD18] Library (File, nothing done)
C:\WINDOWS\swin32.dll
Smitfraud-C.: [SBI $768AA445] Executable (File, nothing done)
C:\WINDOWS\updatetc.exe
Smitfraud-C.: [SBI $AAC81DC7] Library (File, nothing done)
C:\WINDOWS\system32\MSIXU.DLL
Smitfraud-C.: [SBI $DAFF8341] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}
Smitfraud-C.: [SBI $749A49D8] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}
Smitfraud-C.: [SBI $CA8B78D4] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}
Smitfraud-C.: [SBI $D738367D] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}
Smitfraud-C.: [SBI $8A7B2B35] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}
Smitfraud-C.: [SBI $A507ED05] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}
Smitfraud-C.: [SBI $81292234] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}
Smitfraud-C.: [SBI $73C55E9B] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}
Smitfraud-C.gp: [SBI $29222CE9] Web page (File, nothing done)
C:\WINDOWS\default.htm
WinPerformance: [SBI $5BD13F52] Executable (File, nothing done)
C:\WINDOWS\PerfInfo\zxjhO0wRbewp.exe
Yazzle: [SBI $C7E1A355] Executable (File, nothing done)
C:\Program Files\Common Files\Yazzle1552OinAdmin.exe
Yazzle: [SBI $59C4E331] Executable (File, nothing done)
C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\PE_C_ADMINISTRATOR\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1659004503-484061587-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $B2E55F62] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableTaskMgr
Rabio.SearchEnhancer: [SBI $E3AEF3D2] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Application Data\Rabio\Search Enhancer\
SecondThought.STCLoader: [SBI $CD09A67D] Executable (File, nothing done)
C:\WINDOWS\stcloader.exe
SecondThought.STCLoader: [SBI $30F34011] Executable (File, nothing done)
C:\WINDOWS\Installer\id53.exe
Zango: [SBI $DF8DAC14] Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929CD6E-2062-44a4-B2C5-2C7E78FBAB38}
Zango: [SBI $5EDB554D] Application data folder (Directory, nothing done)
C:\Program Files\Seekmo\
Zango: [SBI $5A7042F6] Program directory (Directory, nothing done)
c:\Program Files\Zango\
180Solutions.SearchAssistant: [SBI $8D6AFC05] Program directory (Directory, nothing done)
c:\Program Files\180searchassistant\
180Solutions.SearchAssistant: [SBI $232559B8] Program directory (Directory, nothing done)
C:\WINDOWS\FLEOK\
180Solutions.SearchAssistant: [SBI $CBCD65CE] Program directory (Directory, nothing done)
C:\Program Files\180Solutions\
Right Media: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
DirectTrack: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
HitBox: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
DoubleClick: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
MediaPlex: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
Zedo: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
HitBox: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
DirectTrack: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
Clickspring.OuterInfo: Tracking cookie (Internet Explorer: Home) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-03-24 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-03-19 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-03-19 Includes\DialerC.sbi (*)
2008-03-19 Includes\HeavyDuty.sbi (*)
2008-03-19 Includes\Hijackers.sbi (*)
2008-03-19 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-03-19 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-03-12 Includes\Malware.sbi (*)
2008-03-19 Includes\MalwareC.sbi (*)
2008-02-20 Includes\PUPS.sbi (*)
2008-03-19 Includes\PUPSC.sbi (*)
2008-03-19 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-03-19 Includes\SecurityC.sbi (*)
2008-03-19 Includes\Spybots.sbi (*)
2008-03-19 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-03-19 Includes\Trojans.sbi (*)
2008-03-19 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player / SP0: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB936782)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921503)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925454)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928090)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931768)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Update for Windows XP (KB933360)
/ Windows XP / SP3: Security Update for Windows XP (KB933566)
/ Windows XP / SP3: Security Update for Windows XP (KB933729)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Update for Windows XP (KB936357)
/ Windows XP / SP3: Security Update for Windows XP (KB937143)
/ Windows XP / SP3: Security Update for Windows XP (KB938127)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP / SP3: Security Update for Windows XP (KB939653)
/ Windows XP / SP3: Security Update for Windows XP (KB941202)
/ Windows XP / SP3: Security Update for Windows XP (KB941568)
/ Windows XP / SP3: Security Update for Windows XP (KB941644)
/ Windows XP / SP3: Security Update for Windows XP (KB942615)
/ Windows XP / SP3: Update for Windows XP (KB942763)
/ Windows XP / SP3: Update for Windows XP (KB942840)
/ Windows XP / SP3: Security Update for Windows XP (KB943055)
/ Windows XP / SP3: Security Update for Windows XP (KB943460)
/ Windows XP / SP3: Security Update for Windows XP (KB943485)
/ Windows XP / SP3: Security Update for Windows XP (KB944533)
/ Windows XP / SP3: Security Update for Windows XP (KB944653)
/ Windows XP / SP3: Security Update for Windows XP (KB946026)
/ Windows XP / SP3: Update for Windows XP (KB946627)
--- Startup entries list ---
Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 335872
MD5: F256B06F38984969A4A76248DBFA02FB
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 79224
MD5: 8CF58586AE4577ED71FFE8883A6D4B3B
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
Located: HK_LM:Run, IMprocess
command: C:\DOCUME~1\Home\LOCALS~1\Temp\IMAdvertiser.EXE
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, IPPDetect
command: IPP4Detect.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 6F6493A929BC9B5762035940E825B840
Located: HK_LM:Run, Jet Detection
command: "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
file: C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
size: 28672
MD5: 7DF5F447DE9E4600F8C77A00D86D210B
Located: HK_LM:Run, lxdjamon
command: "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe"
file: C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
size: 20480
MD5: 7919769F265843BF3CAAC86EE69CD351
Located: HK_LM:Run, lxdjmon.exe
command: "C:\Program Files\Lexmark 1400 Series\lxdjmon.exe"
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, qjwnipun
command: regsvr32 /u "C:\Documents and Settings\All Users\Application Data\qjwnipun.dll"
file: C:\WINDOWS\system32\reg.exe
size: 50176
MD5: 3F1DF5D22C775B5E5DE561755FA9AB55
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: D195E74B712DD105402B90E6CB28263F
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: C419DF63E0121D72411285780C2FC6CC
Located: HK_LM:Run, URLLSTCK.exe
command: C:\Program Files\Norton Internet Security\UrlLstCk.exe
file: C:\Program Files\Norton Internet Security\UrlLstCk.exe
size: 70840
MD5: 0501136128B3771E00DD71920AF1C396
Located: HK_LM:Run, WINDVDPatch
command: CTHELPER.EXE
file: C:\WINDOWS\system32\CTHELPER.EXE
size: 24576
MD5: 3C7A868402B2DD7B65AC32BED886D9E5
Located: HK_CU:Run, Aida
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\WINDOWS\system32\MANTEC~1\chkdsk.exe" -vt yazb
file: C:\WINDOWS\system32\MANTEC~1\chkdsk.exe
size: 89088
MD5: D29092395CF8DD07814374D60CD73E82
Located: HK_CU:Run, QdrModule13
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\Program Files\QdrModule\QdrModule13.exe"
file: C:\Program Files\QdrModule\QdrModule13.exe
size: 372736
MD5: 1013FB30E06AFB93EC5081BC65CB8313
Located: HK_CU:Run, QdrPack14
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\Program Files\QdrPack\QdrPack14.exe"
file: C:\Program Files\QdrPack\QdrPack14.exe
size: 352256
MD5: C485AD7B74C11D95816CBA483C93234B
Located: HK_CU:Run, RIMDeviceManager
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
file: C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
size: 1142922
MD5: C3D04608BAB15AD2A92B84D3B1149AE5
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
Located: HK_CU:Run, updateMgr
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 313472
MD5: 43F3F6D33C793089A7C32B45DA16094B
Located: HK_CU:Run, Wazllmqe
where: S-1-5-21-1659004503-484061587-725345543-1004...
command: "C:\Documents and Settings\Home\My Documents\F?nts\mshta.exe"
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (common), Adobe Reader Speed Launch.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362B96870CE8649F4F2EC893DA93F0
Located: Startup (common), Desktop Manager.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
file: C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
size: 1114217
MD5: E5F53D7BB972F6F7EEFA8FE39B53A966
Located: Startup (common), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: 5597D0075861CB0A6E6087752D205C0D
Located: Startup (disabled), Adobe Gamma Loader (DISABLED)
command: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
file: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
size: 113664
MD5: C2FF17734176CD15221C10044EF0BA1A
Located: Startup (disabled), America Online 9.0 Tray Icon (DISABLED)
command: C:\PROGRA~1\AMERIC~1.0A\aoltray.exe -check
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), Microsoft Office (DISABLED)
command: C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l
file: C:\PROGRA~1\MICROS~2\Office\OSA9.EXE
size: 65588
MD5: F2020569DF0E5CDF0CCEDB3406D15CB3
Located: Startup (disabled), office (DISABLED)
command: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\office.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Startup (disabled), LimeWire On Startup (DISABLED)
command: C:\PROGRA~1\LimeWire\LimeWire.exe -startup
file: C:\PROGRA~1\LimeWire\LimeWire.exe
size: 81920
MD5: 97918093DD905F51B2985EA597160B9E
Located: Startup (disabled), Scheduler (DISABLED)
command: C:\RECYCLER\NPROTECT\00056337.EXE
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{00000250-0320-4dd4-be4f-7566d2314352} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx
AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 1/12/2006 8:38:22 PM
Date (last access): 3/24/2008 7:44:38 PM
Date (last write): 1/12/2006 8:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142
{13197ace-6851-45c3-a7ff-c281324d5489} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{15651c7c-e812-44a2-a9ac-b467a2233e7d} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{44309EB7-5B77-7ED8-5714-5E00CBC7DCBD} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: hozvcywc.dll
Short name:
Date (created): 3/24/2008 6:43:40 PM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 1/28/2008 9:29:02 AM
Filesize: 60928
Attributes: archive
MD5: 64991A8E8F8CE30ED0E05FDDA4E9D3B2
CRC32: 60DEE329
{4e1075f4-eec4-4a86-add7-cd5f52858c31} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: 2020Search
classification: Confirmed as malware
known filename: 2020Search2.dll
2020SE~1.DLL
info link:
info source: TonyKlein
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\Program Files\Spybot - Search & Destroy\
Long name: SDHelper.dll
Short name:
Date (created): 3/24/2008 7:33:24 PM
Date (last access): 3/24/2008 7:33:24 PM
Date (last write): 1/28/2008 11:43:28 AM
Filesize: 1554256
Attributes: archive
MD5: 5248E02EFBCB64D328647CD00E384B85
CRC32: C1B426A9
Version: 1.5.0.11
{5929cd6e-2062-44a4-b2c5-2c7e78fbab38} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{5dafd089-24b1-4c5e-bd42-8ca72550717b} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
description: 180Solutions.com SurfAssistant
classification: Confirmed as malware
known filename: saiemod.dll
info link:
info source: TonyKlein
{5fa6752a-c4a0-4222-88c2-928ae5ab4966} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{622cc208-b014-4fe0-801b-874a5e5e403a} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{750bcc34-1dd2-11b2-8001-e93e492d1431} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path: C:\WINDOWS\
Long name: uhmdwhut.dll
Short name:
Date (created): 3/23/2008 12:20:16 AM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 3/23/2008 12:20:16 AM
Filesize: 79360
Attributes: archive
MD5: CA9088A8F429C615FE3FC870754A7B1A
CRC32: 87B633ED
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 3/2/2006 2:53:00 PM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 11/10/2005 2:22:12 PM
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5
{8041E642-8CFC-4720-BC9D-D2DB8904286F} (BndFibu7 IE Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: BndFibu7 IE Helper
Path: C:\Program Files\QdrDrive\
Long name: QdrDrive12.dll
Short name: QDRDRI~1.DLL
Date (created): 3/6/2008 5:45:32 PM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 3/6/2008 5:45:32 PM
Filesize: 204800
Attributes: archive
MD5: DE1EC66FF570CCFAF091DE9F597CBB77
CRC32: 49145A59
{8674aea0-9d3d-11d9-99dc-00600f9a01f1} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{965a592f-8efa-4250-8630-7960230792f1} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{9c5b2f29-1f46-4639-a6b4-828942301d3e} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Web assistant)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Web assistant
CLSID name: CNisExtBho Class
description: NIS 2004,
classification: Legitimate
known filename: NISShExt.dll
info link: http://www.symantec.com/sabu/nis/nis_pe/
info source: TonyKlein
Path: C:\Program Files\Common Files\Symantec Shared\AdBlocking\
Long name: NISShExt.dll
Short name:
Date (created): 1/26/2004 9:07:06 PM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 1/26/2004 9:07:06 PM
Filesize: 126976
Attributes: archive
MD5: 0C3B5C014E2ACC49E330661BAB16CEBB
CRC32: 8B1B63E1
Version: 7.0.0.177
{BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NAV Helper
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: http://www.symantec.com/nav/nav_9xnt/
info source: TonyKlein
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NAVShExt.dll
Short name:
Date (created): 1/26/2004 9:06:48 PM
Date (last access): 3/24/2008 7:47:36 PM
Date (last write): 1/26/2004 9:06:48 PM
Filesize: 103592
Attributes: archive
MD5: B0D6124B344F7FB4C1B49134FB73D56B
CRC32: B1DDBAB2
Version: 10.0.0.109
{cf021f40-3e14-23a5-cba2-717765728274} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{fc3a74e5-f281-4f10-ae1e-733078684f3c} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{ffff0001-0002-101a-a3c9-08002b2f49fb} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla
Yahoo! Checkers (Yahoo! Checkers)
DPF name: Yahoo! Checkers
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/kt4_x.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
Yahoo! Dice (Yahoo! Dice)
DPF name: Yahoo! Dice
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/dct4_x.cab
Yahoo! Go Fish (Yahoo! Go Fish)
DPF name: Yahoo! Go Fish
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/zt3_x.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
Yahoo! Poker (Yahoo! Poker)
DPF name: Yahoo! Poker
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/pt3_x.cab
description:
classification: Legitimate
known filename: IEAWSDC.DLL
info link:
info source: Safer Networking Ltd.
Yahoo! Pool 2 (Yahoo! Pool 2)
DPF name: Yahoo! Pool 2
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/pote_x.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
Yahoo! Towers 2.0 (Yahoo! Towers 2.0)
DPF name: Yahoo! Towers 2.0
CLSID name:
Installer:
Codebase: http://download.games.yahoo.com/games/clients/y/ywt0_x.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
{01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class)
DPF name:
CLSID name: SysProWmi Class
Installer: C:\WINDOWS\Downloaded Program Files\SysPro.inf
Codebase: http://support.dell.com/systemprofiler/SysPro.CAB
description:
classification: Legitimate
known filename: SysPro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\Dell\SystemProfiler\
Long name: SysPro.ocx
Short name:
Date (created): 1/23/2003 2:23:18 PM
Date (last access): 3/24/2008 5:06:18 PM
Date (last write): 1/23/2003 2:23:18 PM
Filesize: 86016
Attributes: archive
MD5: 2EE3E0AE6AA35F135CAE24DF2DA9B172
CRC32: A76A5BDA
Version: 2.0.0.1
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 9/7/2004 12:30:00 PM
Date (last access): 3/12/2008 3:01:20 AM
Date (last write): 5/19/2005 2:58:34 PM
Filesize: 54488
Attributes: archive
MD5: 2B75B8197F3BCBB199EAA3AFE3FB3CA3
CRC32: ED72FE89
Version: 10.1.0.11
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 8/3/2005 10:33:42 AM
Date (last access): 3/24/2008 7:54:56 PM
Date (last write): 6/19/2006 4:19:42 PM
Filesize: 571184
Attributes: archive
MD5: 31BF58C9814F840EB10A2B7A410ABEA3
CRC32: DAFAE165
Version: 1.5.540.0
{31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer)
DPF name:
CLSID name: Microsoft PID Sniffer
Installer: C:\WINDOWS\Downloaded Program Files\odc.inf
Codebase: https://support.microsoft.com/OAS/ActiveX/odc.cab
description:
classification: Legitimate
known filename: odc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: odc.dll
Short name:
Date (created): 10/26/2004 11:07:58 PM
Date (last access): 3/24/2008 7:53:48 PM
Date (last write): 10/26/2004 11:07:58 PM
Filesize: 277256
Attributes: archive
MD5: B6C36FD61195CFE4247EFC094A7A0BF8
CRC32: 34B3B3E9
Version: 3.0.34.0
{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class)
DPF name:
CLSID name: GSDACtl Class
Installer:
Codebase: https://www.gamespyid.com/alaunch.cab
description:
classification: Legitimate
known filename: gsda.dll
info link:
info source: Safer Networking Ltd.
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 2:52:58 PM
Date (last access): 3/23/2008 5:49:48 PM
Date (last write): 11/10/2005 2:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{9F1C11AA-197B-4942-BA54-47A8489BB47F} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\iuctl.inf
Codebase: http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38170.5492592593
description: Windows Update
classification: Legitimate
known filename: %WINDIR%\System32\iuctl.dll,iuengine.dll
info link:
info source: Patrick M. Kolla
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control)
DPF name:
CLSID name: Get_ActiveX Control
Installer:
Codebase: https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
description:
classification: Legitimate
known filename: HPGetDownloadManager.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\DOWNLO~1\
Long name: HPGetDownloadManager.ocx
Short name: HPGETD~1.OCX
Date (created): 3/22/2006 11:00:02 PM
Date (last access): 3/12/2008 3:01:22 AM
Date (last write): 3/22/2006 11:00:02 PM
Filesize: 88136
Attributes: archive
MD5: 200E3189656F9A29FB5BC7F71AB3F283
CRC32: 8C85B2F9
Version: 3.3.0.0
{BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: http://www.systemrequirementslab.com/sysreqlab.cab
description:
classification: Open for discussion
known filename: sysreqlab.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab.dll
Short name: SYSREQ~1.DLL
Date (created): 3/14/2006 4:09:34 PM
Date (last access): 3/24/2008 7:38:56 PM
Date (last write): 3/14/2006 4:09:34 PM
Filesize: 337920
Attributes: archive
MD5: F308705C8C8D6F9D4F9252C2C8BFC13A
CRC32: B57D1EF2
Version: 2.17.0.0
{C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control)
DPF name:
CLSID name: NsvPlayX Control
Installer: C:\WINDOWS\Downloaded Program Files\nsvplayx_vp3_mp3.inf
Codebase: http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
description:
classification: Legitimate
known filename: NSVPLA~1.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\PROGRA~1\COMMON~1\NSV\
Long name: nsvplayx_vp3_mp3.dll
Short name: NSVPLA~1.DLL
Date (created): 12/10/2003 2:36:06 PM
Date (last access): 3/24/2008 5:07:06 PM
Date (last write): 12/10/2003 2:36:06 PM
Filesize: 112128
Attributes: archive
MD5: 7DE2078460CCE8F2E7E20362434B836B
CRC32: C2824FB4
Version: 1.0.0.997
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_03
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_03\bin\
Long name: NPJPI150_03.dll
Short name: NPJPI1~1.DLL
Date (created): 4/13/2005 3:48:56 AM
Date (last access): 3/12/2008 3:01:22 AM
Date (last write): 4/13/2005 4:06:32 AM
Filesize: 69746
Attributes: archive
MD5: 13FCA03EBCA6E1F8C6481166C516D1FE
CRC32: 868C298F
Version: 5.0.30.7
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 2:52:58 PM
Date (last access): 3/24/2008 8:30:28 PM
Date (last write): 11/10/2005 2:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 2:52:58 PM
Date (last access): 3/24/2008 8:30:28 PM
Date (last write): 11/10/2005 2:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object)
DPF name:
CLSID name: CGameManagerCtrl Object
Installer: C:\WINDOWS\Downloaded Program Files\DIGGameManager.inf
Codebase: https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
description:
classification: Legitimate
known filename: DIGGameManager.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: DIGGameManager.dll
Short name: DIGGAM~1.DLL
Date (created): 1/6/2006 11:03:52 AM
Date (last access): 3/24/2008 7:38:56 PM
Date (last write): 1/6/2006 11:03:52 AM
Filesize: 229376
Attributes: archive
MD5: 9A89EA10A99937C46DF51A5A272987B7
CRC32: 8A23B774
Version: 1.2.0.13
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9b.ocx
Short name:
Date (created): 11/9/2006 3:46:28 PM
Date (last access): 3/24/2008 7:48:24 PM
Date (last write): 11/9/2006 3:46:28 PM
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0
{D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class)
DPF name:
CLSID name: SproutLauncherCtrl Class
Installer: C:\WINDOWS\Downloaded Program Files\SproutLauncher.inf
Codebase: http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab
description:
classification: Legitimate
known filename: SproutWebLauncher.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: SproutWebLauncher.dll
Short name: SPROUT~1.DLL
Date (created): 9/13/2004 4:26:02 PM
Date (last access): 3/24/2008 7:38:56 PM
Date (last write): 9/13/2004 4:26:02 PM
Filesize: 159744
Attributes: archive
MD5: 07D28A105DFE8EF72C1C4A2EA12E2A31
CRC32: FDC12284
Version: 1.0.0.10
--- Process list ---
PID: 0 ( 0) [System]
PID: 464 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 520 ( 464) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 556 ( 464) \??\C:\WINDOWS\system32\winlogon.exe
size: 502272
PID: 604 ( 556) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 616 ( 556) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 768 ( 604) C:\WINDOWS\system32\Ati2evxx.exe
size: 483328
MD5: 666E4E583A7CF1233C6425DA16ECDC89
PID: 800 ( 604) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 884 ( 604) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 960 ( 604) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1036 ( 604) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1056 ( 556) C:\WINDOWS\system32\Ati2evxx.exe
size: 483328
MD5: 666E4E583A7CF1233C6425DA16ECDC89
PID: 1140 ( 604) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1264 ( 604) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 234656
MD5: 39F90110B8904A5F8164222DC3C88C41
PID: 1400 ( 556) C:\WINDOWS\system32\sbwltbxa.exe
size: 90537
MD5: 432535DC8660CBDB7B9BC107CF9FE295
PID: 1424 ( 604) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 255136
MD5: F69A38C3BBCA92C706F8D777125D7AD2
PID: 1532 (1392) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 1828 ( 604) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 16248
MD5: 765E0E2BDB83C58FFC411DA401D8BA66
PID: 1888 ( 604) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 132472
MD5: 47DF7F40F77FCE0A134021C6BF0FF52A
PID: 172 ( 604) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 308 ( 604) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
size: 46640
MD5: 85180CF88C5EBAD73B452A43A004CA51
PID: 488 ( 604) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 110592
MD5: 1961CB10BB48EB4D97E37DB6373E9E63
PID: 580 ( 604) C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
size: 218272
MD5: 9C60AF9E86B8D99E1F4D4C4CD1385CC1
PID: 992 ( 604) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdjserv.exe
size: 99248
MD5: 3BF06CE0E9870F1FF72E30F62DC7DD83
PID: 1100 ( 604) C:\WINDOWS\system32\lxdjcoms.exe
size: 537520
MD5: 76B255EC66E5A60BDA711637088EC49C
PID: 1156 ( 604) C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 158376
MD5: D9F779AC35B8FEDB9CBF2D6963D82F63
PID: 1272 ( 604) C:\WINDOWS\system32\HPZipm12.exe
size: 69632
MD5: 9D84376931440F3679BEEF2A414FA493
PID: 1300 ( 604) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1456 ( 604) C:\WINDOWS\wanmpsvc.exe
size: 65536
MD5: EB9A99AB5D17B1727034FF191E6448D7
PID: 2136 ( 604) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 2244 ( 604) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 243064
MD5: 3F4A782FECFA42AB86CEA759EB929106
PID: 2380 ( 604) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 345464
MD5: CDED5892E327CDCBB64E598AE6C4E3E3
PID: 2548 ( 604) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2580 ( 604) C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
size: 193816
MD5: 760B4D1D222B534422BB81E5EBBACB57
PID: 3064 (1532) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 335872
MD5: F256B06F38984969A4A76248DBFA02FB
PID: 3072 (1532) C:\WINDOWS\system32\CTHELPER.EXE
size: 24576
MD5: 3C7A868402B2DD7B65AC32BED886D9E5
PID: 3104 (1532) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
PID: 3112 (1532) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
PID: 3120 (1532) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 79224
MD5: 8CF58586AE4577ED71FFE8883A6D4B3B
PID: 3136 (1532) C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: D195E74B712DD105402B90E6CB28263F
PID: 3148 (1532) C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
size: 20480
MD5: 7919769F265843BF3CAAC86EE69CD351
PID: 3156 (1532) C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 6F6493A929BC9B5762035940E825B840
PID: 3168 (1532) C:\WINDOWS\system32\regsvr32.exe
size: 11776
MD5: 9709EAD856A690333138AC40804F914E
PID: 3192 (1532) C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
size: 1142922
MD5: C3D04608BAB15AD2A92B84D3B1149AE5
PID: 3204 (1532) C:\WINDOWS\system32\MANTEC~1\chkdsk.exe
size: 89088
MD5: D29092395CF8DD07814374D60CD73E82
PID: 3284 (1532) C:\Program Files\QdrModule\QdrModule13.exe
size: 372736
MD5: 1013FB30E06AFB93EC5081BC65CB8313
PID: 3320 (1532) C:\Program Files\QdrPack\QdrPack14.exe
size: 352256
MD5: C485AD7B74C11D95816CBA483C93234B
PID: 3364 (1532) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 282624
MD5: 5597D0075861CB0A6E6087752D205C0D
PID: 3864 ( 800) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
size: 204907
MD5: 7581F2C823AF403CAB634D8CD1680517
PID: 1588 ( 604) C:\Program Files\iPod\bin\iPodService.exe
size: 504104
MD5: 1E9ED06A30FB0410CE94892F1BA6984B
PID: 2788 ( 960) C:\WINDOWS\system32\wuauclt.exe
size: 53080
MD5: F3E9065EB617A7E3A832A7976BFA021B
PID: 2620 (3104) C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
size: 241775
MD5: AAFA64AB947B1B566FEA961ACB2BCD93
PID: 3956 (1248) C:\Documents and Settings\Home\My Documents\F?nts\mshta.exe
PID: 2176 (1748) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
PID: 3096 (3296) C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
size: 1404240
MD5: 6F07D43B7491C5FC87A36F3F0DD54AEE
PID: 3244 (2444) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 1244 ( 800) C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
size: 44032
MD5: D676245199AE345548F2ED542B813D14
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 3/24/2008 8:30:28 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0077B167-6A4E-4216-A729-140193705453}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0077B167-6A4E-4216-A729-140193705453}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5893360-EAEC-49F0-93B1-0EFCBB73EDE8}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5893360-EAEC-49F0-93B1-0EFCBB73EDE8}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C50FE36A-AB74-4F6B-9B34-507B8A17DC40}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C50FE36A-AB74-4F6B-9B34-507B8A17DC40}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0170B1A5-1D69-42E6-A250-0BEC12243654}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0170B1A5-1D69-42E6-A250-0BEC12243654}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{24784758-3172-466F-8144-E09DC202F922}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{24784758-3172-466F-8144-E09DC202F922}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2679F3C5-E669-408F-A14F-263A827BC101}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2679F3C5-E669-408F-A14F-263A827BC101}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{354DFCCC-76C2-437E-9CF6-2BCAF1558F1F}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{354DFCCC-76C2-437E-9CF6-2BCAF1558F1F}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace