Spybot freezes at "Fix Selected Problems"

**drragostea** · 2008-10-07, 00:13

Originally Posted by Missionaryman

but I have no a window, where I can check the "problem" or to click "fix selected problems".

You'll have to click on the "Search&Destroy" tab.

**Missionaryman** · 2008-10-08, 06:04

Stimate drragostea

Thank you very much for your answer

"You'll have to click on the "Search&Destroy" tab. "

This is mean, I have to start a third Full scan?

By the way, today after I clicked to "Fix selected problems" the S&D collapsed.
Before this, I did copied to clipboard the full report, with intentions to Past here, but just gone.

**Missionaryman** · 2008-10-08, 06:33

--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-04-26 unins000.exe (51.41.0.0)
2008-10-05 unins001.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-09-02 Includes\Adware.sbi
2008-09-09 Includes\AdwareC.sbi
2008-09-30 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2008-06-03 Includes\Cookies.sbi
2008-09-02 Includes\Dialer.sbi
2008-09-09 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-09-02 Includes\Hijackers.sbi
2008-09-02 Includes\HijackersC.sbi
2008-09-09 Includes\Keyloggers.sbi
2008-09-30 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-09-09 Includes\Malware.sbi
2008-09-30 Includes\MalwareC.sbi
2008-09-02 Includes\PUPS.sbi
2008-09-11 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-09-30 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-09-09 Includes\Spyware.sbi
2008-09-23 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-09-30 Includes\Trojans.sbi
2008-09-30 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB928367)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3 (KB867461)
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB889293
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB916281
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918439
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918899
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB925486
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Outlook Express 6 / SP1: Windows XP Hotfix - KB911567
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB954154)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB933566)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB937143)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB939653)
/ Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Security Update for Windows XP (KB938464)
/ Windows XP / SP4: Security Update for Windows XP (KB946648)
/ Windows XP / SP4: Security Update for Windows XP (KB950760)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951066)
/ Windows XP / SP4: Update for Windows XP (KB951072-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951376)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951698)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Update for Windows XP (KB951978)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Security Update for Windows XP (KB953839)

--- Startup entries list ---
Located: HK_LM:Run, AirPort Base Station Agent
command: "C:\Program Files\AirPort\APAgent.exe"
file: C:\Program Files\AirPort\APAgent.exe
size: 737280
MD5: D9E930B47AF5B2366B2498A57C95D1A3

Located: HK_LM:Run, AppleSyncNotifier
command: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
file: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
size: 116040
MD5: 27E0EB81AE55788C8FBE6D489F862168

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 335872
MD5: EE915A9B3B8FCEE769D326E4602263A3

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 78008
MD5: 66893067C2FB0505F151D3FCB8EA92B5

Located: HK_LM:Run, CARPService
command: carpserv.exe
file: C:\WINDOWS\system32\carpserv.exe
size: 4608
MD5: EA3BE7F5CDEF0FE4DF1BF6DBFE7ABDE0

Located: HK_LM:Run, Earthlink Protection Control Center
command: "C:\Program Files\EarthLink\EarthLink Protection Control Center\BIN\elnk_pcc2.exe" /tray
file: C:\Program Files\EarthLink\EarthLink Protection Control Center\BIN\elnk_pcc2.exe
size: 67048
MD5: 79E518C32BA20A0373C39932D1F6FE2E

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 289064
MD5: 4CED92963F453EB8DCFE67FD4248D657

Located: HK_LM:Run, lxdjamon
command: "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe"
file: C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
size: 20480
MD5: BE82AE3DC56D07D4B476EF962B3C6085

Located: HK_LM:Run, LXDJCATS
command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll
size: 102400
MD5: 9DB9E8B9F590B9BF9E9DFD4C5360AA95

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 413696
MD5: F34EB5D4F145ED5FE50033CA3A41ED24

Located: HK_LM:Run, srmclean
command: C:\Cpqs\Scom\srmclean.exe
file: C:\Cpqs\Scom\srmclean.exe
size: 36864
MD5: 787B8AD5FEF1A68D3ED00E4E393B9D18

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 688218
MD5: A0AC3841DC595B5D86AB9E5016A0E36A

Located: HK_LM:Run, SynTPLpr
command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 98394
MD5: AB349998E551DE1C0DCC5AD63CE41D31

Located: HK_LM:Run, vsc32cnf.exe
command: C:\Program Files\Roland\VSC32\vsc32cnf.exe
file: C:\Program Files\Roland\VSC32\vsc32cnf.exe
size: 36864
MD5: 939E091564A2D1DF9FC185909E0E0592

Located: HK_LM:Run, wwu
command: C:\Program Files\Winbond\WLAN\wwu.exe
file: C:\Program Files\Winbond\WLAN\wwu.exe
size: 943104
MD5: 261136A6D17221D2B7F88048E162A9F2

Located: HK_CU:Run, CTFMON.EXE
where: .DEFAULT...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:RunOnce, IETI
where: .DEFAULT...
command: C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
file: C:\Program Files\Skype\Phone\IEPlugin\unins000.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1630763251-170375242-4018089512-1003...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1630763251-170375242-4018089512-1003...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1833296
MD5: 63B3FF83B87AFCEBA89CED54695DA0F6

Located: HK_CU:Run, CTFMON.EXE
where: S-1-5-18...
command: C:\WINDOWS\system32\CTFMON.EXE
file: C:\WINDOWS\system32\CTFMON.EXE
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:RunOnce, IETI
where: S-1-5-18...
command: C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
file: C:\Program Files\Skype\Phone\IEPlugin\unins000.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (common), Adobe Reader Speed Launch.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: DFCB9ADE94A4F8A7C42EEF41101A30AD

Located: Startup (common), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 3979BB2D12D6F2E82C6B320DE92CD757

Located: Startup (common), MozyHome Status.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\MozyHome\mozystat.exe
file: C:\Program Files\MozyHome\mozystat.exe
size: 2311472
MD5: FBB6680FFC6ABEC15158D345F322B5F7

Located: Startup (user), Adobe Media Player.lnk
where: C:\Documents and Settings\Owner\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe Media Player\Adobe Media Player.exe
file: C:\Program Files\Adobe Media Player\Adobe Media Player.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (disabled), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpqtra08.exe
size: 282624
MD5: 3A6CA22B20D307ADF63931C9FC42274A

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

--- Browser helper object list ---
{00000000-0000-0000-0000-000000000002} (EarthLink BHO Guard)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: EarthLink BHO Guard
CLSID name: ElnkBhoGuard Class
Path: C:\Program Files\EarthLink\Toolbar\
Long name: EScamBlk.dll
Short name:
Date (created): 7/20/2007 7:35:06 AM
Date (last access): 10/8/2008 11:11:44 AM
Date (last write): 7/20/2007 7:35:06 AM
Filesize: 247272
Attributes: archive
MD5: 9C6AE34B0658E27B080B7903881129CE
CRC32: 9CACE02B
Version: 4.0.184.0

{02478D38-C3F9-4efb-9B51-7695ECA05670} (&Yahoo! Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: &Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\
Long name: yt.dll
Short name:
Date (created): 12/19/2007 6:49:22 AM
Date (last access): 10/8/2008 11:47:08 AM
Date (last write): 12/19/2007 6:49:22 AM
Filesize: 817936
Attributes: archive
MD5: 5A9E77C71D6D7030BC170DD7CF04CF5D
CRC32: 74F4CBB1
Version: 2007.12.18.1

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/18/2006 4:16:42 AM
Date (last access): 10/8/2008 11:20:20 AM
Date (last write): 12/18/2006 4:16:42 AM
Filesize: 59032
Attributes: archive
MD5: 4EA3A6CD9D20584FFAFDB1E47DBF0E20
CRC32: 7B0A854F
Version: 7.0.9.50

{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (Lexmark Toolbar)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Lexmark Toolbar
Path: C:\Program Files\Lexmark Toolbar\
Long name: toolband.dll
Short name:
Date (created): 8/19/2007 12:26:02 AM
Date (last access): 10/8/2008 11:11:44 AM
Date (last write): 5/29/2007 4:04:02 PM
Filesize: 258048
Attributes: archive
MD5: D631086D9E561B99D1140C3C912BD0D9
CRC32: 526A3603

{15F4D456-5BAA-4076-8486-EECB38CD3E57} (EarthLink ScamBlocker V3)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: EarthLink ScamBlocker V3
CLSID name: ElnkScamBHO Class
Path: C:\Program Files\EarthLink\Toolbar\
Long name: EScamBlk.dll
Short name:
Date (created): 7/20/2007 7:35:06 AM
Date (last access): 10/8/2008 1:07:54 PM
Date (last write): 7/20/2007 7:35:06 AM
Filesize: 247272
Attributes: archive
MD5: 9C6AE34B0658E27B080B7903881129CE
CRC32: 9CACE02B
Version: 4.0.184.0

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Skype add-on (mastermind)
CLSID name: Skype add-on (mastermind)
Path: C:\Program Files\Skype\Toolbars\Internet Explorer\
Long name: SkypeIEPlugin.dll
Short name: SKYPEI~1.DLL
Date (created): 8/17/2007 10:45:14 AM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 8/17/2007 10:45:14 AM
Filesize: 1062184
Attributes: archive
MD5: 5691045B4F891D8A7CE6F04FE3EBF9C7
CRC32: FB57CE14
Version: 2.2.0.105

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.6.26.dll
Short name: BITCOM~2.DLL
Date (created): 6/26/2008 2:21:58 PM
Date (last access): 10/8/2008 11:03:06 AM
Date (last write): 6/26/2008 2:21:58 PM
Filesize: 656696
Attributes: archive
MD5: C437215F1FB9998A3FE08E1C918A730E
CRC32: 01E44BCF
Version: 1.2.6.26

{45AD732C-2CE2-4666-B366-B2214AD57A49} (Idea2 SidebarBrowserMonitor Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Idea2 SidebarBrowserMonitor Class
description: Desktop Sidebar
classification: Legitimate
known filename: sbhelp.dll
info link: http://sidebar.tech-critic.com/
info source: TonyKlein
Path: C:\Program Files\Desktop Sidebar\
Long name: sbhelp.dll
Short name:
Date (created): 9/5/2004 7:05:56 AM
Date (last access): 10/8/2008 11:03:06 AM
Date (last write): 9/5/2004 7:05:56 AM
Filesize: 233472
Attributes:
MD5: 45545AA56620007F54C00A583643C9E1
CRC32: BC1A6C6D
Version: 1.4.75.0

{512ACF1B-64D9-4928-B382-A80556F28DB4} (EarthLink PopUp Blocker V2)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: EarthLink PopUp Blocker V2
CLSID name: ElnkPubBHO Class
Path: C:\Program Files\EarthLink\Toolbar\
Long name: ElnkPuB.dll
Short name:
Date (created): 7/20/2007 7:35:06 AM
Date (last access): 10/8/2008 11:11:44 AM
Date (last write): 7/20/2007 7:35:06 AM
Filesize: 255464
Attributes: archive
MD5: D96B871BB1C0623C54F8B3EE6C03F44B
CRC32: 607C2BB5
Version: 4.0.75.0

{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 4/26/2008 10:26:04 AM
Date (last access): 10/8/2008 1:07:54 PM
Date (last write): 9/15/2008 2:25:44 PM
Filesize: 1562960
Attributes:
MD5: 35F73F1936BDE91F1B6995510A61E7A8
CRC32: BE6A5D15
Version: 1.6.2.14

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (Yahoo! IE Services Button)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Yahoo! IE Services Button
Path: C:\Program Files\Yahoo!\Common\
Long name: yiesrvc.dll
Short name:
Date (created): 12/13/2007 7:09:42 AM
Date (last access): 10/8/2008 11:11:44 AM
Date (last write): 12/13/2007 7:09:42 AM
Filesize: 222448
Attributes: archive
MD5: BBDE3B4ACB928F30A35DBA4DD11564E1
CRC32: F07520BB
Version: 2007.12.12.1

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: ssv.dll
Short name:
Date (created): 5/21/2008 2:43:06 PM
Date (last access): 10/8/2008 11:20:20 AM
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 509328
Attributes: archive
MD5: 5B42CB6A121256465B251840FDB1B2FE
CRC32: 6EF0BCE9
Version: 6.0.50.13

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 9/20/2007 10:30:18 AM
Date (last access): 10/8/2008 11:12:38 AM
Date (last write): 9/20/2007 10:30:18 AM
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1

{9579D574-D4D8-4335-9560-FE8641A013BD} (Earthlink Protection BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Earthlink Protection BHO
CLSID name: ElnkProtectionBHO Class
Path: C:\Program Files\EarthLink\Toolbar\
Long name: ProtctIE.dll
Short name:
Date (created): 7/20/2007 7:35:08 AM
Date (last access): 10/8/2008 11:20:20 AM
Date (last write): 7/20/2007 7:35:08 AM
Filesize: 415208
Attributes: archive
MD5: 487302AD4E4C68E6FAC7B24891E893B7
CRC32: 4E88F406
Version: 4.0.75.0

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll googletoolbar*.dll (* = number) googletoolbar_en_*.**-big.dll Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 4/24/2007 8:51:08 PM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 1/20/2007 4:55:32 PM
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program Files\Windows Live Toolbar\
Long name: msntb.dll
Short name:
Date (created): 9/28/2006 6:45:28 AM
Date (last access): 10/8/2008 11:20:20 AM
Date (last write): 2/13/2007 4:56:04 AM
Filesize: 546672
Attributes: archive
MD5: 0FAF0281CBC1F5B8293A2A03745C0ACB
CRC32: C42472CB
Version: 3.1.0.130

{E713904C-DF05-4C79-BBAD-02DB923253BE} (Uninstall Legacy Earthlink Toolbar)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Uninstall Legacy Earthlink Toolbar
CLSID name: ElnkLegacyUninstBHO Class
Path: C:\Program Files\EarthLink\Toolbar\
Long name: uninsttb.dll
Short name:
Date (created): 7/20/2007 7:35:08 AM
Date (last access): 10/8/2008 11:11:44 AM
Date (last write): 7/20/2007 7:35:08 AM
Filesize: 280040
Attributes: archive
MD5: 134E1F09CAC5E2A4B415B80986C4DB4D
CRC32: E243CCCC
Version: 4.0.75.0

--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\dajava.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support)
DPF name:
CLSID name: Installation Support
Installer:
Codebase: C:\Program Files\Yahoo!\Common\Yinsthelper.dll
description: Yahoo! Installation helper
classification: Legitimate
known filename: %SystemRoot%\Downloaded Program Files\yinsthelper.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Yahoo!\Common\
Long name: YInstHelper.dll
Short name: YINSTH~1.DLL
Date (created): 11/29/2007 6:55:58 AM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 11/29/2007 6:55:58 AM
Filesize: 211744
Attributes: archive
MD5: 48FF0FA1CAB4AD6ACEF9027F34090880
CRC32: 284355E3
Version: 2007.11.28.1

{49232000-16E4-426C-A231-62846947304B} (SysData Class)
DPF name:
CLSID name: SysData Class
Installer: C:\WINDOWS\Downloaded Program Files\sysinfo.inf
Codebase: http://ipgweb.cce.hp.com/rdqnbk/downloads/sysinfo.cab
description:
classification: Legitimate
known filename: SysInfo.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\DOWNLO~1\
Long name: SysInfo.dll
Short name:
Date (created): 5/15/2007 4:33:20 PM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 5/15/2007 4:33:20 PM
Filesize: 251448
Attributes: archive
MD5: 55E8A05DDA26E8C455A7730721DCAF60
CRC32: 38BB3B52
Version: 2.4.0.0

{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Installer: C:\WINDOWS\Downloaded Program Files\MSNPupld.inf
Codebase: http://by13fd.bay13.hotmail.msn.com/...s/MsnPUpld.cab
description:
classification: Legitimate
known filename: MsnPUpld.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnPUpld.dll

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.microsoft.com/microsof...?1154461929389
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 9:19:32 PM
Date (last access): 10/8/2008 11:09:06 AM
Date (last write): 7/18/2008 10:07:32 PM
Filesize: 210976
Attributes: archive
MD5: C5F2BE2C84D119CCE6DB901EA49D1528
CRC32: D65E48EB
Version: 7.2.6001.784

{6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager)
DPF name:
CLSID name: HP Download Manager
Installer: C:\WINDOWS\Downloaded Program Files\HPDEXAXO.inf
Codebase: https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: HPDEXAXO.dll
Short name:
Date (created): 10/18/2007 10:04:16 AM
Date (last access): 10/8/2008 11:02:54 AM
Date (last write): 10/18/2007 10:04:16 AM
Filesize: 341296
Attributes: archive
MD5: CDE357CD3FC047F5C7D8B8345B6A42BF
CRC32: 7ABDC22F
Version: 1.0.5.1

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 2/22/2008 2:33:32 AM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get.../ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control)
DPF name:
CLSID name: Get_ActiveX Control
Installer:
Codebase: https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
description:
classification: Legitimate
known filename: HPGetDownloadManager.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\DOWNLO~1\
Long name: HPGetDownloadManager.ocx
Short name: HPGETD~1.OCX
Date (created): 4/29/2007 11:53:06 AM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 4/29/2007 11:53:06 AM
Filesize: 88136
Attributes: archive
MD5: 200E3189656F9A29FB5BC7F71AB3F283
CRC32: 8C85B2F9
Version: 3.3.0.0

{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Installer: C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.inf
Codebase: http://messenger.msn.com/download/Ms...Downloader.cab
description:
classification: Legitimate
known filename: MsnMessengerSetupDownloader.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 8/14/2005 6:26:04 PM
Date (last access): 10/8/2008 11:43:20 AM
Date (last write): 8/14/2005 6:26:04 PM
Filesize: 113664
Attributes: archive
MD5: C403792A3FF639C215067D5AA680C482
CRC32: 7CD0769A
Version: 1.0.0.3

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_02
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi160_02.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_02\bin\
Long name: npjpi160_02.dll
Short name: NPJPI1~1.DLL
Date (created): 7/12/2007 9:22:38 AM
Date (last access): 10/8/2008 11:43:22 AM
Date (last write): 7/12/2007 11:00:36 AM
Filesize: 132496
Attributes: archive
MD5: E3811F1A1C5063C941EC0E2766C3EA39
CRC32: AEFD3747
Version: 6.0.20.6

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_05
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_05\bin\
Long name: npjpi160_05.dll
Short name: NPJPI1~1.DLL
Date (created): 2/22/2008 2:33:32 AM
Date (last access): 10/8/2008 1:07:56 PM
Date (last write): 2/22/2008 4:25:20 AM
Filesize: 132496
Attributes: archive
MD5: 4FDFB86D78994BD71CBB779A7809E9CD
CRC32: 5A0EB880
Version: 6.0.50.13

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 3/25/2008 11:32:42 AM
Date (last access): 10/8/2008 11:03:14 AM
Date (last write): 3/25/2008 11:32:42 AM
Filesize: 2991488
Attributes: readonly archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 9.0.124.0

--- Process list ---
PID: 0 ( 0) [System]
PID: 656 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 704 ( 656) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 728 ( 656) \??\C:\WINDOWS\system32\winlogon.exe
size: 507904
PID: 772 ( 728) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 0E776ED5F7CC9F94299E70461B7B8185
PID: 784 ( 728) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: BF2466B3E18E970D8A976FB95FC1CA85
PID: 944 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1052 ( 772) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1148 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1328 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1540 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1572 (1488) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 12896823FB95BFB3DC9B46BCAEDC9923
PID: 1684 (1572) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
PID: 1708 ( 772) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 16056
MD5: E2323AD197689D607EBC52137B4DFB2E
PID: 1764 ( 772) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 147640
MD5: 58E57D723BD437049F74408016E1735D
PID: 124 ( 772) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
PID: 200 ( 772) C:\WINDOWS\System32\SCardSvr.exe
size: 95744
MD5: 86D007E7A654B9A71D1D7D856B104353
PID: 1004 ( 772) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 116040
MD5: 2BDA4A9480B550FCCA6D29C22CA54C0D
PID: 1036 ( 772) C:\Program Files\Bonjour\mDNSResponder.exe
size: 229376
MD5: CFD4C3352E29A8B729536648466E8DF5
PID: 1124 ( 772) C:\Program Files\EarthLink\EarthLink Protection Control Center\bin\UpdateService.exe
size: 38376
MD5: 2FB237D61723BA078B9E13AFE991CEE9
PID: 1552 ( 772) C:\WINDOWS\system32\HPConfig.exe
size: 151552
MD5: CD040AC1F1B10F5AE56A1F51D107AB9B
PID: 1592 ( 772) C:\WINDOWS\system32\lxdjcoms.exe
size: 537520
MD5: 2338B4CFFF30E103841E90B6E9FA5340
PID: 1828 ( 772) C:\Program Files\MozyHome\mozybackup.exe
size: 87344
MD5: 4AD0F23C07847894DBB13314E318EA48
PID: 264 ( 772) C:\WINDOWS\system32\HPZipm12.exe
size: 69632
MD5: A38B3CE68E7F126190CDE4AA3FDF050F
PID: 280 ( 772) C:\Program Files\EarthLink\EarthLink Protection Control Center\bin\ProtectionService.exe
size: 112104
MD5: B05054360C0EE8941B3F958FE80677F8
PID: 464 ( 772) C:\Program Files\Winbond\WLAN\wbsecsvc.exe
size: 270336
MD5: B3BEC25676AB2CE2FD8E82CF3BAFE46B
PID: 2124 ( 772) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 250040
MD5: BCEA9A5EEF52351E1632DD417D3E7308
PID: 2204 ( 772) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 348344
MD5: B2203D1A09CAC8232780BFCF01A9B853
PID: 2440 ( 772) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 8C515081584A38AA007909CD02020B3D
PID: 2816 (1572) C:\WINDOWS\system32\carpserv.exe
size: 4608
MD5: EA3BE7F5CDEF0FE4DF1BF6DBFE7ABDE0
PID: 2896 (1572) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 335872
MD5: EE915A9B3B8FCEE769D326E4602263A3
PID: 2992 (1572) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 98394
MD5: AB349998E551DE1C0DCC5AD63CE41D31
PID: 3020 (1572) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 688218
MD5: A0AC3841DC595B5D86AB9E5016A0E36A
PID: 3036 (1572) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 78008
MD5: 66893067C2FB0505F151D3FCB8EA92B5
PID: 3088 (1572) C:\Program Files\Roland\VSC32\vsc32cnf.exe
size: 36864
MD5: 939E091564A2D1DF9FC185909E0E0592
PID: 3108 (1572) C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
size: 144784
MD5: 836DC47E6CAD975304D1D3EB2F516A1C
PID: 3132 (1572) C:\Program Files\Winbond\WLAN\wwu.exe
size: 943104
MD5: 261136A6D17221D2B7F88048E162A9F2
PID: 3160 (1572) C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
size: 20480
MD5: BE82AE3DC56D07D4B476EF962B3C6085
PID: 3232 (1572) C:\Program Files\AirPort\APAgent.exe
size: 737280
MD5: D9E930B47AF5B2366B2498A57C95D1A3
PID: 3300 ( 772) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 3316 (1572) C:\Program Files\iTunes\iTunesHelper.exe
size: 289064
MD5: 4CED92963F453EB8DCFE67FD4248D657
PID: 3680 (1572) C:\Program Files\MozyHome\mozystat.exe
size: 2311472
MD5: FBB6680FFC6ABEC15158D345F322B5F7
PID: 4048 ( 772) C:\Program Files\iPod\bin\iPodService.exe
size: 532264
MD5: D7ED7D86C9FDDC2EEE637B303B3D6A6B
PID: 1996 (3900) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1833296
MD5: 63B3FF83B87AFCEBA89CED54695DA0F6
PID: 3520 (1572) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 2872 (1572) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 10/8/2008 1:07:55 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://mail.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.acenet.net.au/search/search-engines.asp
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD Irda [IrDA]
GUID: {3972523D-2AF1-11D1-B655-00805F3642CC}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Infrared protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Irda [IrDA]

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0F66FC13-DABE-4227-8C8A-3374E6B8FE24}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0F66FC13-DABE-4227-8C8A-3374E6B8FE24}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{52491F60-7002-45BE-BB80-713532D7B042}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{52491F60-7002-45BE-BB80-713532D7B042}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DA69C5D7-BC6D-43F3-8FE0-76EF5747A32B}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DA69C5D7-BC6D-43F3-8FE0-76EF5747A32B}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9AD2E35B-FC3B-4769-BFC5-F468FA777BB8}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9AD2E35B-FC3B-4769-BFC5-F468FA777BB8}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{35FE42A5-B979-435E-82EB-C2B1DD4B4225}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{35FE42A5-B979-435E-82EB-C2B1DD4B4225}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB686D75-DBF3-484E-8411-A9600B739ED4}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB686D75-DBF3-484E-8411-A9600B739ED4}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8619D3E9-1F13-4E4F-BB64-60810DDDDAFD}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8619D3E9-1F13-4E4F-BB64-60810DDDDAFD}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6310D870-05F2-4F57-86F2-69838E93589F}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6310D870-05F2-4F57-86F2-69838E93589F}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{349E0C2B-D186-4D1B-B8ED-C19961BC2706}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{349E0C2B-D186-4D1B-B8ED-C19961BC2706}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E30948E2-757B-40C6-A29B-64BC3E554462}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E30948E2-757B-40C6-A29B-64BC3E554462}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{746FE680-FFB3-421F-8C8E-955740C5588E}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{746FE680-FFB3-421F-8C8E-955740C5588E}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP

**md usa spybot fan** · 2008-10-08, 15:44

Missionaryman:

Originally Posted by Missionaryman

… The result: " There are 5 problems" (written on the bottom of the window) but I have no a window, where I can check the "problem" or to click "fix selected problems". …

Originally Posted by Missionaryman

… "You'll have to click on the "Search&Destroy" tab. This is mean, I have to start a third Full scan? …

No you don't have to run another scan.

After running the scan and before closing the Spybot GUI, if you click on the "Search & Destroy" button in the left hand pane the results of the scan will be displayed in the right hand pane.

I have attached three graphics to show you my results. Exhibit A is the GUI after the scan. Exhibit B shows the button to click. Exhibit C is the results displayed after clicking on the "Search & Destroy" button in the left hand pane.

**Missionaryman** · 2008-10-09, 00:53

Wow,

Thank you so much.
How blind I was, it`s a shame.

`hope at the next time S&D will not collapse at the end of the scan.

Thank you again.

M.

**Missionaryman** · 2008-10-12, 11:30

The solution was:

After a scan, I got only green stuff, one by one I selected and it was fixed except one, some office entry what needed a reboot.The reboot could not solve the problem. I right clicked to that result, I went to that specific folder and I deleted those shortcuts.
No more error, everything is fine.
I am thankful for the all "Spybot" team, all the helpers especially for "md usa spybot fan" and "drragostea".

**drragostea** · 2008-10-13, 02:27

You're very welcome.

Thread: Spybot freezes at "Fix Selected Problems"

Thread Tools

Display

Multumesc

Here's the Report; thank you

Posting Permissions