- Forum
- Software
- Spybot
- "Running bot check [156787/156787: Firefox - default - bookmarks] - Stuck!!!
-
"Running bot check [156787/156787: Firefox - default - bookmarks] - Stuck!!!
After downloading, installing, and updating Spybot, every time I run the program the process seemed to be proceeding normally until the status line showed this message: "Running bot check [156787/156787: Firefox - default - bookmarks]. The program seemed to be locked at this point. After more that 15 minutes of no apparent activity, I have to stop the scan. I always get a list of critical problem conditions usually 6 to 24 critical threats. I hit the Fix selected problems button. The program usually will corrent the problems listed, but I never get a listing of non-critical potential error conditions to review and check for repair.
I am running version 1.5.2.20 build 20080128. The last time I ran the prgram was a half hour ago. I updated Spybot immediately before the scan.
Has this problem shown up earlier? What would you recommend that I do to remedy the situation?
Thanks for your assistance.
===========================================
Spybot Report:
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-06-16 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-06-03 Includes\Adware.sbi
2008-06-10 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-06-10 Includes\DialerC.sbi
2008-06-03 Includes\HeavyDuty.sbi
2008-06-04 Includes\Hijackers.sbi
2008-06-03 Includes\HijackersC.sbi
2008-06-03 Includes\Keyloggers.sbi
2008-06-10 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-06-03 Includes\Malware.sbi
2008-06-11 Includes\MalwareC.sbi
2008-06-03 Includes\PUPS.sbi
2008-06-10 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-10 Includes\Security.sbi
2008-06-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-06-03 Includes\Spyware.sbi
2008-06-03 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-06-11 Includes\Trojans.sbi
2008-06-11 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Patch Available For XMLHTTP Vulnerability
/ DataAccess: Patch Available For XMLHTTP Vulnerability
/ DataAccess: Security update for Microsoft Data Access Components
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX: DirectX Update 819696
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 320920
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player: Windows Media Update 828026
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917537)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921503)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931768)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Security Update for Windows XP (KB933729)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Update for Windows XP (KB936357)
/ Windows XP / SP3: Security Update for Windows XP (KB937894)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP / SP3: Security Update for Windows XP (KB939373)
/ Windows XP / SP3: Security Update for Windows XP (KB941568)
/ Windows XP / SP3: Security Update for Windows XP (KB941644)
/ Windows XP / SP3: Update for Windows XP (KB942763)
/ Windows XP / SP3: Security Update for Windows XP (KB943460)
/ Windows XP / SP3: Security Update for Windows XP (KB943485)
/ Windows XP / SP3: Security Update for Windows XP (KB944653)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Acrobat Assistant 7.0
command: "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
file: C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
size: 483328
MD5: B985665B63E92D8DF8859EAE21E7B52F
Located: HK_LM:Run, Acronis Scheduler2 Service
command: "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
file: C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
size: 135168
MD5: 4207CE28BFA4C6443EAD3E650C938498
Located: HK_LM:Run, AcronisTimounterMonitor
command: C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
file: C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
size: 1852329
MD5: 6967BB5FE689BA4B1DDF5D3A1B089B16
Located: HK_LM:Run, Agent
command: C:\Program Files\CyberLink\PowerVCRII\Agent.exe
file: C:\Program Files\CyberLink\PowerVCRII\Agent.exe
size: 94208
MD5: 51E2FF8A630A6CC96581842CEE132864
Located: HK_LM:Run, avgnt
command: "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
file: C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
size: 262401
MD5: 42A1FA44622A6E247EB6FF5C4ADCC0FE
Located: HK_LM:Run, Iomega Drive Icons
command: C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
file: C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
size: 36864
MD5: 0BBD5ABC52C601E5591102AD6C044384
Located: HK_LM:Run, Iomega Startup Options
command: C:\Program Files\Iomega\Common\ImgStart.exe
file: C:\Program Files\Iomega\Common\ImgStart.exe
size: 32768
MD5: EC08EDA4BEEF202649B7C096EE6B8747
Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 86960
MD5: BD935D4F16C3B49AD58F6071A0AFFCF4
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Motive SmartBridge
command: C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
file: C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
size: 327680
MD5: C68567BB640265FBD18620D234F0805B
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3E4C03CEFAD8DE135263236B61A49C90
Located: HK_LM:Run, PCTVOICE
command: pctspk.exe
file: C:\WINDOWS\system32\pctspk.exe
size: 86016
MD5: 0275215D01C3985E682A661B8826F371
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: 216B3ACC656CDA8A5A0C3071EC0A408B
Located: HK_LM:Run, Remote_Agent
command: C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe
file: C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe
size: 32768
MD5: 31C152525A32396BA93EB5D078E40A78
Located: HK_LM:Run, SansaDispatch
command: C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
file: C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
size: 55368
MD5: D8FF32983F5AAEF2F8BEED97E4B9E87B
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
size: 144784
MD5: E8C086DA635EB410FEF106CB279ADFBF
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: B8E684DF9A97497EDD2F87444A6307FB
Located: HK_LM:Run, TrueImageMonitor.exe
command: C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
file: C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
size: 1115317
MD5: D1F5888200266A102B3A02B68F3564F5
Located: HK_LM:Run, VTPreset
command: VTPreset.exe
file: C:\WINDOWS\system32\VTPreset.exe
size: 45056
MD5: 98D537D963197AB72F11D7293FE344DE
Located: HK_LM:Run, WeatherMate
command: "C:\Program Files\WeatherMate\WeatherMate.exe"
file: C:\Program Files\WeatherMate\WeatherMate.exe
size: 737369
MD5: 0ADF80CDB8F0D0FB7DCE31D123132661
Located: HK_CU:Run, ctfmon.exe
where: PE_C_GEORGE...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, ISUSPM
where: PE_C_GEORGE...
command: "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
file: c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
Located: HK_CU:Run, MSMSGS
where: PE_C_GEORGE...
command: "C:\Program Files\Messenger\MSMSGS.EXE" /background
file: C:\Program Files\Messenger\MSMSGS.EXE
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
Located: HK_CU:Run, QuickTime Task
where: PE_C_GEORGE...
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: 216B3ACC656CDA8A5A0C3071EC0A408B
Located: HK_CU:Run, ctfmon.exe
where: PE_C_MATT21...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, ISUSPM
where: PE_C_MATT21...
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
Located: HK_CU:Run, QuickTime Task
where: PE_C_MATT21...
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: 216B3ACC656CDA8A5A0C3071EC0A408B
Located: HK_CU:Run, ctfmon.exe
where: PE_C_TBOSELA...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, ISUSPM
where: PE_C_TBOSELA...
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
Located: HK_CU:Run, MSMSGS
where: PE_C_TBOSELA...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
Located: HK_CU:RunOnce, FlashPlayerUpdate
where: PE_C_TBOSELA...
command: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
file: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
size: 218496
MD5: 55DAE09CBE5FE5E8EB2698107C18FD0D
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-796845957-706699826-1343024091-1003...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, ISUSPM
where: S-1-5-21-796845957-706699826-1343024091-1003...
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
Located: HK_CU:Run, PhotoShow Deluxe Media Manager
where: S-1-5-21-796845957-706699826-1343024091-1003...
command: C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
file: C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
size: 212992
MD5: 552A81085E1D52C83C81AC351D8E2AA9
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-796845957-706699826-1343024091-1003...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
Located: Startup (common), Adobe Acrobat Speed Launcher.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
file: C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
size: 25214
MD5: D6294D59171AC375CD142003566AA89E
Located: Startup (common), Adobe Reader Speed Launch.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: DFCB9ADE94A4F8A7C42EEF41101A30AD
Located: Startup (common), Color Calibration.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
file: C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
size: 36864
MD5: 2B7FBE74F248AA16B1D12AA216267A1C
Located: Startup (common), NaturalColorLoad.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
file: C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
size: 155715
MD5: C0C6C793F5B3B15647A80CAAFE0F123D
Located: Startup (common), TV883LP Remote Control.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe
file: C:\Program Files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe
size: 57344
MD5: E58E1133B4EC86E722C9157980BE2294
Located: Startup (common), Verizon Online Support Center.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Verizon Online\bin\matcli.exe
file: C:\Program Files\Verizon Online\bin\matcli.exe
size: 204800
MD5: D861D7C136E23CF7CF14C3D38AC02677
Located: Startup (user), Dropbox.lnk
where: C:\Documents and Settings\bosela\Start Menu\Programs\Startup...
command: C:\Program Files\Dropbox\dropbox.exe
file: C:\Program Files\Dropbox\dropbox.exe
size: 8514145
MD5: 562ED2DD9A4415AA2B9376C1FE34F314
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/9/2006 4:18:28 PM
Date (last access): 6/16/2008 7:16:00 AM
Date (last write): 12/18/2006 5:16:42 AM
Filesize: 59032
Attributes: archive
MD5: 4EA3A6CD9D20584FFAFDB1E47DBF0E20
CRC32: 7B0A854F
Version: 7.0.9.50
{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} (Verizon Broadband Toolbar)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Verizon Broadband Toolbar
Path: C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\
Long name: vzbb.dll
Short name:
Date (created): 11/11/2005 3:05:10 PM
Date (last access): 6/16/2008 7:36:28 AM
Date (last write): 4/6/2005 11:27:36 PM
Filesize: 1111104
Attributes: archive
MD5: 0B05B87B024FFC8B8764FF0021D80171
CRC32: 9A3BAF10
Version: 3.0.0.5
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\Program Files\Spybot - Search & Destroy\
Long name: SDHelper.dll
Short name:
Date (created): 6/16/2008 6:18:40 AM
Date (last access): 6/16/2008 7:32:14 AM
Date (last write): 1/28/2008 11:43:28 AM
Filesize: 1554256
Attributes: archive
MD5: 5248E02EFBCB64D328647CD00E384B85
CRC32: C1B426A9
Version: 1.5.0.11
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 6/13/2008 7:07:36 AM
Date (last access): 6/16/2008 7:19:36 AM
Date (last write): 3/25/2008 4:28:02 AM
Filesize: 509328
Attributes: archive
MD5: CA1E733B9B003530C38390EDF7E05B61
CRC32: 980493E3
Version: 6.0.60.2
{AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Adobe PDF Conversion Toolbar Helper
description: Adobe Acrobat
classification: Legitimate
known filename: AcroIEFavClient.dll
info link: http://www.adobe.com/products/acrobatpro/main.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\
Long name: AcroIEFavClient.dll
Short name: ACROIE~1.DLL
Date (created): 5/28/2008 5:31:02 PM
Date (last access): 6/16/2008 7:17:52 AM
Date (last write): 12/18/2006 5:18:14 AM
Filesize: 231160
Attributes: archive
MD5: 00AA6DF95E24DE4C616127EE739897F4
CRC32: D6B49BBF
Version: 7.0.9.50
--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla
{01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class)
DPF name:
CLSID name: SysProWmi Class
Installer: C:\WINDOWS\Downloaded Program Files\SysPro.inf
Codebase: http://support.dell.com/systemprofiler/SysPro.CAB
description:
classification: Legitimate
known filename: SysPro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\Dell\SystemProfiler\
Long name: SysPro.ocx
Short name:
Date (created): 1/23/2003 3:23:18 PM
Date (last access): 6/14/2008 4:08:10 AM
Date (last write): 1/23/2003 3:23:18 PM
Filesize: 86016
Attributes: archive
MD5: 2EE3E0AE6AA35F135CAE24DF2DA9B172
CRC32: A76A5BDA
Version: 2.0.0.1
{065FD296-2A8A-48C3-9634-7E167BF2C6C2} (RealTick OCX)
DPF name:
CLSID name: RealTick OCX
Installer: C:\WINDOWS\Downloaded Program Files\TALTNInvestor.inf
Codebase: http://www.terranovaonline.com/inves...TNInvestor.cab
Path: C:\tal\
Long name: rtx32.dll
Short name:
Date (created): 1/14/2005 3:00:16 PM
Date (last access): 6/14/2008 3:28:04 AM
Date (last write): 1/14/2005 3:00:16 PM
Filesize: 167936
Attributes: archive
MD5: 6905AD7A55DE1DB9C91ED2CF7278DCB2
CRC32: 792D6CFE
Version: 1.1.21.0
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object)
DPF name:
CLSID name: CKAVWebScan Object
Installer: C:\WINDOWS\Downloaded Program Files\kavwebscan.inf
Codebase: http://www.kaspersky.com/kos/eng/par...an_unicode.cab
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\
Long name: kavwebscan.dll
Short name: KAVWEB~1.DLL
Date (created): 8/29/2007 3:49:54 PM
Date (last access): 6/14/2008 4:11:52 AM
Date (last write): 8/29/2007 3:49:54 PM
Filesize: 950272
Attributes: archive
MD5: BC915C49931CE46222F9B0A7EFB56CEE
CRC32: 11048171
Version: 5.0.98.0
{11B2C0D3-DFFB-11D3-9253-00500498D7E5} (ShowSetupObj5 Class)
DPF name:
CLSID name: ShowSetupObj5 Class
Installer: C:\WINDOWS\Downloaded Program Files\ShowSetup.inf
Codebase: http://invite.mshow.com/(mfyklj45kv3...ShowSetup5.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ShowSetup.dll
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://download.macromedia.com/pub/s...irector/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 12/3/2002 9:57:30 PM
Date (last access): 6/14/2008 4:12:04 AM
Date (last write): 1/9/2002 4:28:02 AM
Filesize: 32768
Attributes: archive
MD5: 92FA0AE21D3A08B65D291724AA7D0E43
CRC32: 7B63A9DB
Version: 8.5.1.102
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 11/4/2005 4:27:24 PM
Date (last access): 6/16/2008 7:04:22 AM
Date (last write): 3/20/2008 6:06:36 PM
Filesize: 1480232
Attributes: archive
MD5: E058C4821D48E0A67F6069CB50818D44
CRC32: 3513AE02
Version: 1.7.69.2
{54BA1E8F-818D-407F-949D-BAE1692C5C18} (Attribute Class)
DPF name:
CLSID name: Attribute Class
Installer:
Codebase: http://gemal.dk/browserspy/capicom.dll
description:
classification: Legitimate
known filename: capicom.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: capicom.dll
{6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
DPF name:
CLSID name: WUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf
Codebase: http://www.update.microsoft.com/wind...?1200531392005
description:
classification: Legitimate
known filename: wuweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\
Long name: wuweb.dll
Short name:
Date (created): 5/26/2005 5:19:32 AM
Date (last access): 6/16/2008 6:48:22 AM
Date (last write): 7/30/2007 8:19:46 PM
Filesize: 203096
Attributes: archive
MD5: FD984F9BFC9C62BD6546BD183CE5ADE7
CRC32: 8092F837
Version: 7.0.6000.381
{82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class)
DPF name:
CLSID name: DLC Class
Installer: C:\WINDOWS\Downloaded Program Files\dlc.inf
Codebase: http://transfers.one.microsoft.com/F...ansferCtrl.cab
description:
classification: Legitimate
known filename: grTransferCtrl.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: grTransferCtrl.dll
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_06
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_06\bin\
Long name: npjpi160_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/25/2008 2:37:02 AM
Date (last access): 6/14/2008 2:07:16 AM
Date (last write): 3/25/2008 4:28:02 AM
Filesize: 132496
Attributes: archive
MD5: 5522AFEAB77DD6D401F3FE5C0A46122E
CRC32: F643B062
Version: 6.0.60.2
{90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player)
DPF name:
CLSID name: InstallShield International Setup Player
Installer: C:\WINDOWS\Downloaded Program Files\isetup.inf
Codebase: http://www.lizardtech.com/download/f...all/isetup.cab
description:
classification: Open for discussion
known filename: isetup.dll
info link:
info source: Safer Networking Ltd.
Path: c:\windows\DOWNLO~1\
Long name: isetup.dll
{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://zone.msn.com/binFramework/v10...o.cab34246.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
{C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control)
DPF name:
CLSID name: LycosMail Upload Control
Installer: C:\WINDOWS\Downloaded Program Files\LycosMail.inf
Codebase: http://mail.lycos.com/hanmail-ax/AttachMail.cab
Path: C:\WINDOWS\DOWNLO~1\
Long name: LYCOSM~1.OCX
{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_01)
DPF name: Java Runtime Environment 1.4.0_01
CLSID name:
Installer:
Codebase:
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_06
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_06\bin\
Long name: npjpi160_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/25/2008 2:37:02 AM
Date (last access): 6/16/2008 8:08:56 AM
Date (last write): 3/25/2008 4:28:02 AM
Filesize: 132496
Attributes: archive
MD5: 5522AFEAB77DD6D401F3FE5C0A46122E
CRC32: F643B062
Version: 6.0.60.2
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_06
Installer:
Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_06\bin\
Long name: npjpi160_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/25/2008 2:37:02 AM
Date (last access): 6/16/2008 8:08:56 AM
Date (last write): 3/25/2008 4:28:02 AM
Filesize: 132496
Attributes: archive
MD5: 5522AFEAB77DD6D401F3FE5C0A46122E
CRC32: F643B062
Version: 6.0.60.2
{CD69D6AB-0D0D-4082-B3CF-6E5381FA227B} (MigrationAdvisor Class)
DPF name:
CLSID name: MigrationAdvisor Class
Installer: C:\WINDOWS\Downloaded Program Files\DTMigAdv.inf
Codebase: http://www.detto.com/hpadvisor/DTMigAdv.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: DTMigAdv.dll
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9e.ocx
Short name:
Date (created): 11/20/2007 8:04:14 PM
Date (last access): 6/15/2008 9:26:42 PM
Date (last write): 11/20/2007 8:04:14 PM
Filesize: 2987392
Attributes: readonly archive
MD5: D3C50535C26190FEAD7785A03499C0AC
CRC32: A77C3E92
Version: 9.0.115.0
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
DPF name:
CLSID name: GpcContainer Class
Installer: C:\WINDOWS\Downloaded Program Files\ieatgpc.inf
Codebase: https://terranova.webex.com/client/v...ex/ieatgpc.cab
description:
classification: Legitimate
known filename: ieatgpc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ieatgpc.dll
{F0FCC76D-767E-4759-A447-62289CA775AA} (Coreport SSO Client)
DPF name:
CLSID name: Coreport SSO Client
Installer: C:\WINDOWS\Downloaded Program Files\CoreportSsoClient.inf
Codebase: http://www.nwcet.org/coreport/v51/ie...tSsoClient.cab
description:
classification: Legitimate
known filename: CoreportSsoClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\
Long name: CoreportSsoClient.dll
Short name: COREPO~1.DLL
Date (created): 4/1/2002 11:16:10 AM
Date (last access): 6/16/2008 6:48:18 AM
Date (last write): 4/1/2002 11:16:10 AM
Filesize: 245760
Attributes: archive
MD5: 12356294590A53984C60FEE8092EE096
CRC32: E1795D84
Version: 1.0.64.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 664 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 764 ( 664) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 788 ( 664) \??\C:\WINDOWS\system32\winlogon.exe
size: 502272
PID: 832 ( 788) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 844 ( 788) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1004 ( 832) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1128 ( 832) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1220 ( 832) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1260 ( 832) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1344 ( 832) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1456 ( 832) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1624 ( 832) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1760 ( 832) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
size: 397312
MD5: 09951DD226E17A62FED1178404846D02
PID: 1772 ( 832) C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
size: 68865
MD5: 1C51917C9B30530A781F438F6A4AC49F
PID: 1792 ( 832) C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
size: 147201
MD5: 3D87AB245DAEF20865D590978073DD2A
PID: 1840 ( 832) C:\WINDOWS\System32\inetsrv\inetinfo.exe
size: 15872
MD5: 74B9FA2AFAF60B7F4E2A952E77B9DC6C
PID: 1920 ( 832) C:\WINDOWS\system32\PSIService.exe
size: 174656
MD5: 64E413BA0C529AA40C3924BBCC4153DB
PID: 2036 ( 832) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1436 ( 832) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 1856 (1364) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 1516 (1220) C:\WINDOWS\system32\wscntfy.exe
size: 13824
MD5: 49911DD39E023BB6C45E4E436CFBD297
PID: 1536 (1856) C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
size: 36864
MD5: 0BBD5ABC52C601E5591102AD6C044384
PID: 1928 (1856) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: B8E684DF9A97497EDD2F87444A6307FB
PID: 2072 (1856) C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
size: 483328
MD5: B985665B63E92D8DF8859EAE21E7B52F
PID: 2080 (1856) C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
size: 327680
MD5: C68567BB640265FBD18620D234F0805B
PID: 2112 (1856) C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
size: 262401
MD5: 42A1FA44622A6E247EB6FF5C4ADCC0FE
PID: 2128 (1856) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
size: 1115317
MD5: D1F5888200266A102B3A02B68F3564F5
PID: 2140 (1856) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
size: 1852329
MD5: 6967BB5FE689BA4B1DDF5D3A1B089B16
PID: 2148 (1856) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
size: 135168
MD5: 4207CE28BFA4C6443EAD3E650C938498
PID: 2208 (1856) C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
size: 55368
MD5: D8FF32983F5AAEF2F8BEED97E4B9E87B
PID: 2276 (1856) C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
size: 144784
MD5: E8C086DA635EB410FEF106CB279ADFBF
PID: 2296 (1856) C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
size: 212992
MD5: 552A81085E1D52C83C81AC351D8E2AA9
PID: 2336 (1856) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
PID: 2344 (1856) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 3684 (3552) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F
PID: 3664 (4004) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 625152
MD5: E854D02E4231F704D9BE782A424E6D8B
PID: 3848 (1856) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 484 (3684) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5146448
MD5: 2ECA8CDEED7C82F879E766DA92A3561A
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 6/16/2008 8:08:55 AM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://cgi.verizon.net/bookmarks/bmr...1&bm=ho_search
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://cm.my.yahoo.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.msn.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{49B30FB6-BF6E-4E56-AED7-CEFEF16DBD42}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{49B30FB6-BF6E-4E56-AED7-CEFEF16DBD42}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADF10963-3B5A-4748-A772-86E4A3B2F5F4}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADF10963-3B5A-4748-A772-86E4A3B2F5F4}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F74312B8-AF62-4ABD-A9E0-6E91B954A88B}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F74312B8-AF62-4ABD-A9E0-6E91B954A88B}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0AF0E325-6DB0-44F5-A4B0-90683E8BF6B9}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0AF0E325-6DB0-44F5-A4B0-90683E8BF6B9}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{197F2DF3-758C-4C2B-914C-60C2BCE948B7}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{197F2DF3-758C-4C2B-914C-60C2BCE948B7}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Thanks for your assistance.
-
This is the report of corrective actions taken after last scan.
================================================
--- Report generated: 2008-06-16 07:34 ---
HitBox: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
WebTrends live: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
Statcounter: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
FastClick: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
DoubleClick: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
BlueStreak: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
Right Media: Tracking cookie (Internet Explorer: bosela) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
BurstMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
DoubleClick: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
Excite: Tracking cookie (Firefox: default) (Cookie, fixed)
FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)
FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)
FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)
FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)
MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)
Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)
Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)
Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)
Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
WebTrends live: Tracking cookie (Firefox: default) (Cookie, fixed)
BurstMedia: Tracking cookie (Firefox: default) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-06-16 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-06-03 Includes\Adware.sbi (*)
2008-06-10 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-06-03 Includes\Dialer.sbi (*)
2008-06-10 Includes\DialerC.sbi (*)
2008-06-03 Includes\HeavyDuty.sbi (*)
2008-06-04 Includes\Hijackers.sbi (*)
2008-06-03 Includes\HijackersC.sbi (*)
2008-06-03 Includes\Keyloggers.sbi (*)
2008-06-10 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-06-03 Includes\Malware.sbi (*)
2008-06-11 Includes\MalwareC.sbi (*)
2008-06-03 Includes\PUPS.sbi (*)
2008-06-10 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-10 Includes\Security.sbi (*)
2008-06-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-06-03 Includes\Spyware.sbi (*)
2008-06-03 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-06-11 Includes\Trojans.sbi (*)
2008-06-11 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules