1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Winfixer Virus! Please help!

Discussion in 'Virus & Other Malware Removal' started by Sabrina Glyndale, Aug 7, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Please post the SpyBot log.
     
  2. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Actually, I DO understand. I live mostly in Mexico, and you can't get anything fixed here correctly either.
     
  3. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Also, the ram is low for XP. Must run fairly slow under the best conditions.
     
  4. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi CookieGal.

    My internet connection has been going down often lately. I'm not sure if it is the server here or whether this is also connected to the Winfixer viruses. Anyway, I will run the Spybot again right now. It doesn't generate a log--does it?--so I'll have to copy it by hand.

    Back again shortly.

    Sabrina
     
  5. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Okay, here it is. It's a long, comprehensive version. I'll have to send it in 2 parts. here is Part One:

    --- Search result list ---
    WinAntiVirusPro2006: Data (File, nothing done)
    C:\WINDOWS\system32\stera.job

    WinAntiVirusPro2006: Settings (Registry value, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera

    WinAntiVirusPro2006: Settings (Registry value, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\BootStera

    CDilla: Program directory (Directory, nothing done)
    c:\C_DILLA\

    Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

    Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

    WinFixer: Settings (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApiMon

    WinFixer: Settings (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ApiMon

    Winsoftware.WinAntiVirusPro2006: Root class (Registry key, nothing done)
    HKEY_CLASSES_ROOT\WAP6.PCheck.1

    Winsoftware.WinAntiVirusPro2006: Class ID (Registry key, nothing done)
    HKEY_CLASSES_ROOT\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}

    Winsoftware.WinAntiVirusPro2006: Interface (Registry key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}

    Winsoftware.WinAntiVirusPro2006: Type library (Registry key, nothing done)
    HKEY_CLASSES_ROOT\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}


    --- Spybot - Search && Destroy version: 1.3 ---
    2006-08-11 Includes\Cookies.sbi
    2006-08-11 Includes\Dialer.sbi
    2006-08-11 Includes\Hijackers.sbi
    2006-08-11 Includes\Keyloggers.sbi
    2004-11-29 Includes\LSP.sbi
    2006-08-11 Includes\Malware.sbi
    2006-08-11 Includes\PUPS.sbi
    2006-08-11 Includes\Revision.sbi
    2006-08-11 Includes\Security.sbi
    2006-08-11 Includes\Spybots.sbi
    2005-02-17 Includes\Tracks.uti
    2006-08-11 Includes\Trojans.sbi


    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
    / Windows XP / SP3: Windows XP Hotfix - KB867282
    / Windows XP / SP3: Windows XP Hotfix - KB873333
    / Windows XP / SP3: Windows XP Hotfix - KB873339
    / Windows XP / SP3: Security Update for Windows XP (KB883939)
    / Windows XP / SP3: Windows XP Hotfix - KB885250
    / Windows XP / SP3: Windows XP Hotfix - KB885835
    / Windows XP / SP3: Windows XP Hotfix - KB885836
    / Windows XP / SP3: Windows XP Hotfix - KB885855
    / Windows XP / SP3: Windows XP Hotfix - KB885884
    / Windows XP / SP3: Windows XP Hotfix - KB886185
    / Windows XP / SP3: Windows XP Hotfix - KB887472
    / Windows XP / SP3: Windows XP Hotfix - KB887742
    / Windows XP / SP3: Windows XP Hotfix - KB888113
    / Windows XP / SP3: Windows XP Hotfix - KB888302
    / Windows XP / SP3: Security Update for Windows XP (KB890046)
    / Windows XP / SP3: Windows XP Hotfix - KB890047
    / Windows XP / SP3: Windows XP Hotfix - KB890175
    / Windows XP / SP3: Windows XP Hotfix - KB890859
    / Windows XP / SP3: Windows XP Hotfix - KB890923
    / Windows XP / SP3: Windows XP Hotfix - KB891781
    / Windows XP / SP3: Security Update for Windows XP (KB893066)
    / Windows XP / SP3: Windows XP Hotfix - KB893086
    / Windows XP / SP3: Security Update for Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Update for Windows XP (KB894391)
    / Windows XP / SP3: Security Update for Windows XP (KB896358)
    / Windows XP / SP3: Security Update for Windows XP (KB896422)
    / Windows XP / SP3: Security Update for Windows XP (KB896423)
    / Windows XP / SP3: Security Update for Windows XP (KB896424)
    / Windows XP / SP3: Security Update for Windows XP (KB896428)
    / Windows XP / SP3: Security Update for Windows XP (KB896688)
    / Windows XP / SP3: Update for Windows XP (KB896727)
    / Windows XP / SP3: Update for Windows XP (KB898461)
    / Windows XP / SP3: Security Update for Windows XP (KB899587)
    / Windows XP / SP3: Security Update for Windows XP (KB899588)
    / Windows XP / SP3: Security Update for Windows XP (KB899591)
    / Windows XP / SP3: Update for Windows XP (KB900485)
    / Windows XP / SP3: Security Update for Windows XP (KB900725)
    / Windows XP / SP3: Security Update for Windows XP (KB901017)
    / Windows XP / SP3: Security Update for Windows XP (KB901190)
    / Windows XP / SP3: Security Update for Windows XP (KB901214)
    / Windows XP / SP3: Security Update for Windows XP (KB902400)
    / Windows XP / SP3: Security Update for Windows XP (KB903235)
    / Windows XP / SP3: Security Update for Windows XP (KB904706)
    / Windows XP / SP3: Security Update for Windows XP (KB905414)
    / Windows XP / SP3: Security Update for Windows XP (KB905749)
    / Windows XP / SP3: Security Update for Windows XP (KB905915)
    / Windows XP / SP3: Security Update for Windows XP (KB908519)
    / Windows XP / SP3: Security Update for Windows XP (KB908531)
    / Windows XP / SP3: Update for Windows XP (KB910437)
    / Windows XP / SP3: Security Update for Windows XP (KB911280)
    / Windows XP / SP3: Security Update for Windows XP (KB911562)
    / Windows XP / SP3: Security Update for Windows XP (KB911567)
    / Windows XP / SP3: Security Update for Windows XP (KB911927)
    / Windows XP / SP3: Security Update for Windows XP (KB912812)
    / Windows XP / SP3: Security Update for Windows XP (KB912919)
    / Windows XP / SP3: Security Update for Windows XP (KB913446)
    / Windows XP / SP3: Security Update for Windows XP (KB913580)
    / Windows XP / SP3: Security Update for Windows XP (KB914388)
    / Windows XP / SP3: Security Update for Windows XP (KB914389)
    / Windows XP / SP3: Security Update for Windows XP (KB916281)
    / Windows XP / SP3: Update for Windows XP (KB916595)
    / Windows XP / SP3: Security Update for Windows XP (KB917159)
    / Windows XP / SP3: Security Update for Windows XP (KB917344)
    / Windows XP / SP3: Security Update for Windows XP (KB917422)
    / Windows XP / SP3: Security Update for Windows XP (KB917953)
    / Windows XP / SP3: Security Update for Windows XP (KB918439)
    / Windows XP / SP3: Security Update for Windows XP (KB918899)
    / Windows XP / SP3: Security Update for Windows XP (KB920214)
    / Windows XP / SP3: Security Update for Windows XP (KB920670)
    / Windows XP / SP3: Security Update for Windows XP (KB920683)
    / Windows XP / SP3: Security Update for Windows XP (KB921398)
    / Windows XP / SP3: Security Update for Windows XP (KB921883)
    / Windows XP / SP3: Security Update for Windows XP (KB922616)


    --- Startup entries list ---
    Located: HK_LM:Run,
    command:

    Located: HK_LM:Run, !ewido
    command: "C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe" /minimized
    file: C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe
    size: 6283264
    MD5: 10c40f37ac87a18f624143d4fe6e8dec

    Located: HK_LM:Run, AGRSMMSG
    command: AGRSMMSG.exe
    file: C:\WINDOWS\AGRSMMSG.exe
    size: 88363
    MD5: 32f801e868bd2006911d49128cdd6312

    Located: HK_LM:Run, Apoint
    command: C:\Program Files\Apoint2K\Apoint.exe
    file: C:\Program Files\Apoint2K\Apoint.exe
    size: 192512
    MD5: e6899986d6fe0c793b3df5bae7d18b40

    Located: HK_LM:Run, ATIPTA
    command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    size: 339968
    MD5: c4708c52ac71338b49334c972de96682

    Located: HK_LM:Run, ccApp
    command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    size: 53408
    MD5: 8c5d5b71e4e8a1fb8f1fa6cc57fe411e

    Located: HK_LM:Run, CeEKEY
    command: C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    file: C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    size: 643072
    MD5: 96910c47cbcac58aa13bf7105f6b9796

    Located: HK_LM:Run, CeEPOWER
    command: C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    file: C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    size: 135168
    MD5: 8f7e3434b0b6aec36e4dd9d42be66d43

    Located: HK_LM:Run, CFSServ.exe
    command: CFSServ.exe -NoClient

    Located: HK_LM:Run, dla
    command: C:\WINDOWS\system32\dla\tfswctrl.exe
    file: C:\WINDOWS\system32\dla\tfswctrl.exe
    size: 122939
    MD5: d8be45c9e739adcc19420199c48d0456

    Located: HK_LM:Run, EzButton
    command: C:\Program Files\EzButton\EzButton.EXE
    file: C:\Program Files\EzButton\EzButton.EXE
    size: 712704
    MD5: 62c11df2ba9bfba5870cdc989b65a0e6

    Located: HK_LM:Run, HotKeysCmds
    command: C:\WINDOWS\system32\hkcmd.exe
    file: C:\WINDOWS\system32\hkcmd.exe
    size: 118784
    MD5: a7be6761667a364687b5219b574eeb12

    Located: HK_LM:Run, IgfxTray
    command: C:\WINDOWS\system32\igfxtray.exe
    file: C:\WINDOWS\system32\igfxtray.exe
    size: 155648
    MD5: ba96711e180c47d748805f37e1b5406a

    Located: HK_LM:Run, IndexSearch
    command: C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
    file: C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
    size: 36864
    MD5: ee0d774fcf0c75f043d96ed34fc45441

    Located: HK_LM:Run, IVPServiceMgr
    command: C:\toshiba\ivp\ism\ivpsvmgr.exe
    file: C:\toshiba\ivp\ism\ivpsvmgr.exe
    size: 475136
    MD5: 699e60af3e787bef35717ae711c25547

    Located: HK_LM:Run, LtMoh
    command: C:\Program Files\ltmoh\Ltmoh.exe
    file: C:\Program Files\ltmoh\Ltmoh.exe
    size: 184320
    MD5: cae4adee7be5c6ad35c84d10a866977e

    Located: HK_LM:Run, NDSTray.exe
    command: NDSTray.exe

    Located: HK_LM:Run, OneTouch Monitor
    command: C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    file: C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    size: 90112
    MD5: 046a960a0536959b6f989a72d1bec6d8

    Located: HK_LM:Run, PadTouch
    command: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    file: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    size: 1089589
    MD5: 062d0e5bbf64d78d90502f7d0bdc3d6f

    Located: HK_LM:Run, Pinger
    command: c:\toshiba\ivp\ism\pinger.exe /run
    file: c:\toshiba\ivp\ism\pinger.exe
    size: 159744
    MD5: eb3c8c07a1c1286baa3a676e1d16394d

    Located: HK_LM:Run, RealTray
    command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    Located: HK_LM:Run, SmoothView
    command: C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    file: C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    size: 135168
    MD5: eb7d30c5d9c397da4f9d2725a910c5d8

    Located: HK_LM:Run, SunJavaUpdateSched
    command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    size: 36975
    MD5: 61a3a9d5d98bf0331df5b716144a8100

    Located: HK_LM:Run, TPNF
    command: C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    file: C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    size: 53248
    MD5: 1ba1d72436bc7d5090966a3f1038bbf9

    Located: HK_LM:Run, ZoomingHook
    command: c:\WINDOWS\System32\ZoomingHook.exe
    file: c:\WINDOWS\System32\ZoomingHook.exe
    size: 24576
    MD5: 2cdce2ef3bfb8148042b92d0929cb382

    Located: HK_CU:Run, ctfmon.exe
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 24232996a38c0b0cf151c2140ae29fc8

    Located: HK_CU:Run, TeleAuth
    command: C:\Documents and Settings\Sabrina\Desktop\teleauth.exe

    Located: HK_CU:Run, TOSCDSPD
    command: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    file: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    size: 65536
    MD5: 383b71dcb691ccaeea445acb9150ddd3

    Located: Startup (common), Microsoft Office.lnk
    command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
    file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
    size: 83360
    MD5: 5bc65464354a9fd3beaa28e18839734a



    --- Browser helper object list ---
    {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
    BHO name:
    CLSID name: Yahoo! Toolbar Helper
    description: Yahoo Companion!
    classification: Legitimate
    known filename: Ycomp*_*_*_*.dll
    info link: http://companion.yahoo.com/
    info source: TonyKlein
    Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
    Long name: yt.dll
    Short name:
    Date (created): 8/11/2006 11:12:34 PM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 6/7/2006 11:09:22 AM
    Filesize: 399352
    Attributes: archive
    MD5: 8BBB9FEEC360F11867B28059B5360843
    CRC32: 12033757
    Version: 7.213.0.11

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    BHO name:
    CLSID name: AcroIEHlprObj Class
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: http://www.adobe.com/products/acrobat/readstep2.html
    info source: TonyKlein
    Path: C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\
    Long name: AcroIEHelper.ocx
    Short name: ACROIE~1.OCX
    Date (created): 8/19/2004 8:26:12 PM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 3/2/2001 3:02:04 PM
    Filesize: 37808
    Attributes: archive
    MD5: 8394ABFC1BE196A62C9F532511936DF7
    CRC32: 71D6E350
    Version: 0.1.0.0

    {53707962-6F74-2D53-2644-206D7942484F} ()
    BHO name:
    CLSID name:
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 5/12/2004 5:03:00 AM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 5/12/2004 5:03:00 AM
    Filesize: 744960
    Attributes: archive
    MD5: ABF5BA518C6A5ED104496FF42D19AD88
    CRC32: 5587736E
    Version: 0.1.0.3

    {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
    BHO name:
    CLSID name: DriveLetterAccess
    description: Hewlett-Packard's DLA software
    classification: Unknown
    known filename: tfswshx.dll
    info link:
    info source: TonyKlein
    Path: C:\WINDOWS\system32\dla\
    Long name: tfswshx.dll
    Short name:
    Date (created): 1/29/2005 10:17:56 PM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 7/14/2004 5:04:00 AM
    Filesize: 118842
    Attributes: archive
    MD5: 4A2B3E0C005BF2D4A4429FAB617F6E52
    CRC32: 2595B197
    Version: 0.1.0.4

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    BHO name:
    CLSID name: SSVHelper Class
    Path: C:\Program Files\Java\jre1.5.0_06\bin\
    Long name: ssv.dll
    Short name:
    Date (created): 3/2/2006 3:53:00 AM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 11/10/2005 3:22:12 AM
    Filesize: 184423
    Attributes: archive
    MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
    CRC32: 0111B892
    Version: 0.5.0.0

    {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper)
    BHO name: NAV Helper
    CLSID name: CNavExtBho Class
    Path: C:\Program Files\Norton AntiVirus\
    Long name: NavShExt.dll
    Short name:
    Date (created): 2/4/2006 3:03:32 PM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 2/4/2006 3:03:32 PM
    Filesize: 140960
    Attributes: archive
    MD5: 2BBF8C0CF0E439ADA20789CD3D0FB57B
    CRC32: F87D6BA5
    Version: 0.12.0.2

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    BHO name:
    CLSID name: Google Toolbar Helper
    Path: c:\program files\google\
    Long name: GoogleToolbar2.dll
    Short name: GOOGLE~2.DLL
    Date (created): 3/1/2006 6:22:12 AM
    Date (last access): 8/14/2006 7:50:46 AM
    Date (last write): 2/14/2006 5:05:30 AM
    Filesize: 1191424
    Attributes: readonly archive
    MD5: 677C42CD9FE9C13B4B7B601A2E4065B0
    CRC32: 58231F90
    Version: 0.3.0.0
     
  6. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    SpyBot Log (Part 2):



    --- ActiveX list ---
    {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class)
    DPF name:
    CLSID name: SupportSoft Script Runner Class
    Path: C:\PROGRA~1\COMMON~1\SYMANT~1\
    Long name: tgctlsr.dll
    Short name:
    Date (created): 6/16/2005 3:25:00 PM
    Date (last access): 8/13/2006 6:11:46 AM
    Date (last write): 6/16/2005 3:25:00 PM
    Filesize: 413696
    Attributes: archive
    MD5: 47EA24991C9184C8186E5447BE22F364
    CRC32: 60CB0CA4
    Version: 0.6.0.9

    {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object)
    DPF name:
    CLSID name: CKAVWebScan Object
    Path: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\
    Long name: kavwebscan.dll
    Short name: KAVWEB~1.DLL
    Date (created): 3/20/2006 3:17:20 AM
    Date (last access): 8/13/2006 6:11:46 AM
    Date (last write): 3/20/2006 3:17:20 AM
    Filesize: 798720
    Attributes: archive
    MD5: F74B09086C2097BC535C5DCCCD3402AC
    CRC32: 01AA9D3D
    Version: 0.5.0.0

    {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
    DPF name:
    CLSID name: Shockwave ActiveX Control
    description: Macromedia ShockWave Flash Player 7
    classification: Unknown
    known filename: SWDIR.DLL
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\macromed\Director\
    Long name: SwDir.dll
    Short name:
    Date (created): 8/11/2006 11:15:40 PM
    Date (last access): 8/13/2006 6:11:44 AM
    Date (last write): 7/28/2006 9:06:12 AM
    Filesize: 54960
    Attributes: archive
    MD5: 14115D5C1DE5F3103C169B7F4D1D562A
    CRC32: 819F0513
    Version: 0.10.0.1

    {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
    DPF name:
    CLSID name: Windows Genuine Advantage Validation Tool
    Path: C:\WINDOWS\system32\
    Long name: LegitCheckControl.dll
    Short name: LEGITC~1.DLL
    Date (created): 7/12/2005 9:04:22 AM
    Date (last access): 8/14/2006 7:49:10 AM
    Date (last write): 6/19/2006 6:19:42 AM
    Filesize: 571184
    Attributes: archive
    MD5: 31BF58C9814F840EB10A2B7A410ABEA3
    CRC32: DAFAE165
    Version: 0.1.0.5

    {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control)
    DPF name:
    CLSID name: ewidoOnlineScan Control
    Path: C:\WINDOWS\DOWNLO~1\
    Long name: ewidoOnlineScan.dll
    Short name: EWIDOO~1.DLL
    Date (created): 7/10/2006 11:41:36 PM
    Date (last access): 8/14/2006 8:10:54 AM
    Date (last write): 7/10/2006 11:41:36 PM
    Filesize: 345656
    Attributes: archive
    MD5: B284992540E0FA2B76DEA56F93D49A16
    CRC32: FD2E709C
    Version: 0.1.0.0

    {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class)
    DPF name:
    CLSID name: LSSupCtl Class
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: LSSupCtl.dll
    Short name:
    Date (created): 10/27/2004 4:10:26 AM
    Date (last access): 8/14/2006 8:10:54 AM
    Date (last write): 10/27/2004 4:10:26 AM
    Filesize: 111752
    Attributes: archive
    MD5: C8FEBEA460AAD5C1B6817F9676E03F78
    CRC32: 807349F9
    Version: 0.3.0.1

    {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
    DPF name:
    CLSID name: Office Update Installation Engine
    Path: C:\WINDOWS\
    Long name: opuc.dll
    Short name:
    Date (created): 1/18/2005 5:07:18 AM
    Date (last access): 8/14/2006 8:12:10 AM
    Date (last write): 1/18/2005 5:07:18 AM
    Filesize: 326656
    Attributes: archive
    MD5: 20393D64F69F26361A97FD9AFB3C9243
    CRC32: 0B4DBA7F
    Version: 0.11.0.0

    {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
    DPF name:
    CLSID name: MSN Photo Upload Tool
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: MsnPUpld.dll
    Short name:
    Date (created): 10/8/2004 8:01:22 PM
    Date (last access): 8/14/2006 8:10:54 AM
    Date (last write): 10/8/2004 8:01:22 PM
    Filesize: 372736
    Attributes: archive
    MD5: D2ED523BB0FE94F8F492BEFE1C336040
    CRC32: C4677625
    Version: 0.10.0.0

    {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager)
    DPF name:
    CLSID name: Symantec Download Manager
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: symdlmgr.dll
    Short name:
    Date (created): 4/20/2006 11:05:42 AM
    Date (last access): 8/14/2006 8:10:54 AM
    Date (last write): 4/20/2006 11:05:42 AM
    Filesize: 227840
    Attributes: archive
    MD5: F6BE7971966A7EBB5873F2172F72BC58
    CRC32: 8EA3B9D1
    Version: 0.7.0.0

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_06
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre1.5.0_06\bin\
    Long name: NPJPI150_06.dll
    Short name: NPJPI1~1.DLL
    Date (created): 3/2/2006 3:52:58 AM
    Date (last access): 8/13/2006 6:11:48 AM
    Date (last write): 11/10/2005 3:22:12 AM
    Filesize: 69746
    Attributes: archive
    MD5: D2CF6BB5E9020E6707B62575F8083954
    CRC32: 7F39DC54
    Version: 0.5.0.0

    {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
    DPF name:
    CLSID name: ActiveScan Installer Class
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: asinst.dll
    Short name:
    Date (created): 12/19/2005 2:35:32 PM
    Date (last access): 8/14/2006 8:10:54 AM
    Date (last write): 4/11/2006 7:10:10 AM
    Filesize: 135168
    Attributes: archive
    MD5: 7267AE9C8DF527C30885DC29687D2A9B
    CRC32: 1B1733A3
    Version: 0.58.0.5

    {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_06
    Path: C:\Program Files\Java\jre1.5.0_06\bin\
    Long name: NPJPI150_06.dll
    Short name: NPJPI1~1.DLL
    Date (created): 3/2/2006 3:52:58 AM
    Date (last access): 8/14/2006 8:34:02 AM

    Date (last write): 11/10/2005 3:22:12 AM
    Filesize: 69746
    Attributes: archive
    MD5: D2CF6BB5E9020E6707B62575F8083954
    CRC32: 7F39DC54
    Version: 0.5.0.0

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_06
    Path: C:\Program Files\Java\jre1.5.0_06\bin\
    Long name: NPJPI150_06.dll
    Short name: NPJPI1~1.DLL
    Date (created): 3/2/2006 3:52:58 AM
    Date (last access): 8/14/2006 8:34:02 AM
    Date (last write): 11/10/2005 3:22:12 AM
    Filesize: 69746
    Attributes: archive
    MD5: D2CF6BB5E9020E6707B62575F8083954
    CRC32: 7F39DC54
    Version: 0.5.0.0

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash9.ocx
    Short name:
    Date (created): 8/11/2006 11:12:34 PM
    Date (last access): 8/14/2006 7:56:44 AM
    Date (last write): 6/22/2006 1:44:22 PM
    Filesize: 2201224
    Attributes: readonly archive
    MD5: 99F80CA1EBE95677668F54CAC6F4AD6D
    CRC32: B7385E3B
    Version: 0.9.0.0



    --- Process list ---
    Spybot - Search && Destroy process list report, 8/14/2006 8:34:01 AM

    PID: 0 ( 0) [System]
    PID: 4 ( 0) System
    PID: 288 ( 988) C:\WINDOWS\system32\spoolsv.exe
    PID: 520 ( 988) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    PID: 568 ( 988) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    PID: 588 ( 988) C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
    PID: 604 ( 804) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    PID: 620 ( 804) C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    PID: 636 ( 988) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PID: 672 ( 804) C:\WINDOWS\system32\dla\tfswctrl.exe
    PID: 732 ( 804) C:\Program Files\ltmoh\Ltmoh.exe
    PID: 740 ( 804) C:\WINDOWS\AGRSMMSG.exe
    PID: 752 ( 804) C:\Program Files\Apoint2K\Apoint.exe
    PID: 768 ( 804) C:\Program Files\EzButton\EzButton.EXE
    PID: 804 ( 748) C:\WINDOWS\Explorer.EXE
    PID: 812 ( 804) C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    PID: 828 ( 988) C:\WINDOWS\system32\cisvc.exe
    PID: 872 ( 4) \SystemRoot\System32\smss.exe
    PID: 904 ( 804) C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    PID: 908 ( 988) C:\WINDOWS\system32\DVDRAMSV.exe
    PID: 916 ( 804) C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    PID: 920 ( 872) csrss.exe
    PID: 944 ( 872) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 988 ( 944) C:\WINDOWS\system32\services.exe
    PID: 1000 ( 944) C:\WINDOWS\system32\lsass.exe
    PID: 1064 ( 804) C:\WINDOWS\System32\ZoomingHook.exe
    PID: 1192 ( 988) C:\WINDOWS\system32\svchost.exe
    PID: 1228 ( 804) C:\WINDOWS\system32\igfxtray.exe
    PID: 1244 ( 988) svchost.exe
    PID: 1280 ( 988) C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\guard.exe
    PID: 1316 ( 988) C:\Program Files\Norton AntiVirus\navapsvc.exe
    PID: 1320 ( 988) C:\WINDOWS\System32\svchost.exe
    PID: 1384 ( 988) svchost.exe
    PID: 1488 ( 988) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    PID: 1532 ( 804) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    PID: 1552 ( 988) C:\WINDOWS\system32\svchost.exe
    PID: 1572 ( 988) svchost.exe
    PID: 1648 ( 988) c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
    PID: 1784 ( 988) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    PID: 1808 ( 988) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    PID: 1884 ( 988) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    PID: 1900 ( 988) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    PID: 1952 ( 988) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    PID: 2028 ( 988) wdfmgr.exe
    PID: 2132 ( 804) C:\WINDOWS\system32\hkcmd.exe
    PID: 2172 (2148) C:\Program Files\Apoint2K\Apntex.exe
    PID: 2248 ( 804) C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
    PID: 2256 ( 804) C:\toshiba\ivp\ism\ivpsvmgr.exe
    PID: 2264 ( 804) C:\Program Files\Real\RealPlayer\RealPlay.exe
    PID: 2280 ( 804) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    PID: 2292 ( 804) C:\Documents and Settings\Sabrina\My Documents\My Data Sources\Anti-Virus\Evido\ewido anti-spyware 4.0\ewido.exe
    PID: 2300 ( 804) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    PID: 2312 ( 804) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    PID: 2324 ( 804) C:\WINDOWS\system32\ctfmon.exe
    PID: 2548 (1192) C:\Program Files\Messenger\msmsgs.exe
    PID: 2900 ( 804) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    PID: 3008 ( 804) C:\Program Files\Internet Explorer\iexplore.exe
    PID: 3100 (3768) C:\Program Files\Windows Media Player\wmplayer.exe
    PID: 3348 (1192) C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\NSCSRVCE.EXE
    PID: 3768 ( 804) C:\Program Files\Internet Explorer\IEXPLORE.EXE
    PID: 3816 ( 828) C:\WINDOWS\system32\cidaemon.exe
    PID: 3908 ( 988) alg.exe


    --- Browser start & search pages list ---
    Spybot - Search && Destroy browser pages report, 8/14/2006 8:34:01 AM

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.google.com
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.doteasy.com/
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://www.google.com/keyword/%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.toshiba.com
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Irda [IrDA]
    GUID: {3972523D-2AF1-11D1-B655-00805F3642CC}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Infrared protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Irda [IrDA]

    Protocol 1: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 2: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 3: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 4: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 5: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9695679C-C41B-4B93-8A52-8B34D8517C02}] SEQPACKET 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9695679C-C41B-4B93-8A52-8B34D8517C02}] DATAGRAM 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38AAB0D9-F693-43CD-A9A9-A41396D816CC}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38AAB0D9-F693-43CD-A9A9-A41396D816CC}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8E775B06-54D4-48C5-9F77-1639B43A29C5}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8E775B06-54D4-48C5-9F77-1639B43A29C5}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F558CA23-D3A9-4ED9-91EF-B5067602FD9F}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F558CA23-D3A9-4ED9-91EF-B5067602FD9F}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{847257ED-1939-4E8C-8058-3C1488E31CB5}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{847257ED-1939-4E8C-8058-3C1488E31CB5}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38552A31-6ECC-4239-A0F3-0759457FF0D4}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{38552A31-6ECC-4239-A0F3-0759457FF0D4}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11B60DA0-9147-48DC-BCA1-3C36D4E61D61}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11B60DA0-9147-48DC-BCA1-3C36D4E61D61}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF14E8F7-5567-4016-9FD1-9366DCBCEB86}] SEQPACKET 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF14E8F7-5567-4016-9FD1-9366DCBCEB86}] DATAGRAM 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

    Namespace Provider 2: Network Location Awareness (NLA) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace
     
  7. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Mexico! Wow. Well, it's nice to know someone out there knows what this is like :)

    Sabrina
     
  8. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi, AcaCandy. Well, is there anything I can do to increase RAM? As I mentioned a while back, I bought this computer brand-new only in March 2005. Surely it is not worn out already?

    Please advise. Thank you very much!

    Sabrina
     
  9. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi again, AcaCandy.

    I don't know whether I should start a new thread for this or what, but since you're an experienced traveler over there in Mexico, maybe you can answer this.

    You have no doubt heard about the foiled terrorist plot in London and how British Airways is now forbidding passengers from bringing anything on board except wallets and purses. No laptop computers are allowed. I am flying back to the United States next week...British Airways flights all the way, fifteen hours.

    Thus, I will be forced to pack this Toshiba in my suitcase. How risky is this?? If you were in my situation, what would you do to insulate the computer?

    Any suggestions would be much appreciated!

    Sabrina
     
  10. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    I think I just heard on the news that they lifted the laptop ban in the UK, so it sounds like you're in luck. I wouldn't want to pack my laptop in the suitcase. That would be a baggage handler's dream :mad: I've had things stolen out of my luggage in the past :mad: Where are you heading to? I'm heading back on 9/2 -- hopefully they have things more orderly by then.

    As to the ram, when you are in the U.S. call Toshiba customer support and they should be able to tell you if that machine can support more ram. My best guess is that you should be either able to replace the chip in there totally or add a second chip to bump it up to at least 512 ram.
     
  11. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi, AcaCandy.

    I'm going back next week: Friday, August 25, to the United States. I will only have one month, and then I'm coming back here to Russia (to travel deeper into Siberia and the Far East for research for my second book. Call me a masochist!)

    So you're saying I don't have enough RAM? I should buy more? But I thought I had bought a powerful machine! How much do these things cost? Can the amount of data one has stored on the hard drive slow down RAM? What other things can "reduce" RAM?

    I hope you have a smooth flight home! :)

    Sabrina
     
  12. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi CookieGal.

    Just so you have all the information, I am also getting a popup message from the Norton Protection Center, Symantec: "Server Execution Failed" (0x8008005)....whatever that means.

    Can you tell me what it does mean and how to fix it, along with the other problems? Thank you very much!

    Sabrina
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Have SpyBot fix the items it found and then scan again.

    Please provide the entire error that you are getting with Norton.
     
  14. Sabrina Glyndale

    Sabrina Glyndale Thread Starter

    Joined:
    Apr 29, 2006
    Messages:
    40
    Hi CookieGal.

    Well, I ran Spybot and clicked "Fix problems." Then this message appeared:

    "Some problems couldn't be fixed. The reason could be that the associated files are still in use (in memory). may Spybot S & D run on your next system start up?"

    What should I do??? (Just a computer illiterate over here). Thanks for your help.

    Sabrina
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Allow Spybot to run at startup. That way it should be able to fix those items. Let me know how it goes.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/490133