I found the above False Positive whilst using the On-Demand Scanner on 2 "UNWISE" Un-installers. I can repeat this False Positive on both Programs.

I ran a full Spyware only Scan and it turned up nothing, I also scanned with Avast! On-Demand Scanner and Malwarebyte's On-Demand Scanner and they also failed to find anything.

My System:


Windows Vista Home Premium SP1 (Fully Patched)

Internet Explorer 7 (Fully Patched)

Spybot 1.6.1.38 with Todays updates including the beta updates (10/12/2008).


Screenshot:





Log File:

--- Spybot - Search & Destroy version: 1.6.1 (build: 20081112) ---
2008-11-13 blindman.exe (1.0.0.8)
2008-06-18 SDDelFile.exe (1.0.2.5)
2008-11-13 SDFiles.exe (1.6.1.7)
2008-11-13 SDMain.exe (1.0.0.6)
2008-11-13 SDShred.exe (1.0.2.4)
2008-11-13 SDUpdate.exe (1.6.0.11)
2008-11-13 SDWinSec.exe (1.0.0.12)
2008-11-13 SpybotSD.exe (1.6.1.38)
2008-11-13 TeaTimer.exe (1.6.4.26)
2008-11-23 unins000.exe (51.49.0.0)
2008-11-13 Update.exe (1.6.0.7)
2008-11-13 advcheck.dll (1.6.2.14)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-11-13 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-11-13 Tools.dll (2.1.6.10)
2008-11-04 Includes\Adware.sbi
2008-12-09 Includes\AdwareC.sbi
2008-12-09 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2008-06-03 Includes\Cookies.sbi
2008-09-02 Includes\Dialer.sbi
2008-09-09 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-11-18 Includes\Hijackers.sbi
2008-11-18 Includes\HijackersC.sbi
2008-12-09 Includes\Keyloggers.sbi
2008-12-09 Includes\KeyloggersC.sbi
2008-11-18 Includes\Malware.sbi
2008-12-09 Includes\MalwareC.sbi
2008-11-03 Includes\PUPS.sbi
2008-12-09 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-12-09 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-12-10 Includes\Spyware.sbi
2008-12-10 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-11-04 Includes\Trojans.sbi
2008-12-10 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

--- Startup entries list ---
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 55EBFBAB39BFAB5E62358C093F297641
Located: HK_LM:Run, COMODO Firewall Pro
command: "C:\Program Files\COMODO\Firewall\cfp.exe" -h
file: C:\Program Files\COMODO\Firewall\cfp.exe
size: 1796856
MD5: B443A3B66DFBC137EEE36BEC364735F5
Located: HK_LM:Run, HotKeysCmds
command: C:\Windows\system32\hkcmd.exe
file: C:\Windows\system32\hkcmd.exe
size: 166424
MD5: E0913BFFE047972BAA72AC3AE608E24D
Located: HK_LM:Run, HP Metrics
command: C:\Program Files\HP\Personal Printing Solutions Product Research\HP Product Research.exe a
file: C:\Program Files\HP\Personal Printing Solutions Product Research\HP Product Research.exe
size: 368640
MD5: 36BA55D14C3F78C2F137D741EB99E3C0
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 7AF5A466CF4AECA28E3DCBCF5B6FD220
Located: HK_LM:Run, hpsysdrv
command: c:\hp\support\hpsysdrv.exe
file: c:\hp\support\hpsysdrv.exe
size: 65536
MD5: 9A4322EE420D6FACD4D4B1FF6CB856B1
Located: HK_LM:Run, IgfxTray
command: C:\Windows\system32\igfxtray.exe
file: C:\Windows\system32\igfxtray.exe
size: 141848
MD5: EF4FF93786AE65DD307FCADABCD087CA
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F
Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
Located: HK_LM:Run, Persistence
command: C:\Windows\system32\igfxpers.exe
file: C:\Windows\system32\igfxpers.exe
size: 133656
MD5: 83591BC9E3328F5BACCF487CD12414EB
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4874240
MD5: 361CD47DC5BD83EE24407903233B0D9A
Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe" -delete
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 136600
MD5: B98FFA8288EFAABC436C30D198608345
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
Located: HK_CU:Run, Sidebar
where: S-1-5-19...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6
Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-19...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725
Located: HK_CU:Run, Sidebar
where: S-1-5-20...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6
Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-20...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725
Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-16169106-2878052200-2811833100-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-16169106-2878052200-2811833100-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
Located: Startup (common), HP Digital Imaging Monitor.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: F14219FC767F1383526AB423F278A8E3
Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
Path:
Long name: __BHODemonDisabled
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 27/03/2008 16:50:26
Date (last access): 23/11/2008 19:52:52
Date (last write): 13/11/2008 16:19:32
Filesize: 1877336
Attributes: archive
MD5: D0EE028C2FB3F0C38B40147F9AB31F77
CRC32: 90CB2B8B
Version: 1.6.2.14
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Java(tm) Plug-In SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: ssv.dll
Short name:
Date (created): 28/10/2008 14:40:42
Date (last access): 10/11/2072 03:39:26
Date (last write): 10/11/2008 05:43:32
Filesize: 320920
Attributes: archive
MD5: 35E6FB6E6003BD54A5D69C9C1C762192
CRC32: 9699660C
Version: 6.0.110.3
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 28/10/2008 14:40:40
Date (last access): 10/11/2008 03:39:26
Date (last write): 10/11/2008 05:43:16
Filesize: 34816
Attributes: archive
MD5: 5D57FD3DF32DC69CEC3D1D54B4C43162
CRC32: D7C13FB2
Version: 6.0.110.3
{DC3EB972-8628-4C46-B7CE-25EBD05EA362} (NetPurity.SiteAccess)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: NetPurity.SiteAccess
Path: C:\Windows\System32\
Long name: NetPurity.dll
Short name: NETPUR~1.DLL
Date (created): 03/12/2008 18:27:50
Date (last access): 03/12/2008 18:27:50
Date (last write): 23/03/2005 18:02:20
Filesize: 49152
Attributes: archive
MD5: 425ABE2C7E142680CEA5682473817439
CRC32: A5BA056E
Version: 1.1.0.0
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ()
DPF name:
CLSID name:
Installer:
Codebase:
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\Windows\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/downlo...eckControl.cab
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 20/03/2008 17:06:36
Date (last access): 20/03/2008 17:06:36
Date (last write): 20/03/2008 17:06:36
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Installer: C:\Windows\Downloaded Program Files\MSNPUpld.inf
Codebase: http://gfx1.hotmail.com/mail/w2/reso...PUplden-gb.cab
description:
classification: Legitimate
known filename: MsnPUpld.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\Downloaded Program Files\
Long name: MsnPUpld.dll
Short name:
Date (created): 20/11/2006 11:04:16
Date (last access): 20/11/2006 11:04:16
Date (last write): 20/11/2006 11:04:16
Filesize: 543544
Attributes: archive
MD5: A0F541D9D2CACEEC7A4A378CD0C31626
CRC32: 035C591F
Version: 10.0.914.0
{73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class)
DPF name:
CLSID name: GMNRev Class
Installer: C:\Windows\Downloaded Program Files\setup.inf
Codebase: http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
Path: C:\Program Files\HP\Common\
Long name: HPGMNRev.dll
Short name:
Date (created): 29/07/2008 13:47:04
Date (last access): 27/08/2008 19:53:18
Date (last write): 29/07/2008 13:47:04
Filesize: 198448
Attributes: archive
MD5: D118AAAB43BFAB719B2F185C3D556E54
CRC32: 4FA69970
Version: 8.7.13.0
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 28/10/2008 14:40:40
Date (last access): 10/11/2008 03:39:26
Date (last write): 10/11/2008 05:43:16
Filesize: 94208
Attributes: archive
MD5: 3DA696FCE470365F830726A5DB33733F
CRC32: F0FC81C2
Version: 6.0.110.3
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get.../ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:
description:
classification: Legitimate
known filename: npjpi160_01.dll
info link:
info source: Safer Networking Ltd.
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07)
DPF name:
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase:
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 28/10/2008 14:40:40
Date (last access): 10/11/2008 03:39:26
Date (last write): 10/11/2008 05:43:16
Filesize: 94208
Attributes: archive
MD5: 3DA696FCE470365F830726A5DB33733F
CRC32: F0FC81C2
Version: 6.0.110.3
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10)
DPF name:
CLSID name: Java Plug-in 1.6.0_10
Installer:
Codebase:
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 28/10/2008 14:40:40
Date (last access): 10/11/2008 03:39:26
Date (last write): 10/11/2008 05:43:16
Filesize: 94208
Attributes: archive
MD5: 3DA696FCE470365F830726A5DB33733F
CRC32: F0FC81C2
Version: 6.0.110.3
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 28/10/2008 14:40:40
Date (last access): 10/11/2008 03:39:26
Date (last write): 10/11/2008 05:43:16
Filesize: 94208
Attributes: archive
MD5: 3DA696FCE470365F830726A5DB33733F
CRC32: F0FC81C2
Version: 6.0.110.3
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_11
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_11.dll
Short name: NPJPI1~1.DLL
Date (created): 10/11/2008 03:39:26
Date (last access): 10/11/2072 03:39:26
Date (last write): 10/11/2008 05:43:32
Filesize: 132504
Attributes: archive
MD5: D400116F6776ACB6EDB6B1F5EEB9F92D
CRC32: CECB5751
Version: 6.0.110.3
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\Windows\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/ge...sh/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\Windows\system32\Macromed\Flash\
Long name: Flash10a.ocx
Short name:
Date (created): 05/10/2008 03:16:26
Date (last access): 06/12/2008 15:17:14
Date (last write): 05/10/2008 03:16:26
Filesize: 3789728
Attributes: readonly archive
MD5: 466C1355934925768822E380DA6E6E4A
CRC32: 48EC1E52
Version: 10.0.12.36

--- Process list ---
PID: 3404 (1196) C:\Windows\system32\taskeng.exe
size: 169472
MD5: 5F109032CE46B7184ED9E50F9FE8489E
PID: 3444 (1184) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 59903071D7ACE6A02093C47E9E38AF97
PID: 3512 (3432) C:\Windows\Explorer.EXE
size: 2927104
MD5: FFA764631CB70A30065C12EF8E174F9F
PID: 3744 (3512) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 3756 (3512) C:\hp\support\hpsysdrv.exe
size: 65536
MD5: 9A4322EE420D6FACD4D4B1FF6CB856B1
PID: 3780 (3512) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3808 (3512) C:\Windows\RtHDVCpl.exe
size: 4874240
MD5: 361CD47DC5BD83EE24407903233B0D9A
PID: 3828 (3512) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
size: 49152
MD5: 7AF5A466CF4AECA28E3DCBCF5B6FD220
PID: 3848 (3512) C:\Windows\System32\hkcmd.exe
size: 166424
MD5: E0913BFFE047972BAA72AC3AE608E24D
PID: 3860 (3512) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 3868 (3512) C:\Windows\System32\igfxpers.exe
size: 133656
MD5: 83591BC9E3328F5BACCF487CD12414EB
PID: 3892 (3512) C:\Program Files\HP\Personal Printing Solutions Product Research\HP Product Research.exe
size: 368640
MD5: 36BA55D14C3F78C2F137D741EB99E3C0
PID: 3908 (3512) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 55EBFBAB39BFAB5E62358C093F297641
PID: 3984 ( 904) C:\Windows\system32\igfxsrvc.exe
size: 256536
MD5: E604D80346076DDD1B9F214678A35A38
PID: 4092 ( 904) C:\Windows\system32\wbem\unsecapp.exe
size: 37888
MD5: 25873356E52849C3F5B3F1B02317E8C8
PID: 596 (3512) C:\Program Files\COMODO\Firewall\cfp.exe
size: 1796856
MD5: B443A3B66DFBC137EEE36BEC364735F5
PID: 2472 (3512) C:\Program Files\Java\jre6\bin\jusched.exe
size: 136600
MD5: B98FFA8288EFAABC436C30D198608345
PID: 1144 (3512) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 2764 (3512) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: F14219FC767F1383526AB423F278A8E3
PID: 3656 ( 904) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 3260 (2764) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
size: 151552
MD5: FEDDD3579FEE51A9873D856DF3933C68
PID: 5044 (5032) C:\Program Files\Internet Explorer\ieuser.exe
size: 299520
MD5: 5B2E1C16A2C420F60CD391B666003F14
PID: 5472 (3764) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 4256 (3512) C:\Program Files\Spybot - Search & Destroy\SDFiles.exe
size: 1744384
MD5: 900F5B9AB8629BA460D447CBBF3078C1
PID: 6072 (4252) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 5B92133D3E7FB2644677686305E29E81
PID: 5676 (2064) C:\Windows\system32\SearchFilterHost.exe
size: 87552
MD5: 87889A983C015080FA813D7E32910D1E
PID: 5780 (3512) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5287768
MD5: F55B10E6B28A01265A18E7DB787282AB
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 452 ( 4) smss.exe
size: 64000
PID: 604 ( 592) csrss.exe
size: 6144
PID: 648 ( 592) wininit.exe
size: 96768
PID: 660 ( 640) csrss.exe
size: 6144
PID: 692 ( 648) services.exe
size: 279040
PID: 708 ( 648) lsass.exe
size: 9728
PID: 716 ( 648) lsm.exe
size: 229888
PID: 748 ( 640) winlogon.exe
size: 314880
PID: 904 ( 692) svchost.exe
size: 21504
PID: 968 ( 692) svchost.exe
size: 21504
PID: 1004 ( 692) svchost.exe
size: 21504
PID: 1112 ( 692) svchost.exe
size: 21504
PID: 1184 ( 692) svchost.exe
size: 21504
PID: 1196 ( 692) svchost.exe
size: 21504
PID: 1284 (1112) audiodg.exe
size: 88064
PID: 1316 ( 692) SLsvc.exe
size: 2623488
PID: 1404 ( 692) svchost.exe
size: 21504
PID: 1508 ( 692) svchost.exe
size: 21504
PID: 1584 ( 692) aswUpdSv.exe
PID: 1608 ( 692) ashServ.exe
PID: 1896 ( 692) spoolsv.exe
size: 125952
PID: 1920 ( 692) svchost.exe
size: 21504
PID: 468 (1196) taskeng.exe
size: 169472
PID: 788 ( 692) cmdagent.exe
PID: 1168 ( 692) svchost.exe
size: 21504
PID: 1276 ( 692) LSSrvc.exe
PID: 1440 ( 692) svchost.exe
size: 21504
PID: 1704 ( 692) svchost.exe
size: 21504
PID: 1844 ( 692) svchost.exe
size: 21504
PID: 488 ( 692) svchost.exe
size: 21504
PID: 836 ( 692) svchost.exe
size: 21504
PID: 2064 ( 692) SearchIndexer.exe
size: 439808
PID: 2252 ( 692) SDWinSec.exe
size: 1124184
MD5: EF94D5714AD0AC78ADAFF8A3A6438DDD
PID: 2440 (1184) WUDFHost.exe
size: 142336
PID: 2664 ( 692) ashMaiSv.exe
PID: 2776 ( 692) ashWebSv.exe
PID: 3996 ( 692) wmpnetwk.exe
PID: 2768 ( 904) WmiPrvSE.exe
PID: 5224 ( 692) HPHC_Service.exe
PID: 4216 ( 692) infocard.exe
PID: 5068 (2064) SearchProtocolHost.exe
size: 184832

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 10/12/2008 12:43:25
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.co.uk/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896

--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 6: RSVP TCPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 8: RSVP UDPv6 Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 9: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{114E311E-6CE2-404C-9BC3-B537B8F2651C}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{114E311E-6CE2-404C-9BC3-B537B8F2651C}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{39C42534-2708-497A-9082-659CBCC7CD75}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{39C42534-2708-497A-9082-659CBCC7CD75}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{114E311E-6CE2-404C-9BC3-B537B8F2651C}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{114E311E-6CE2-404C-9BC3-B537B8F2651C}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 5: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

PS: I previously reported another False Positive with same Files (seen Here) that false positive is now fixed but it has been replaced with another F/P for Accooner.