Uutta logia jotain vialla?

Moi
tässä taas vähään aikaan en ole laittanut logia joten tässä se olisi. Ajoi myös tuon F-Secure Online Virus Scannerin ja se löysi jotakin, laitan sen login tähän perään, samoin ajoin läpi Spybotin siitä kanssa laitan login tähän perään.




Tässä alkuun tuo hijackthishin uusin logi


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:24:05, on 10.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\Macromed\Shockwave 8\PostUpdate.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\progra~1\common~1\instal~1\update~1\isuspm.exe
c:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://haku.soneraplaza.fi/haku/queryie5.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fsnordic.net/discussion
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\RunOnce: [SpybotDeletingA3329] command /c del "C:\WINDOWS\SchedLgU.Txt"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5664] cmd /c del "C:\WINDOWS\SchedLgU.Txt"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 8\PostUpdate.exe" 1014021
O4 - HKCU\..\RunOnce: [SpybotDeletingB7363] command /c del "C:\WINDOWS\SchedLgU.Txt"
O4 - HKCU\..\RunOnce: [SpybotDeletingD211] cmd /c del "C:\WINDOWS\SchedLgU.Txt"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220229976546
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://195.196.35.91/activex/AxisCamControl.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 12758 bytes

_________________________________________________

Sitten Spybotin Logi olisi tälläinen

--- Search result list ---
Päivän vihje: Napsauta oikealla olevaa palkkia nähdäksesi lisätietoja! ()


Right Media: Vakoilueväste (Internet Explorer: HP_Omistaja) (Eväste, nothing done)


Common Dialogs: History (34 files) (Rekisteriavain, fixed)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: SchedLgU.Txt (Varmuuskopio, fixed)
C:\WINDOWS\SchedLgU.Txt

Log: Install: setupapi.log (Varmuuskopio, fixed)
C:\WINDOWS\setupapi.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Varmuuskopio, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Internet Explorer: [SBI $1E8157BE] Typed URL list (4 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $FF589D0C] Download directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Internet Explorer\Download Directory

MS Media Player: [SBI $E48560B4] Recent file list (9 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Direct3D: [SBI $7FB7B83F] Most recent application (Muutos rekisterissä, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Muutos rekisterissä, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows: [SBI $1E4E2003] Drivers installation paths (Muutos rekisterissä, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (2 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (2 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (1 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (3 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Rekisterin arvo, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinZip: [SBI $4912A1BE] Recent extracted file list (3 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\extract

WinZip: [SBI $462D4A59] Recent created file list (15 tiedostoa) (Rekisteriavain, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\filemenu

WinZip: [SBI $1059E532] Number of times run (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $669C1037] Default directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\DefDir

WinZip: [SBI $1FCFAF16] Default directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $E95B93ED] Add files directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $FF613757] Destination directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\ExtractTo

WinZip: [SBI $9EC1EAC6] Add files directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $214A5C12] Destination directory (Muutos rekisterissä, fixed)
HKEY_USERS\S-1-5-21-718480324-28727023-3447165594-1008\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

Cookie: [SBI $49804B54] Eväste (73) (Eväste, fixed)


Cache: [SBI $49804B54] Välimuisti (3613) (Välimuisti, fixed)


History: [SBI $49804B54] Historia (478) (Historia, fixed)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-09-01 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-10-28 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-11-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-04 Includes\Malware.sbi (*)
2008-11-04 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-11-04 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-11-04 Includes\Spyware.sbi (*)
2008-11-04 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2008-11-04 Includes\Trojans.sbi (*)
2008-11-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Suojauspäivitys Windows Media Player 10:lle (KB936782)
/ Windows Media Player 11: Suojauspäivitys Windows Media Player 11:lle (KB936782)
/ Windows Media Player 11: Hotfix-korjauspäivitys Windows Media Player 11:lle (KB939683)
/ Windows Media Player 11: Suojauspäivitys Windows Media Player 11:lle (KB954154)
/ Windows Media Player 6.4: Suojauspäivitys Windows Media Player 6.4:lle (KB925398)
/ Windows XP: Suojauspäivitys ohjelmistolle Windows XP (KB923689)
/ Windows XP: Suojauspäivitys ohjelmistolle Windows XP (KB941569)
/ Windows XP / SP0: Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)
/ Windows XP / SP0: Suojauspäivitys Windows Internet Explorer 7:lle (KB938127-v2)
/ Windows XP / SP0: Suojauspäivitys Windows Internet Explorer 7:lle (KB953838)
/ Windows XP / SP0: Suojauspäivitys Windows Internet Explorer 7:lle (KB956390)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB883667
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888239
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB894391)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB896358)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB896423)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB896428)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB898461)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB899587)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB899591)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB900485)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB900725)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB901017)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB901214)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB902400)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB904942)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB905414)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB905749)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB908519)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB908531)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB910437)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB911280)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB911562)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB911927)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB913580)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB914388)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB914389)
/ Windows XP / SP3: Hotfix-päivitys Windows XP:lle (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB916595)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB918118)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB918439)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB920213)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB920670)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB920683)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB920685)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB920872)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB922582)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB923191)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB923414)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB923980)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB924270)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB924667)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB926255)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB926436)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB927779)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB927802)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB927891)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB928255)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB928843)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB929123)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB930178)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB930916)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB931261)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB931784)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB932168)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB932823-v3)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB933729)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB935839)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB935840)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB936021)
/ Windows XP / SP3: Päivitys Windows XP:lle (KB938828)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB941693)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB943055)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB943460)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB943485)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB944338-v2)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB944653)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB945553)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB946026)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB948590)
/ Windows XP / SP3: Suojauspäivitys Windows XP:lle (KB950749)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB938464)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB946648)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB950762)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB950974)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB951066)
/ Windows XP / SP4: Päivitys Windows XP:lle (KB951072-v2)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB951376-v2)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB951698)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB951748)
/ Windows XP / SP4: Hotfix-päivitys Windows XP:lle (KB952287)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB952954)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB953838)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB953839)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB954211)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB956391)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB956803)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB956841)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB957095)
/ Windows XP / SP4: Suojauspäivitys Windows XP:lle (KB958644)


--- Startup entries list ---
Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: E7BE65BF79906AEBC698E077D53F6A1C

Located: HK_LM:Run, AlcxMonitor
command: ALCXMNTR.EXE
file: C:\WINDOWS\ALCXMNTR.EXE
size: 57344
MD5: 7B8875A5B04932AC73AFD8079864DB68

Located: HK_LM:Run, ATICCC
command: "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
file: C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
size: 45056
MD5: 64C4C17BF6A40FF1CD21205E6FD415B8

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: F259DCC4854D80040C8AB649F5993665

Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 58728
MD5: 3D64C4ACBB9B3BFC454565AC6C2C844E

Located: HK_LM:Run, CnxTrApp
command: rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
file: C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll
size: 247296
MD5: 8808EF7C82E3DBB0F7E744D9F73B11E9

Located: HK_LM:Run, HPHmon06
command: C:\WINDOWS\system32\hphmon06.exe
file: C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: 947A6285A895222D70494C7D4DF88913

Located: HK_LM:Run, HPHUPD06
command: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
file: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
size: 49152
MD5: ECA65CC095BD6D541A4798294F61E52A

Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: FB9E5C251CF6C37749F296BACB34A69B

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 289576
MD5: 8EFB041989185BED47072353B73D6355

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: C81BE1B951C36E97D3DA90DA745DA5F7

Located: HK_LM:Run, LogitechCommunicationsManager
command: "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
file: C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
size: 488984
MD5: 022DB38BECB5A44DA6F7E27923457624

Located: HK_LM:Run, LogitechQuickCamRibbon
command: "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
file: C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
size: 774168
MD5: 6B84B11CFAD4173733DD96C810D9BC6F

Located: HK_LM:Run, LSBWatcher
command: c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
file: c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
size: 253952
MD5: 9819C4F68686E9FE1D62DD0D4767DDD5

Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 90112
MD5: FF8CCC86C4E42F59B189BD28D362B599

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 413696
MD5: 6CD5C3276C83F72677D647F27EE14ABD

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 233472
MD5: 310F1E8A0781887BA1C217448C0E4D48

Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: EF717299B460F556A31B8C9CE35CBF15

Located: HK_LM:RunOnce, SpybotDeletingA3329
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:RunOnce, SpybotDeletingC5664
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-19...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: E8E7CE0D379630E7B0015E48FA90499B

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-20...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: E8E7CE0D379630E7B0015E48FA90499B

Located: HK_CU:Run, ccleaner
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
file: C:\Program Files\CCleaner\CCleaner.exe
size: 1234160
MD5: 492C724DBDA1F77BB8817996DA8EDEC1

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: E8E7CE0D379630E7B0015E48FA90499B

Located: HK_CU:Run, msnmsgr
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 5724184
MD5: 27514A975985206FDCAA6A899764360A

Located: HK_CU:RunOnce, SpybotDeletingB7363
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: command /c del "C:\WINDOWS\SchedLgU.Txt"
file: command /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SpybotDeletingD211
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
file: cmd /c del "C:\WINDOWS\SchedLgU.Txt"
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:RunOnce, SWHelper
where: S-1-5-21-718480324-28727023-3447165594-1008...
command: "C:\WINDOWS\system32\Macromed\Shockwave 8\PostUpdate.exe" 1014021
file: C:\WINDOWS\system32\Macromed\Shockwave 8\PostUpdate.exe
size: 53248
MD5: 83C922DC4BB3E408BFD5C8D15633025C

Located: Käynnistys (yleinen), Adobe Reader Speed Launch.lnk
where: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: DEB88AEF013DD1EEFB462D7CAD642166

Located: Käynnistys (yleinen), HP Digital Imaging Monitor.lnk
where: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 258048
MD5: C519CEC624CF9BCBA3059F32266C8FFF

Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocxAcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 14.12.2004 0:56:50
Date (last access): 10.11.2008 17:54:08
Date (last write): 14.12.2004 0:56:50
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: ssv.dll
Short name:
Date (created): 11.9.2008 16:51:46
Date (last access): 10.11.2008 17:57:32
Date (last write): 10.6.2008 3:27:02
Filesize: 509328
Attributes: archive
MD5: F921D875A1CBD69A6A462BA2514BC831
CRC32: 38AC9EE2
Version: 6.0.70.6

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Liven kirjautumisapuohjelma)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Liven kirjautumisapuohjelma
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20.9.2007 9:30:18
Date (last access): 10.11.2008 17:57:32
Date (last write): 20.9.2007 9:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1

{BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NAV Helper
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: http://www.symantec.com/nav/nav_9xnt/
info source: TonyKlein
Path: c:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 21.9.2004 9:39:44
Date (last access): 10.11.2008 17:57:32
Date (last write): 28.11.2005 13:58:30
Filesize: 218768
Attributes: archive
MD5: 9022CF20B1123DCB0019FF9E5991450B
CRC32: 5BB3B865
Version: 11.0.16.2



--- ActiveX list ---
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220229976546
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 30.7.2007 18:18:34
Date (last access): 10.11.2008 17:57:30
Date (last write): 18.7.2008 21:07:32
Filesize: 210976
Attributes: archive
MD5: C5F2BE2C84D119CCE6DB901EA49D1528
CRC32: D65E48EB
Version: 7.2.6001.784

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10.6.2008 1:32:34
Date (last access): 10.11.2008 15:46:12
Date (last write): 10.6.2008 3:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class)
DPF name:
CLSID name: CamImage Class
Installer: C:\WINDOWS\Downloaded Program Files\AxisCamControl.inf
Codebase: http://195.196.35.91/activex/AxisCamControl.cab
description:
classification: Legitimate
known filename: AxisCamControl.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: AxisCamControl.ocx
Short name: AXISCA~1.OCX
Date (created): 11.7.2003 11:09:34
Date (last access): 10.11.2008 17:57:30
Date (last write): 11.7.2003 11:09:34
Filesize: 188416
Attributes: archive
MD5: B0FFDCCCC185D95D86A9738F6D3F48DC
CRC32: D2BB9C50
Version: 2.20.0.6

{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3)
DPF name:
CLSID name: F-Secure Online Scanner 3.3
Installer: C:\WINDOWS\Downloaded Program Files\fscax.inf
Codebase: http://support.f-secure.com/ols/fscax.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: fscax.dll
Short name:
Date (created): 27.2.2008 16:00:12
Date (last access): 10.11.2008 17:57:30
Date (last write): 27.2.2008 16:00:12
Filesize: 262144
Attributes: archive
MD5: DA4CB993C1FC5217C55902CBB0551DCD
CRC32: 00E55D09
Version: 3.3.2.0

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10.6.2008 1:32:34
Date (last access): 10.11.2008 18:18:24
Date (last write): 10.6.2008 3:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 10.6.2008 1:32:34
Date (last access): 10.11.2008 18:18:24
Date (last write): 10.6.2008 3:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 25.3.2008 4:32:42
Date (last access): 10.11.2008 17:47:28
Date (last write): 25.3.2008 4:32:42
Filesize: 2991488
Attributes: readonly archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 9.0.124.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 452 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 688 ( 452) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 716 ( 452) \??\C:\WINDOWS\system32\winlogon.exe
size: 502784
PID: 764 ( 716) C:\WINDOWS\system32\services.exe
size: 108544
MD5: C2F8F8343435FC080C2DE25A410E09E8
PID: 776 ( 716) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 39726087F99C7775B2EA1F2990709817
PID: 928 ( 764) C:\WINDOWS\system32\Ati2evxx.exe
size: 405504
MD5: B1C9B1A2EDD766FABFAEF059CB5D5A6E
PID: 940 ( 764) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 1000 ( 764) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 1140 ( 764) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 1252 ( 764) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 1296 ( 764) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 1544 ( 716) C:\WINDOWS\system32\Ati2evxx.exe
size: 405504
MD5: B1C9B1A2EDD766FABFAEF059CB5D5A6E
PID: 1652 (1576) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 0F88A5B1CA666754C4C62AD3DB4730EF
PID: 1696 ( 764) c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
size: 235168
MD5: 027BE2FE7F4CF55C24781BE364BAC6DB
PID: 1752 ( 764) c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 181608
MD5: 6B6A1C14D3CDE65154BEA6F8A0EC3A79
PID: 1792 ( 764) c:\Program Files\Norton Internet Security\ISSVC.exe
size: 83584
MD5: 64BC5239264896C8D8FCE558CFBA029B
PID: 1804 ( 764) c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 177296
MD5: E742616A7109421EB50158E09EF30102
PID: 1816 ( 764) c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 5815052B868B96CAE6CE3D4C53E971EB
PID: 1860 ( 764) c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
size: 173160
MD5: 08FA56B7C13B4CBF0E5D351AECAD92B1
PID: 2020 ( 764) c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 197992
MD5: 473BD4FC74F697ADB1FFF231C4B82915
PID: 440 ( 764) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 512 ( 764) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
size: 109344
MD5: 995D0B52870C7A5CAF3EA165FD674A35
PID: 668 ( 764) C:\WINDOWS\system32\agrsmsvc.exe
size: 13312
MD5: EFBC44FBD75E4F80BD927AEBF6E7EADE
PID: 680 ( 764) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 116040
MD5: B8E865D24F2753A35CC2A9A6A3CE1AD4
PID: 908 ( 764) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 7768CE75C5CBF0D8F441CE2BBD806B7F
PID: 1068 ( 764) C:\Program Files\Bonjour\mDNSResponder.exe
size: 238888
MD5: 9EFE4236F8670846B6E7C5B0EFF6E715
PID: 1092 ( 764) C:\WINDOWS\system32\cisvc.exe
size: 5632
MD5: 2C40989F9CEE5B9EA6D6737C7C654D42
PID: 1136 ( 764) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
size: 53248
MD5: 9BD7ADD61B031307DD075E5E6A917C4D
PID: 1384 ( 764) C:\WINDOWS\system32\HPZipm12.exe
size: 69632
MD5: 9D84376931440F3679BEEF2A414FA493
PID: 1588 ( 764) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 34C8D42B876703B3ABF0562307428561
PID: 2000 ( 764) c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 2988 ( 764) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 68276E67DA0274CA30DB2FC0E42C38C5
PID: 3428 (1652) C:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 3560 (1652) C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: E7BE65BF79906AEBC698E077D53F6A1C
PID: 3700 (1652) C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: 947A6285A895222D70494C7D4DF88913
PID: 3712 (1652) C:\HP\KBD\KBD.EXE
size: 61440
MD5: C81BE1B951C36E97D3DA90DA745DA5F7
PID: 3736 (1652) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 58728
MD5: 3D64C4ACBB9B3BFC454565AC6C2C844E
PID: 3776 (1652) C:\WINDOWS\ALCXMNTR.EXE
size: 57344
MD5: 7B8875A5B04932AC73AFD8079864DB68
PID: 3836 (1652) C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
size: 253952
MD5: 9819C4F68686E9FE1D62DD0D4767DDD5
PID: 3848 (1652) C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: 71EAC25AAFEA6BDDCBE5D09A2F218305
PID: 3916 (1652) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7
PID: 4068 (1652) C:\Program Files\QuickTime\QTTask.exe
size: 413696
MD5: 6CD5C3276C83F72677D647F27EE14ABD
PID: 564 (1652) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
size: 45056
MD5: 64C4C17BF6A40FF1CD21205E6FD415B8
PID: 372 (1652) C:\Program Files\iTunes\iTunesHelper.exe
size: 289576
MD5: 8EFB041989185BED47072353B73D6355
PID: 1104 (1652) C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
size: 488984
MD5: 022DB38BECB5A44DA6F7E27923457624
PID: 1620 (1652) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: E8E7CE0D379630E7B0015E48FA90499B
PID: 2172 (1652) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 258048
MD5: C519CEC624CF9BCBA3059F32266C8FFF
PID: 2196 (1652) C:\WINDOWS\system32\Macromed\Shockwave 8\PostUpdate.exe
size: 53248
MD5: 83C922DC4BB3E408BFD5C8D15633025C
PID: 2812 ( 940) C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
size: 252704
MD5: AD7503D6857DBFFC7E5F2E96BC9CC283
PID: 2860 ( 764) C:\Program Files\iPod\bin\iPodService.exe
size: 536872
MD5: D2E8EFB8AF35FCF5A7AF22F5A0CE1A82
PID: 3280 ( 940) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
size: 230936
MD5: 4F97F4BE05F1DBF89E493ED85EC1013B
PID: 1268 ( 564) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
size: 45056
MD5: 64C4C17BF6A40FF1CD21205E6FD415B8
PID: 1224 (1092) C:\WINDOWS\system32\cidaemon.exe
size: 8192
MD5: F8A6384502CF297545E6E53C080228F9
PID: 2128 (1652) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 5724184
MD5: 27514A975985206FDCAA6A899764360A
PID: 2752 ( 764) C:\Program Files\Windows Live\Messenger\usnsvc.exe
size: 98328
MD5: 9D19B042A4FD5C02195071EA2FE0C821
PID: 5076 (3916) c:\progra~1\common~1\instal~1\update~1\isuspm.exe
size: 221184
MD5: FB9E5C251CF6C37749F296BACB34A69B
PID: 4980 ( 940) c:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
size: 503808
MD5: 9212D6DF2A00DAB5C0C8A65399167CB2
PID: 5276 (1652) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 10.11.2008 18:18:23

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://haku.soneraplaza.fi/haku/queryie5.jsp
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.fsnordic.net/discussion
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q305&bd=pavilion&pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07857BC2-CC09-45D3-BAFB-4095B3751765}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07857BC2-CC09-45D3-BAFB-4095B3751765}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{441AAC0F-E06B-4724-A760-70475CD23555}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{441AAC0F-E06B-4724-A760-70475CD23555}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AE5A8067-290D-497D-8CA2-895223A3F57B}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AE5A8067-290D-497D-8CA2-895223A3F57B}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\Ne