Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Winfixer Virus! Please help!

(New)
(!)

Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,003 posts.
 
Join Date: Aug 2003
13-Aug-2006, 03:17 PM #31
Please post the SpyBot log.
~Candy~'s Avatar
Retired Administrator with 103,708 posts.
 
Join Date: Jan 2001
Experience: Advanced
13-Aug-2006, 04:42 PM #32
Quote:
Originally Posted by Sabrina Glyndale
Hi, AcaCandy,

Thanks for the instructions. To answer your question, I currently have 224 MB. Other specs:

Toshiba Satellite
Intel (R) Pentium (R)
1.60 GHz processor

As for “complaining” about the new motherboard, one really has no rights in Russia. It's the complete opposite of what we expect in the US or a real democracy. I literally had to sign a contract before they would look at my computer, agreeing that I would not hold the company responsible if the technicians lost my data, spilled liquid on the keyboard, or damaged my computer in any way. They think they are doing you a favor by agreeing to work on your computer, regardless of the fact that you are paying them the highest fee on their payscale for this type of repair job. It's hard for someone in the West to understand, but that is the way things work here.
Actually, I DO understand. I live mostly in Mexico, and you can't get anything fixed here correctly either.
~Candy~'s Avatar
Retired Administrator with 103,708 posts.
 
Join Date: Jan 2001
Experience: Advanced
13-Aug-2006, 04:43 PM #33
Also, the ram is low for XP. Must run fairly slow under the best conditions.
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:08 AM #34
Quote:
Originally Posted by Cookiegal
Please post the SpyBot log.
Hi CookieGal.

My internet connection has been going down often lately. I'm not sure if it is the server here or whether this is also connected to the Winfixer viruses. Anyway, I will run the Spybot again right now. It doesn't generate a log--does it?--so I'll have to copy it by hand.

Back again shortly.

Sabrina
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:42 AM #35
Question Here's the latest SpyBot Log (Part One). What next?
Quote:
Originally Posted by Cookiegal
Please post the SpyBot log.
Okay, here it is. It's a long, comprehensive version. I'll have to send it in 2 parts. here is Part One:

--- Search result list ---
WinAntiVirusPro2006: Data (File, nothing done)
C:\WINDOWS\system32\stera.job

WinAntiVirusPro2006: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera

WinAntiVirusPro2006: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\BootStera

CDilla: Program directory (Directory, nothing done)
c:\C_DILLA\

Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

WinFixer: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApiMon

WinFixer: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ApiMon

Winsoftware.WinAntiVirusPro2006: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\WAP6.PCheck.1

Winsoftware.WinAntiVirusPro2006: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}

Winsoftware.WinAntiVirusPro2006: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}

Winsoftware.WinAntiVirusPro2006: Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}


--- Spybot - Search && Destroy version: 1.3 ---
2006-08-11 Includes\Cookies.sbi
2006-08-11 Includes\Dialer.sbi
2006-08-11 Includes\Hijackers.sbi
2006-08-11 Includes\Keyloggers.sbi
2004-11-29 Includes\LSP.sbi
2006-08-11 Includes\Malware.sbi
2006-08-11 Includes\PUPS.sbi
2006-08-11 Includes\Revision.sbi
2006-08-11 Includes\Security.sbi
2006-08-11 Includes\Spybots.sbi
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi


--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885855
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)


--- Startup entries list ---
Located: HK_LM:Run,
command:

Located: HK_LM:Run, !ewido
command: "C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe" /minimized
file: C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10c40f37ac87a18f624143d4fe6e8dec

Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: 32f801e868bd2006911d49128cdd6312

Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint2K\Apoint.exe
file: C:\Program Files\Apoint2K\Apoint.exe
size: 192512
MD5: e6899986d6fe0c793b3df5bae7d18b40

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: c4708c52ac71338b49334c972de96682

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 53408
MD5: 8c5d5b71e4e8a1fb8f1fa6cc57fe411e

Located: HK_LM:Run, CeEKEY
command: C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
file: C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
size: 643072
MD5: 96910c47cbcac58aa13bf7105f6b9796

Located: HK_LM:Run, CeEPOWER
command: C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
file: C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
size: 135168
MD5: 8f7e3434b0b6aec36e4dd9d42be66d43

Located: HK_LM:Run, CFSServ.exe
command: CFSServ.exe -NoClient

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122939
MD5: d8be45c9e739adcc19420199c48d0456

Located: HK_LM:Run, EzButton
command: C:\Program Files\EzButton\EzButton.EXE
file: C:\Program Files\EzButton\EzButton.EXE
size: 712704
MD5: 62c11df2ba9bfba5870cdc989b65a0e6

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 118784
MD5: a7be6761667a364687b5219b574eeb12

Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: ba96711e180c47d748805f37e1b5406a

Located: HK_LM:Run, IndexSearch
command: C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
file: C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
size: 36864
MD5: ee0d774fcf0c75f043d96ed34fc45441

Located: HK_LM:Run, IVPServiceMgr
command: C:\toshiba\ivp\ism\ivpsvmgr.exe
file: C:\toshiba\ivp\ism\ivpsvmgr.exe
size: 475136
MD5: 699e60af3e787bef35717ae711c25547

Located: HK_LM:Run, LtMoh
command: C:\Program Files\ltmoh\Ltmoh.exe
file: C:\Program Files\ltmoh\Ltmoh.exe
size: 184320
MD5: cae4adee7be5c6ad35c84d10a866977e

Located: HK_LM:Run, NDSTray.exe
command: NDSTray.exe

Located: HK_LM:Run, OneTouch Monitor
command: C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
file: C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
size: 90112
MD5: 046a960a0536959b6f989a72d1bec6d8

Located: HK_LM:Run, PadTouch
command: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
file: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
size: 1089589
MD5: 062d0e5bbf64d78d90502f7d0bdc3d6f

Located: HK_LM:Run, Pinger
command: c:\toshiba\ivp\ism\pinger.exe /run
file: c:\toshiba\ivp\ism\pinger.exe
size: 159744
MD5: eb3c8c07a1c1286baa3a676e1d16394d

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

Located: HK_LM:Run, SmoothView
command: C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
file: C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
size: 135168
MD5: eb7d30c5d9c397da4f9d2725a910c5d8

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100

Located: HK_LM:Run, TPNF
command: C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
file: C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
size: 53248
MD5: 1ba1d72436bc7d5090966a3f1038bbf9

Located: HK_LM:Run, ZoomingHook
command: c:\WINDOWS\System32\ZoomingHook.exe
file: c:\WINDOWS\System32\ZoomingHook.exe
size: 24576
MD5: 2cdce2ef3bfb8148042b92d0929cb382

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, TeleAuth
command: C:\Documents and Settings\Sabrina\Desktop\teleauth.exe

Located: HK_CU:Run, TOSCDSPD
command: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
file: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
size: 65536
MD5: 383b71dcb691ccaeea445acb9150ddd3

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a



--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
BHO name:
CLSID name: Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
Long name: yt.dll
Short name:
Date (created): 8/11/2006 11:12:34 PM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 6/7/2006 11:09:22 AM
Filesize: 399352
Attributes: archive
MD5: 8BBB9FEEC360F11867B28059B5360843
CRC32: 12033757
Version: 7.213.0.11

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\
Long name: AcroIEHelper.ocx
Short name: ACROIE~1.OCX
Date (created): 8/19/2004 8:26:12 PM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 3/2/2001 3:02:04 PM
Filesize: 37808
Attributes: archive
MD5: 8394ABFC1BE196A62C9F532511936DF7
CRC32: 71D6E350
Version: 0.1.0.0

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 5/12/2004 5:03:00 AM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 5/12/2004 5:03:00 AM
Filesize: 744960
Attributes: archive
MD5: ABF5BA518C6A5ED104496FF42D19AD88
CRC32: 5587736E
Version: 0.1.0.3

{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 1/29/2005 10:17:56 PM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 7/14/2004 5:04:00 AM
Filesize: 118842
Attributes: archive
MD5: 4A2B3E0C005BF2D4A4429FAB617F6E52
CRC32: 2595B197
Version: 0.1.0.4

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 3/2/2006 3:53:00 AM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 11/10/2005 3:22:12 AM
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 0.5.0.0

{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
Path: C:\Program Files\Norton AntiVirus\
Long name: NavShExt.dll
Short name:
Date (created): 2/4/2006 3:03:32 PM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 2/4/2006 3:03:32 PM
Filesize: 140960
Attributes: archive
MD5: 2BBF8C0CF0E439ADA20789CD3D0FB57B
CRC32: F87D6BA5
Version: 0.12.0.2

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 3/1/2006 6:22:12 AM
Date (last access): 8/14/2006 7:50:46 AM
Date (last write): 2/14/2006 5:05:30 AM
Filesize: 1191424
Attributes: readonly archive
MD5: 677C42CD9FE9C13B4B7B601A2E4065B0
CRC32: 58231F90
Version: 0.3.0.0
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:45 AM #36
SpyBot Log (Part 2)
SpyBot Log (Part 2):



--- ActiveX list ---
{01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class)
DPF name:
CLSID name: SupportSoft Script Runner Class
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\
Long name: tgctlsr.dll
Short name:
Date (created): 6/16/2005 3:25:00 PM
Date (last access): 8/13/2006 6:11:46 AM
Date (last write): 6/16/2005 3:25:00 PM
Filesize: 413696
Attributes: archive
MD5: 47EA24991C9184C8186E5447BE22F364
CRC32: 60CB0CA4
Version: 0.6.0.9

{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object)
DPF name:
CLSID name: CKAVWebScan Object
Path: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\
Long name: kavwebscan.dll
Short name: KAVWEB~1.DLL
Date (created): 3/20/2006 3:17:20 AM
Date (last access): 8/13/2006 6:11:46 AM
Date (last write): 3/20/2006 3:17:20 AM
Filesize: 798720
Attributes: archive
MD5: F74B09086C2097BC535C5DCCCD3402AC
CRC32: 01AA9D3D
Version: 0.5.0.0

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 8/11/2006 11:15:40 PM
Date (last access): 8/13/2006 6:11:44 AM
Date (last write): 7/28/2006 9:06:12 AM
Filesize: 54960
Attributes: archive
MD5: 14115D5C1DE5F3103C169B7F4D1D562A
CRC32: 819F0513
Version: 0.10.0.1

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 9:04:22 AM
Date (last access): 8/14/2006 7:49:10 AM
Date (last write): 6/19/2006 6:19:42 AM
Filesize: 571184
Attributes: archive
MD5: 31BF58C9814F840EB10A2B7A410ABEA3
CRC32: DAFAE165
Version: 0.1.0.5

{193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control)
DPF name:
CLSID name: ewidoOnlineScan Control
Path: C:\WINDOWS\DOWNLO~1\
Long name: ewidoOnlineScan.dll
Short name: EWIDOO~1.DLL
Date (created): 7/10/2006 11:41:36 PM
Date (last access): 8/14/2006 8:10:54 AM
Date (last write): 7/10/2006 11:41:36 PM
Filesize: 345656
Attributes: archive
MD5: B284992540E0FA2B76DEA56F93D49A16
CRC32: FD2E709C
Version: 0.1.0.0

{1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class)
DPF name:
CLSID name: LSSupCtl Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: LSSupCtl.dll
Short name:
Date (created): 10/27/2004 4:10:26 AM
Date (last access): 8/14/2006 8:10:54 AM
Date (last write): 10/27/2004 4:10:26 AM
Filesize: 111752
Attributes: archive
MD5: C8FEBEA460AAD5C1B6817F9676E03F78
CRC32: 807349F9
Version: 0.3.0.1

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 1/18/2005 5:07:18 AM
Date (last access): 8/14/2006 8:12:10 AM
Date (last write): 1/18/2005 5:07:18 AM
Filesize: 326656
Attributes: archive
MD5: 20393D64F69F26361A97FD9AFB3C9243
CRC32: 0B4DBA7F
Version: 0.11.0.0

{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnPUpld.dll
Short name:
Date (created): 10/8/2004 8:01:22 PM
Date (last access): 8/14/2006 8:10:54 AM
Date (last write): 10/8/2004 8:01:22 PM
Filesize: 372736
Attributes: archive
MD5: D2ED523BB0FE94F8F492BEFE1C336040
CRC32: C4677625
Version: 0.10.0.0

{6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager)
DPF name:
CLSID name: Symantec Download Manager
Path: C:\WINDOWS\Downloaded Program Files\
Long name: symdlmgr.dll
Short name:
Date (created): 4/20/2006 11:05:42 AM
Date (last access): 8/14/2006 8:10:54 AM
Date (last write): 4/20/2006 11:05:42 AM
Filesize: 227840
Attributes: archive
MD5: F6BE7971966A7EBB5873F2172F72BC58
CRC32: 8EA3B9D1
Version: 0.7.0.0

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 3:52:58 AM
Date (last access): 8/13/2006 6:11:48 AM
Date (last write): 11/10/2005 3:22:12 AM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0

{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 12/19/2005 2:35:32 PM
Date (last access): 8/14/2006 8:10:54 AM
Date (last write): 4/11/2006 7:10:10 AM
Filesize: 135168
Attributes: archive
MD5: 7267AE9C8DF527C30885DC29687D2A9B
CRC32: 1B1733A3
Version: 0.58.0.5

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 3:52:58 AM
Date (last access): 8/14/2006 8:34:02 AM

Date (last write): 11/10/2005 3:22:12 AM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 3:52:58 AM
Date (last access): 8/14/2006 8:34:02 AM
Date (last write): 11/10/2005 3:22:12 AM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9.ocx
Short name:
Date (created): 8/11/2006 11:12:34 PM
Date (last access): 8/14/2006 7:56:44 AM
Date (last write): 6/22/2006 1:44:22 PM
Filesize: 2201224
Attributes: readonly archive
MD5: 99F80CA1EBE95677668F54CAC6F4AD6D
CRC32: B7385E3B
Version: 0.9.0.0



--- Process list ---
Spybot - Search && Destroy process list report, 8/14/2006 8:34:01 AM

PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 288 ( 988) C:\WINDOWS\system32\spoolsv.exe
PID: 520 ( 988) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PID: 568 ( 988) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PID: 588 ( 988) C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
PID: 604 ( 804) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PID: 620 ( 804) C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
PID: 636 ( 988) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PID: 672 ( 804) C:\WINDOWS\system32\dla\tfswctrl.exe
PID: 732 ( 804) C:\Program Files\ltmoh\Ltmoh.exe
PID: 740 ( 804) C:\WINDOWS\AGRSMMSG.exe
PID: 752 ( 804) C:\Program Files\Apoint2K\Apoint.exe
PID: 768 ( 804) C:\Program Files\EzButton\EzButton.EXE
PID: 804 ( 748) C:\WINDOWS\Explorer.EXE
PID: 812 ( 804) C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PID: 828 ( 988) C:\WINDOWS\system32\cisvc.exe
PID: 872 ( 4) \SystemRoot\System32\smss.exe
PID: 904 ( 804) C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PID: 908 ( 988) C:\WINDOWS\system32\DVDRAMSV.exe
PID: 916 ( 804) C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
PID: 920 ( 872) csrss.exe
PID: 944 ( 872) \??\C:\WINDOWS\system32\winlogon.exe
PID: 988 ( 944) C:\WINDOWS\system32\services.exe
PID: 1000 ( 944) C:\WINDOWS\system32\lsass.exe
PID: 1064 ( 804) C:\WINDOWS\System32\ZoomingHook.exe
PID: 1192 ( 988) C:\WINDOWS\system32\svchost.exe
PID: 1228 ( 804) C:\WINDOWS\system32\igfxtray.exe
PID: 1244 ( 988) svchost.exe
PID: 1280 ( 988) C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\guard.exe
PID: 1316 ( 988) C:\Program Files\Norton AntiVirus\navapsvc.exe
PID: 1320 ( 988) C:\WINDOWS\System32\svchost.exe
PID: 1384 ( 988) svchost.exe
PID: 1488 ( 988) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
PID: 1532 ( 804) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
PID: 1552 ( 988) C:\WINDOWS\system32\svchost.exe
PID: 1572 ( 988) svchost.exe
PID: 1648 ( 988) c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
PID: 1784 ( 988) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PID: 1808 ( 988) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PID: 1884 ( 988) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PID: 1900 ( 988) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PID: 1952 ( 988) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 2028 ( 988) wdfmgr.exe
PID: 2132 ( 804) C:\WINDOWS\system32\hkcmd.exe
PID: 2172 (2148) C:\Program Files\Apoint2K\Apntex.exe
PID: 2248 ( 804) C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PID: 2256 ( 804) C:\toshiba\ivp\ism\ivpsvmgr.exe
PID: 2264 ( 804) C:\Program Files\Real\RealPlayer\RealPlay.exe
PID: 2280 ( 804) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PID: 2292 ( 804) C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe
PID: 2300 ( 804) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PID: 2312 ( 804) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
PID: 2324 ( 804) C:\WINDOWS\system32\ctfmon.exe
PID: 2548 (1192) C:\Program Files\Messenger\msmsgs.exe
PID: 2900 ( 804) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PID: 3008 ( 804) C:\Program Files\Internet Explorer\iexplore.exe
PID: 3100 (3768) C:\Program Files\Windows Media Player\wmplayer.exe
PID: 3348 (1192) C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCSRVCE.EXE
PID: 3768 ( 804) C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID: 3816 ( 828) C:\WINDOWS\system32\cidaemon.exe
PID: 3908 ( 988) alg.exe


--- Browser start & search pages list ---
Spybot - Search && Destroy browser pages report, 8/14/2006 8:34:01 AM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.doteasy.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.toshiba.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Irda [IrDA]
GUID: {3972523D-2AF1-11D1-B655-00805F3642CC}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Infrared protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Irda [IrDA]

Protocol 1: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 2: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 3: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 4: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9695679C-C41B-4B93-8A52-8B34D8517C02}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9695679C-C41B-4B93-8A52-8B34D8517C02}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38AAB0D9-F693-43CD-A9A9-A41396D816CC}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38AAB0D9-F693-43CD-A9A9-A41396D816CC}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8E775B06-54D4-48C5-9F77-1639B43A29C5}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8E775B06-54D4-48C5-9F77-1639B43A29C5}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F558CA23-D3A9-4ED9-91EF-B5067602FD9F}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F558CA23-D3A9-4ED9-91EF-B5067602FD9F}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{847257ED-1939-4E8C-8058-3C1488E31CB5}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{847257ED-1939-4E8C-8058-3C1488E31CB5}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38552A31-6ECC-4239-A0F3-0759457FF0D4}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38552A31-6ECC-4239-A0F3-0759457FF0D4}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11B60DA0-9147-48DC-BCA1-3C36D4E61D61}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11B60DA0-9147-48DC-BCA1-3C36D4E61D61}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF14E8F7-5567-4016-9FD1-9366DCBCEB86}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF14E8F7-5567-4016-9FD1-9366DCBCEB86}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:48 AM #37
Mexico! Wow. Well, it's nice to know someone out there knows what this is like :-)

Sabrina
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:51 AM #38
Cool How Do I Increase RAM???
Quote:
Originally Posted by AcaCandy
Also, the ram is low for XP. Must run fairly slow under the best conditions.
Hi, AcaCandy. Well, is there anything I can do to increase RAM? As I mentioned a while back, I bought this computer brand-new only in March 2005. Surely it is not worn out already?

Please advise. Thank you very much!

Sabrina
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 08:59 AM #39
Unhappy Travelling on British Airways !!
Hi again, AcaCandy.

I don't know whether I should start a new thread for this or what, but since you're an experienced traveler over there in Mexico, maybe you can answer this.

You have no doubt heard about the foiled terrorist plot in London and how British Airways is now forbidding passengers from bringing anything on board except wallets and purses. No laptop computers are allowed. I am flying back to the United States next week...British Airways flights all the way, fifteen hours.

Thus, I will be forced to pack this Toshiba in my suitcase. How risky is this?? If you were in my situation, what would you do to insulate the computer?

Any suggestions would be much appreciated!

Sabrina
~Candy~'s Avatar
Retired Administrator with 103,708 posts.
 
Join Date: Jan 2001
Experience: Advanced
14-Aug-2006, 09:48 AM #40
I think I just heard on the news that they lifted the laptop ban in the UK, so it sounds like you're in luck. I wouldn't want to pack my laptop in the suitcase. That would be a baggage handler's dream I've had things stolen out of my luggage in the past Where are you heading to? I'm heading back on 9/2 -- hopefully they have things more orderly by then.

As to the ram, when you are in the U.S. call Toshiba customer support and they should be able to tell you if that machine can support more ram. My best guess is that you should be either able to replace the chip in there totally or add a second chip to bump it up to at least 512 ram.
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 10:29 AM #41
Question Questions about RAM
Hi, AcaCandy.

I'm going back next week: Friday, August 25, to the United States. I will only have one month, and then I'm coming back here to Russia (to travel deeper into Siberia and the Far East for research for my second book. Call me a masochist!)

So you're saying I don't have enough RAM? I should buy more? But I thought I had bought a powerful machine! How much do these things cost? Can the amount of data one has stored on the hard drive slow down RAM? What other things can "reduce" RAM?

I hope you have a smooth flight home! :-)

Sabrina
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
14-Aug-2006, 10:34 AM #42
Red face "Server Execution Failed"
Hi CookieGal.

Just so you have all the information, I am also getting a popup message from the Norton Protection Center, Symantec: "Server Execution Failed" (0x8008005)....whatever that means.

Can you tell me what it does mean and how to fix it, along with the other problems? Thank you very much!

Sabrina
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,003 posts.
 
Join Date: Aug 2003
14-Aug-2006, 07:30 PM #43
Have SpyBot fix the items it found and then scan again.

Please provide the entire error that you are getting with Norton.
Sabrina Glyndale's Avatar
Sabrina Glyndale Sabrina Glyndale is offline
Computer Specs
Member with 40 posts.
THREAD STARTER
 
Join Date: Apr 2006
Experience: Computer Illiterate
16-Aug-2006, 03:38 PM #44
Question Spybot: "Some problems couldn't be fixed". Now what?
Hi CookieGal.

Well, I ran Spybot and clicked "Fix problems." Then this message appeared:

"Some problems couldn't be fixed. The reason could be that the associated files are still in use (in memory). may Spybot S & D run on your next system start up?"

What should I do??? (Just a computer illiterate over here). Thanks for your help.

Sabrina
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,003 posts.
 
Join Date: Aug 2003
16-Aug-2006, 09:43 PM #45
Allow Spybot to run at startup. That way it should be able to fix those items. Let me know how it goes.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑