The latest definitions detect the following, which I believe is a legacy registry entry from the Maxthon browser, and not from the Cram Toolbar which is not on my system.

Cram Toolbar: Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1710738407-720897496-4103935507-1005\Software\Maxthon


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 TeaTimer_original.exe (1.4.0.2)
2005-06-01 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-11-04 Includes\Cookies.sbi (*)
2005-11-04 Includes\Dialer.sbi (*)
2005-11-04 Includes\Hijackers.sbi (*)
2005-11-04 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-11-04 Includes\Malware.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2005-11-04 Includes\PUPS.sbi (*)
2005-11-04 Includes\Revision.sbi (*)
2005-11-04 Includes\Security.sbi (*)
2005-11-04 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-11-04 Includes\Trojans.sbi (*)

Yes I think it may be a false positive as well. I posted a thread on the Maxthon Forum for this entry and was told it was a false positive.

Cram Toolbar: Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3154836323-3880720546-2365578712-1005\Software\Maxthon


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-01 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-11-04 Includes\Cookies.sbi (*)
2005-11-04 Includes\Dialer.sbi (*)
2005-11-04 Includes\Hijackers.sbi (*)
2005-11-04 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-11-04 Includes\Malware.sbi (*)
2005-11-04 Includes\PUPS.sbi (*)
2005-11-04 Includes\Revision.sbi (*)
2005-11-04 Includes\Security.sbi (*)
2005-11-04 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-11-04 Includes\Trojans.sbi (*)

Thank you for reporting, I will bring to the detectives attention.

You may notice too that c:\program files\crash toolbar\... does not exist (which would indicate this adware being installed on the computer as per other forums).

So I also think this is a false positive.

So long as you had MyIE2, Maxthon browser installed, a Spybot SD scan will pick up a Cram toolbar problem. Fixing that problem dont really had any effect so false positive or not dont really matters.:p

thank you for reporting,
this false positive will be removed with the next detection update scheduled for the end of this week

;)

So long as you had MyIE2, Maxthon browser installed, a Spybot SD scan will pick up a Cram toolbar problem. Fixing that problem dont really had any effect so false positive or not dont really matters.:p

So you mean that this occurs if you have Maxthon (MyIE2) installed?

This is true for me. Thanks. We suspected the connection and found similar posts at Maxthon's forum site.

Whenever S S&D finds cram and I select more info to go the registry entry, a new window pops up:

SYSTEM AGENT COM WINDOW.

It's blank, has the 3 Min, Max and Close buttons, and will min & max but won't close.

Does anyone know what this might be? I don't have c:\program files\crash toolbar\ folder.

Thanks!
Dugie


thank you for reporting,
this false positive will be removed with the next detection update scheduled for the end of this week

;)

The latest definitions fix it. Thank you.

The latest definitions fix it. Thank you.

Greatly appreciated!