and here is my spybot log:
--- Search result list ---
Cache: Cache (324) (Cache, nothing done)
Common Dialogs: History (2 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Cookie: Cookie (6) (Cookie, nothing done)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: Download directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Internet Explorer\Download Directory!=
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Log: Activity: COM+.log (Backup file, nothing done)
C:\WINDOWS\COM+.log
Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log
Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt
Log: Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt
Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt
Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log
Log: Install: Directx.log (Backup file, nothing done)
C:\WINDOWS\Directx.log
Log: Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log
Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log
Log: Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log
Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log
Log: Install: setuperr.log (Backup file, nothing done)
C:\WINDOWS\setuperr.log
Log: Install: setuplog.txt (Backup file, nothing done)
C:\WINDOWS\setuplog.txt
Log: Install: svcpack.log (Backup file, nothing done)
C:\WINDOWS\svcpack.log
Log: Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log
Log: Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log
Log: Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log
Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_
Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Log: Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemsnmp.log
Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log
Log: Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log
MS DirectDraw: Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=
MS Media Player: Anonymous ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0
MS Media Player: Application data file (global) () (File, nothing done)
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db
MS Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=
MS Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=
MS Media Player: Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
MS Media Player: Last selected track index (Registry value, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex
MS Media Player: Manually modified tags history (25 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit
MS Media Player: Recent file list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\Player\RecentFileList
MS Media Player: Search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch
MS Office 11.0 (Excel): Recent file list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Office\11.0\Excel\Recent Files
MS Office 11.0 (Word): Recent file list (Registry value, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Office\11.0\Word\Data\Settings
MS Regedit: Recent open key (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey!=
MS Search Assistant: Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Search Assistant\ACMru
Windows Explorer: Last Copy/MoveTo folder (Registry value, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Windows Explorer: Last visited history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent wallpaper list (63 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: Run history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: Stream history (19 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: User Assistant history files (164 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: User Assistant history IE (37 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows.ActiveDesktop: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoHTMLWallPaper!=W=1
Windows.OpenWith: Open with list - .CAB extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
Windows.OpenWith: Open with list - .AI extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AI\OpenWithList
Windows.OpenWith: Open with list - .BMP extension (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows: Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources!=
WinRAR: Last used directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\WinRAR\General\LastFolder!=
WinRAR: Recent file list (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\WinRAR\ArcHistory
WinZip: Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\gzExtractTo!=
WinZip: Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\gzAddDir!=
WinZip: Add files directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\AddDir!=
WinZip: Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\zDefDir!=
WinZip: Default directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\DefDir!=
WinZip: Destination directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\directories\ExtractTo!=
WinZip: Number of times run (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\rrs\Opened!=
WinZip: Recent extracted file list (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2322107881-3865505124-3464238457-1003\Software\Nico Mak Computing\WinZip\extract
--- Spybot - Search && Destroy version: 1.3 ---
2006-04-14 Includes\Cookies.sbi
2006-04-14 Includes\Dialer.sbi
2006-04-14 Includes\Hijackers.sbi
2006-04-14 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2006-04-14 Includes\Malware.sbi
2006-04-14 Includes\PUPS.sbi
2006-04-14 Includes\Revision.sbi
2006-04-14 Includes\Security.sbi
2006-04-14 Includes\Spybots.sbi
2005-02-17 Includes\Tracks.uti
2006-04-14 Includes\Trojans.sbi
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DirectX / DX9 / SP3: DirectX Hotfix - KB825116
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB905915
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Hotfix for Windows XP (KB912475)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
--- Startup entries list ---
Located: HK_LM:Run,
command:
Located: HK_LM:Run, Acrobat Assistant 7.0
command: "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
file: C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
size: 483328
MD5: 78ff388fd58ce0bae1f7c9670f5473c1
Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88363
MD5: e7be65bf79906aebc698e077d53f6a1c
Located: HK_LM:Run, Home Theater SchSvr
command: "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
file: C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
size: 155648
MD5: 3e4c38088cdb26d27fcd047cabc0a377
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 118784
MD5: ea5dd164296f66241bead39e12fa69f2
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: f5f1a8cdd473d55f9bf6fe23f715b0fa
Located: HK_LM:Run, HP Software Update
command: "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821f73b833c4daebc33c1a9a4b16bb5a
Located: HK_LM:Run, HPHmon05
command: C:\WINDOWS\System32\hphmon05.exe
file: C:\WINDOWS\System32\hphmon05.exe
size: 483328
MD5: ec273d5f06235f8f003316003f518ee3
Located: HK_LM:Run, HPHUPD05
command: c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
file: c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
size: 49152
MD5: 671f926abfabfb767d708bbee49df45d
Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06a1ecb63df139ec639e084d4ab3c9d7
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: 8bbbada96ffe1449edd39256eda99cd8
Located: HK_LM:Run, IMJPMIG8.1
command: "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
file: C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
size: 208952
MD5: 7bbe4cf421aecc7f0226edd75f12079f
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 8778072a594e1310c0b7d0a93771e8bd
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4a95f15b706b8fd9ec8715b6401eab7b
Located: HK_LM:Run, MSPY2002
command: C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
file: C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe
size: 59392
MD5: 1b17e09c1223f6d17336d2dd7a1af4f4
Located: HK_LM:Run, pccguide.exe
command: "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
file: C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
size: 897086
MD5: 3150a6f401a7bfbe2c7a2e737148c822
Located: HK_LM:Run, PHIME2002A
command: C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
file: C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE
size: 455168
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6
Located: HK_LM:Run, PHIME2002ASync
command: C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
file: C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE
size: 455168
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6
Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 81920
MD5: c4c523e78774e05d06efe3e10017cf6d
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: c74c7963eec07af49dce44d64819b2bf
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 233472
MD5: 310f1e8a0781887ba1c217448c0e4d48
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 151597
MD5: a05da809ac0d86d916d09e3a908d3a06
Located: HK_LM:Run, WINCINEMAMGR
command: "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
file: C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 3bd730b727f695b9255a75de6c4e073b
Located: HK_LM:Run, Windows Defender
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1420560
MD5: 81aa8ba06a824e637e2ba290d4fa9e3e
Located: HK_CU:Run, Acme.PCHButton
command: C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
file: C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
size: 159744
MD5: 2ce016b8a5aaf457d7bd31e29ac113ec
Located: HK_CU:Run, Simp
command: C:\Program Files\Secway\SimpLite-MSN 2.1.7 beta 4\SimpLite-MSN.exe
file: C:\Program Files\Secway\SimpLite-MSN 2.1.7 beta 4\SimpLite-MSN.exe
size: 1859584
MD5: 44b66579ec8dcf6faefb0d9851291a0a
Located: Startup (common), Adobe Acrobat Speed Launcher.lnk
command: C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
file: C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
size: 25214
MD5: d6294d59171ac375cd142003566aa89e
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), Updates from HP.lnk
command: C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
file: C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
size: 16384
MD5: 708fc5318f6ab059104ffd415f146781
Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 110592
MD5: 5cd0cd0ec4dc5df459b3ac016764f5aa
Located: Startup (disabled), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 241664
MD5: 16e91805cc071039372ae0037aaa9a2b
Located: Startup (disabled), HP Image Zone Fast Start (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe -s
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe
size: 53248
MD5: 91c0436bd6cb73370895ef33c1c9cb47
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: ACROIEHELPER.OCX
info link:
http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 24/09/2005 3:12:08 PM
Date (last access): 17/04/2006 6:25:16 AM
Date (last write): 12/01/2006 8:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 0.7.0.0
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDHelper.dll
info link:
http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 12/05/2004 1:03:00 AM
Date (last access): 17/04/2006 7:02:16 AM
Date (last write): 12/05/2004 1:03:00 AM
Filesize: 744960
Attributes: archive
MD5: ABF5BA518C6A5ED104496FF42D19AD88
CRC32: 5587736E
Version: 0.1.0.3
{AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper)
BHO name:
CLSID name: Adobe PDF Conversion Toolbar Helper
Path: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\
Long name: AcroIEFavClient.dll
Short name: ACROIE~1.DLL
Date (created): 24/09/2005 3:41:42 PM
Date (last access): 17/04/2006 6:25:16 AM
Date (last write): 24/09/2005 3:41:42 PM
Filesize: 231160
Attributes: archive
MD5: 6A95C44FFF0AFE30351CBC92CF327924
CRC32: 8A33F35E
Version: 0.7.0.0
--- ActiveX list ---
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 22/03/2005 3:56:36 PM
Date (last access): 17/04/2006 6:55:32 AM
Date (last write): 17/11/2005 11:12:26 PM
Filesize: 533504
Attributes: archive
MD5: 24F3058766D5FC3FD0F37F6D6EE6FE9B
CRC32: F1FAEDE3
Version: 0.12.0.0
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.2\
Long name: MsnPUpld.dll
Short name:
Date (created): 14/10/2005 11:02:36 AM
Date (last access): 17/04/2006 6:43:16 AM
Date (last write): 14/10/2005 11:02:36 AM
Filesize: 372736
Attributes: archive
MD5: C673BDB4BE7D28D36D39181F6183DFA2
CRC32: 18D2F4B2
Version: 0.10.0.0
{6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
DPF name:
CLSID name: WUWebControl Class
Path: C:\WINDOWS\System32\
Long name: wuweb.dll
Short name:
Date (created): 26/05/2005 3:19:32 AM
Date (last access): 16/04/2006 5:45:22 PM
Date (last write): 26/05/2005 3:19:32 AM
Filesize: 173536
Attributes: archive
MD5: C459F2D5E64C942F3F66E1CD7F1C4C00
CRC32: EEF66B50
Version: 0.5.0.8
{6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5)
DPF name:
CLSID name: Housecall ActiveX 6.5
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: Housecall_ActiveX.dll
Short name: HOUSEC~1.DLL
Date (created): 20/03/2006 4:06:46 PM
Date (last access): 16/04/2006 5:26:44 PM
Date (last write): 20/03/2006 4:06:46 PM
Filesize: 358912
Attributes: archive
MD5: 395A76EE1C174D793AFB17272E4E4392
CRC32: 1945BB37
Version: 0.6.0.5
{77F539E4-3C23-48D9-960B-B6E62905C113} (FavImport Class)
DPF name:
CLSID name: FavImport Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ImportAx.dll
Short name:
Date (created): 7/02/2006 5:47:12 PM
Date (last access): 17/04/2006 6:53:36 AM
Date (last write): 7/02/2006 5:47:12 PM
Filesize: 139472
Attributes: archive
MD5: 60E79949FE3AC9655077EF8D246A2344
CRC32: 9FD64D54
Version: 0.12.0.0
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 10/11/2005 12:03:56 PM
Date (last access): 16/04/2006 5:14:40 PM
Date (last write): 10/11/2005 12:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 29/05/2003 2:00:20 PM
Date (last access): 16/04/2006 5:26:44 PM
Date (last write): 29/05/2003 2:00:20 PM
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 0.7.0.1
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.3\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 13/08/2005 11:26:04 PM
Date (last access): 17/04/2006 6:43:30 AM
Date (last write): 13/08/2005 11:26:04 PM
Filesize: 113664
Attributes: archive
MD5: C403792A3FF639C215067D5AA680C482
CRC32: 7CD0769A
Version: 0.1.0.0
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 10/11/2005 12:03:56 PM
Date (last access): 17/04/2006 7:11:14 AM
Date (last write): 10/11/2005 12:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 10/11/2005 12:03:56 PM
Date (last access): 17/04/2006 7:11:14 AM
Date (last write): 10/11/2005 12:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 0.5.0.0
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash8a.ocx
Short name:
Date (created): 2/01/2006 11:13:28 AM
Date (last access): 17/04/2006 6:55:38 AM
Date (last write): 2/01/2006 11:13:28 AM
Filesize: 1443464
Attributes: readonly archive
MD5: 3066BB99502AE33AE44F17954AF56B8F
CRC32: 658FAE72
Version: 0.8.0.0
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5)
DPF name:
CLSID name: MSN Chat Control 4.5
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.3\
Long name: MSNChat45.ocx
Short name: MSNCHA~1.OCX
Date (created): 27/10/2003 10:35:44 AM
Date (last access): 16/04/2006 5:26:46 PM
Date (last write): 27/10/2003 10:35:44 AM
Filesize: 510552
Attributes: archive
MD5: 60FED272BDBAFA8214E40AD376C9987E
CRC32: 5EE901FC
Version: 0.9.0.2
--- Process list ---
Spybot - Search && Destroy process list report, 17/04/2006 7:11:13 AM
PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 176 ( 596) C:\PROGRA~1\TRENDM~1\INTERN~3\TMPFW.EXE
PID: 324 (1136) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PID: 460 ( 4) \SystemRoot\System32\smss.exe
PID: 528 ( 460) csrss.exe
PID: 552 ( 460) \??\C:\WINDOWS\system32\winlogon.exe
PID: 596 ( 552) C:\WINDOWS\system32\services.exe
PID: 608 ( 552) C:\WINDOWS\system32\lsass.exe
PID: 784 ( 596) C:\WINDOWS\system32\svchost.exe
PID: 840 ( 596) svchost.exe
PID: 904 ( 596) C:\Program Files\Windows Defender\MsMpEng.exe
PID: 948 ( 596) C:\WINDOWS\SYSTEM32\SVCHOST.EXE
PID: 1024 ( 596) svchost.exe
PID: 1136 (1068) C:\WINDOWS\Explorer.EXE
PID: 1160 ( 596) svchost.exe
PID: 1368 ( 596) C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
PID: 1452 (1136) C:\WINDOWS\system32\igfxtray.exe
PID: 1460 (1136) C:\windows\system\hpsysdrv.exe
PID: 1468 (1136) C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
PID: 1520 (1136) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PID: 1664 (1136) C:\HP\KBD\KBD.EXE
PID: 1668 ( 596) C:\PROGRA~1\TRENDM~1\INTERN~3\PCCTLCOM.EXE
PID: 1800 (1136) C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
PID: 1836 (1136) C:\WINDOWS\System32\hphmon05.exe
PID: 1844 ( 596) C:\PROGRA~1\TRENDM~1\INTERN~3\Tmntsrv.exe
PID: 1868 ( 596) C:\PROGRA~1\TRENDM~1\INTERN~3\TMPROXY.EXE
PID: 1940 (1136) C:\Program Files\iTunes\iTunesHelper.exe
PID: 2008 ( 596) wdfmgr.exe
PID: 2100 (1136) C:\WINDOWS\system32\hkcmd.exe
PID: 2108 (1136) C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
PID: 2144 (1136) C:\WINDOWS\AGRSMMSG.exe
PID: 2216 (1136) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PID: 2224 (1136) C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
PID: 2244 (1136) C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
PID: 2280 (1136) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PID: 2308 (1136) C:\Program Files\Windows Defender\MSASCui.exe
PID: 2376 (1136) C:\PROGRAM FILES\SECWAY\SIMPLITE-MSN 2.1.7 BETA 4\SIMPLITE-MSN.EXE
PID: 2508 ( 784) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
PID: 2648 (1136) C:\PROGRAM FILES\UPDATES FROM HP\137903\PROGRAM\BACKWEB-137903.EXE
PID: 2736 (2376) C:\Program Files\MSN Messenger\msnmsgr.exe
PID: 3456 ( 596) C:\Program Files\iPod\bin\iPodService.exe
PID: 3556 ( 596) alg.exe
--- Browser start & search pages list ---
Spybot - Search && Destroy browser pages report, 17/04/2006 7:11:13 AM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.com.au/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E132052-824D-4BD2-B6FE-7C997293A446}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E132052-824D-4BD2-B6FE-7C997293A446}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9CAD7D9-2A1F-4D74-BF78-AFAF9D1BC9EB}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9CAD7D9-2A1F-4D74-BF78-AFAF9D1BC9EB}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{879E8794-DB9A-4C99-97BF-907664829C70}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{879E8794-DB9A-4C99-97BF-907664829C70}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B66C519A-DA8C-490C-85A2-D02F6348CA00}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B66C519A-DA8C-490C-85A2-D02F6348CA00}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07D71965-6611-4245-BA33-C5E06B29A8BD}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07D71965-6611-4245-BA33-C5E06B29A8BD}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace