Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stumped and Frustrated!


  • Please log in to reply
4 replies to this topic

#1 Apocalypse1972

Apocalypse1972

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 18 July 2004 - 05:19 PM

Hi All, I have a very specific problem that I just can't seem to resolve or find any help anywhere. I surf alot on neopets and since last Wednesday the site has been dreadfully slow, pages are slow to load or don't load at all. Every other site is no problem for me and my ISP assures me there is no problem at their end. Since I've been on Neopets I have never had this problem before, on the same Wednesday some new microsoft updates came out and i did install them, which I have now removed. I am completely frustrated, any help would be greatly appreciated, thnx in advance. You guys/gals have a great site here, I check it out quite alot at work, I've just never had a problem I couldn't resolve before.

BC AdBot (Login to Remove)

 


#2 Apocalypse1972

Apocalypse1972
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 18 July 2004 - 06:59 PM

Just an update, I just installed spybot s&d 1.3, here is my log...

--- Search result list ---
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1801674531-1979792683-2147203641-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3


--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi


--- System information ---
Windows XP (Build: 2600) Service Pack 1
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security update for Microsoft Data Access Components
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX: DirectX Update 819696
/ DirectX / DX9 / SP1: DirectX 9 Hotfix - KB839643
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player: Windows Media Update 828026
/ Windows XP / SP2: Windows XP Hotfix - KB810217
/ Windows XP / SP2: Windows XP Hotfix - KB821557
/ Windows XP / SP2: Windows XP Hotfix - KB823182
/ Windows XP / SP2: Windows XP Hotfix - KB823559
/ Windows XP / SP2: Windows XP Hotfix - KB823980
/ Windows XP / SP2: Windows XP Hotfix - KB824105
/ Windows XP / SP2: Windows XP Hotfix - KB824141
/ Windows XP / SP2: Windows XP Hotfix - KB824146
/ Windows XP / SP2: Windows XP Hotfix - KB825119
/ Windows XP / SP2: Windows XP Hotfix - KB828028
/ Windows XP / SP2: Windows XP Hotfix - KB828035
/ Windows XP / SP2: Windows XP Hotfix - KB828741
/ Windows XP / SP2: Windows XP Hotfix - KB835732
/ Windows XP / SP2: Windows XP Hotfix - KB837001
/ Windows XP / SP2: Windows XP Hotfix - KB839645
/ Windows XP / SP2: Windows XP Hotfix - KB840315
/ Windows XP / SP2: Windows XP Hotfix - KB840374
/ Windows XP / SP2: Windows XP Hotfix - KB841873
/ Windows XP / SP2: Windows XP Hotfix - KB842773
/ Windows XP / SP2: Windows XP Hotfix (SP2) [See Q323255 for more information]
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q327979
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q328310
/ Windows XP / SP2: Windows XP Hotfix (SP2) [See Q329048 for more information]
/ Windows XP / SP2: Windows XP Hotfix (SP2) [See Q329115 for more information]
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q329170
/ Windows XP / SP2: Windows XP Hotfix (SP2) [See Q329390 for more information]
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q329441
/ Windows XP / SP2: Windows XP Hotfix (SP2) [See Q329834 for more information]
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q331953
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q810565
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q810577
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q810833
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q811493
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q811630
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q814033
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q815021
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q817287
/ Windows XP / SP2: Windows XP Hotfix (SP2) Q817606


--- Startup entries list ---
Located: HK_LM:Run, Advanced Tools Check
command: C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
file: C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
size: 74920
MD5: 62b992ae61e3b054f8efe65fd4ce9392

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 70816
MD5: 631bd98882f6fc3e1191c8c7ef942638

Located: HK_LM:Run, CTStartup
command: C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 31744
MD5: 0fb22dd37c17f80ad71316049f725170

Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: c419df63e0121d72411285780c2fc6cc

Located: HK_LM:Run, WINDVDPatch
command: CTHELPER.EXE
file: C:\WINDOWS\system32\CTHELPER.EXE
size: 24576
MD5: 3c7a868402b2dd7b65ac32bed886d9e5

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a

Located: Startup (disabled), check-ip-changed (DISABLED)
command: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\check-ip-changed.bat
file: C:\Documents
size: 4121
MD5: 2087193c3b5d6f78f30021801535f916

Located: Startup (disabled), InterVideo WinCinema Manager (DISABLED)
command: C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE
file: C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE
size: 155648
MD5: bc2c03fb9b6bae533d17d1c97ce7a391

Located: Startup (disabled), Microgarden Themebar (DISABLED)
command: C:\PROGRA~1\MICROG~1\Themebar\TBLoader.exe



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: ACROIEHELPER.OCX
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\
Long name: AcroIEHelper.ocx
Short name: ACROIE~1.OCX
Date (created): 3/22/2003 3:59:08 PM
Date (last access): 7/18/2004 6:50:42 PM
Date (last write): 4/16/2001 5:39:02 PM
Filesize: 37808
Attributes: archive
MD5: 8394ABFC1BE196A62C9F532511936DF7
CRC32: 71D6E350
Version: 0.1.0.0

{BDF3E430-B101-42AD-A544-FADC6B084872} (CNavExtBho Class)
BHO name:
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: http://www.symantec.com/nav/nav_9xnt/
info source: TonyKlein
Path: C:\Program Files\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 6/13/2004 12:50:24 PM
Date (last access): 7/18/2004 6:50:42 PM
Date (last write): 12/4/2003 6:22:30 PM
Filesize: 103368
Attributes: archive
MD5: 65C8A602DFA9D5860F1E328CB8575317
CRC32: 929FB7E0
Version: 0.10.0.0



--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 11/7/2003 8:53:12 PM
Date (last access): 7/16/2004 2:31:52 AM
Date (last write): 2/11/2003 7:02:58 AM
Filesize: 32768
Attributes: archive
MD5: 92FA0AE21D3A08B65D291724AA7D0E43
CRC32: 7B63A9DB
Version: 0.8.0.5

{2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy)
DPF name:
CLSID name: ChainCast VMR Client Proxy
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ccpm_0237.dll
Short name: CCPM_0~1.DLL
Date (created): 12/19/2002 8:09:44 PM
Date (last access): 7/18/2004 7:41:36 PM
Date (last write): 12/19/2002 8:09:44 PM
Filesize: 1488120
Attributes: archive
MD5: 2E2942127C097A132ED6FA3451BAEA06
CRC32: 9CCC07CD
Version: 0.3.0.0

{27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class)
DPF name:
CLSID name: CoGSManager Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: GSManager.dll
Short name: GSMANA~1.DLL
Date (created): 11/13/2002 8:06:00 AM
Date (last access): 7/18/2004 7:41:36 PM
Date (last write): 11/13/2002 8:06:00 AM
Filesize: 196608
Attributes: archive
MD5: EBF00A7DF8EF54D574D96C6147905343
CRC32: 64C3C67B
Version: 0.1.0.0

{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class)
DPF name:
CLSID name: YInstStarter Class

{41F17733-B041-4099-A042-B518BB6A408C} ()
DPF name:
CLSID name:

{4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control)
DPF name:
CLSID name: InstallFromTheWeb ActiveX Control
Path: C:\WINDOWS\Downloaded Program Files\
Long name: iftw.dll
Short name:
Date (created): 1/12/2000 11:09:38 AM
Date (last access): 7/18/2004 7:41:36 PM
Date (last write): 1/12/2000 11:09:38 AM
Filesize: 118784
Attributes: archive
MD5: F3E129954635DB80813C2AC7CBC2E20B
CRC32: 7D48CA96
Version: 0.3.0.0

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\System32\macromed\flash\
Long name: Flash.ocx
Short name:
Date (created): 12/8/2003 3:01:58 PM
Date (last access): 7/18/2004 6:50:42 PM
Date (last write): 12/8/2003 3:01:58 PM
Filesize: 933888
Attributes: archive
MD5: F7E435D02F7A48120B746E33254A70BC
CRC32: 02AF493D
Version: 0.7.0.0



--- Process list ---
Spybot - Search && Destroy process list report, 7/18/2004 7:56:03 PM

PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 304 ( 720) C:\Program Files\Norton AntiVirus\navapsvc.exe
PID: 400 ( 720) C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
PID: 432 (1484) C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID: 516 ( 4) \SystemRoot\System32\smss.exe
PID: 536 ( 720) C:\WINDOWS\System32\nvsvc32.exe
PID: 636 ( 720) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 644 ( 516) csrss.exe
PID: 676 ( 516) \??\C:\WINDOWS\system32\winlogon.exe
PID: 720 ( 676) C:\WINDOWS\system32\services.exe
PID: 732 ( 676) C:\WINDOWS\system32\lsass.exe
PID: 900 ( 720) C:\WINDOWS\system32\svchost.exe
PID: 988 (1484) C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID: 1004 ( 720) C:\WINDOWS\System32\svchost.exe
PID: 1224 ( 720) svchost.exe
PID: 1284 ( 720) svchost.exe
PID: 1484 (1432) C:\WINDOWS\Explorer.EXE
PID: 1492 ( 720) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PID: 1524 ( 720) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PID: 1708 ( 720) C:\WINDOWS\system32\spoolsv.exe
PID: 1904 (1484) C:\WINDOWS\System32\CTHELPER.EXE
PID: 1948 (1484) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PID: 1988 (1484) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe


--- Browser start & search pages list ---
Spybot - Search && Destroy browser pages report, 7/18/2004 7:56:03 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\System32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ca.red.clientapps.yahoo.com/customi.../search/ie.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.hispeed.rogers.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://ca.red.clientapps.yahoo.com/customi...//www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://ca.red.clientapps.yahoo.com/customi...//www.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ca.red.clientapps.yahoo.com/customi.../search/ie.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://ca.red.clientapps.yahoo.com/customi...ogers.yahoo.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://home.excite.ca/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E071E6D-4F65-4164-8B2E-674A1951FD77}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E071E6D-4F65-4164-8B2E-674A1951FD77}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A8D36E1-07FF-4864-A47D-DF8B7D93E4E7}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A8D36E1-07FF-4864-A47D-DF8B7D93E4E7}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EFC9F397-1153-485E-A525-3B54B2CD1109}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EFC9F397-1153-485E-A525-3B54B2CD1109}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{59C03450-2EA3-4457-BD54-8B5063A2A8FD}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{59C03450-2EA3-4457-BD54-8B5063A2A8FD}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DD0ED02D-8440-4895-B44E-B804D4020EDF}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DD0ED02D-8440-4895-B44E-B804D4020EDF}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{97E1EE42-5DA8-4C7C-845B-6445019050CC}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{97E1EE42-5DA8-4C7C-845B-6445019050CC}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

#3 Apocalypse1972

Apocalypse1972
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 18 July 2004 - 07:00 PM

I tried to fix the dso entries, spybot says they are removed and then when I run spybot again it finds them again

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:50 PM

Posted 18 July 2004 - 10:17 PM

Dont worry about the DSO entries.

The DSO Exploit is a bug in Spybot S&D. If you have your sytem updated with the latest patches you are fine.


As for the slowness of the machine, I did not see anything by glancing at the listing of autostarts. Do me a favor and post a hijackthis log in the hijackthis logs forum. There is a post pinned to the top of the forum that explains how. I will look through their and see if there is anything that I can find that may be a problem.

I like your avatar btw

#5 Apocalypse1972

Apocalypse1972
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 19 July 2004 - 07:45 AM

Thnx Grinler, the log is there now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users