Can't boot after v1.5.2 installation

Hi rvnmaniac!

I probably have finally found the reason why NTFS4DOS doesn't work for you. What capacity does your hard drive has? The
reason why I'm asking is because DOS doesn't support every hardware and this is probably the reason why we are
unable to find your system. Without the recovery console and without the support of a Windows PE system this is gonna be one of the
toughest repair procedure.

Is a repair installation an option for you? I know you will loose all the Windows Updates and the restore points but your personal data
will not be removed nor the installed applications. Some of them won't work after the repair installation because the registry would be
replaced as well.

http://www.webtree.ca/windowsxp/rep... XP by Installing Over top of Existing Setup:

The above solution would be our last resort. There are still methods left which we haven't tried yet. Just keep it in mind if
you don't have the time to try them out.

Do you still have a floppy drive? If yes, do you have ever created an automatic start disk?
http://support.microsoft.com/?scid=kb;en-us;299526&x=5&y=20
 
Where do we go from here?

I'm back up and running - got in using Spybot's "Method #2" solution when Fix-It Utilities didn't work for me. It is only by a miracle that I think I succeeded. I am not technically minded at all, and just entered commands on faith then hit reboot with fingers crossed. I wish everyone else still dealing with this issue much much luck. I totally wasted my entire 4-day holiday weekend dealing with this fiasco, and am still working on my system to be sure I have no permanent problems.

This whole mess is a prime example of the abysmal failure of the computer technology sector's ability to communicate with the masses with clear cut instructions and user-friendly "safe" technology. Computers are here to stay that is a given. But when you have college-educated users who are unable to understand even the most "basic" of commands, there is a problem with communication. A HUGE problem.

With most technology, you don't have to understand it to use it. I drive a car. I put gas in it, keep it tuned and serviced, I learn the rules of the road and I drive. Technology and models change, but overall a car is a car. Relatively simple. Almost everyone on the planet can drive one.

I own a computer. I have to have several operating systems to run it safely and efficiently, based on my individual or corporate needs. Each operating system has its own methodology. Change one system, must change some of the other system, but maybe not all. Average user guesses wrong on one step of an update, something major goes wrong, and out comes the techno-language that baffles almost everyone on the planet.

Computer technology is changing so quickly most of us cannot keep up - even if we understood what we're trying to keep up with. But most of us have other jobs that keep the planet running - important jobs like police officer, fireman, college professor... We don't have time to learn to function in a whole second industry. Sometimes we don't even know what questions to ask in order to get help. And therein lies the rub, my fellow discontented ones - those fellow humans who do learn this stuff for a living cannot communicate with those of us who don't!

I've learned more about computer operting systems in the last 6 days than I ever thought I'd learn - and feel I know absolutely nothing still!!! I've read multiple discussion threads on multiple websites, from post one to pages ad nauseum, and what I see are two distinct sides: Those who profess to know what they are doing - and those of us just struggling to keep up. The problem is, a lot of the time those who should know don't - but won't admit to it - and those of us struggling along feel grabbed by the short hairs (to put it as mildly as I can).

Face it: Computer technology is not like other technology because of three major issues: It involves technology evolving so quickly most can't keep up; it involves a major amount of trust in strangers who profess that they will keep us safe; and it involves connection to the internet where anyone in the world can maliciously invade our technology any time they want. It's the end of the world....

Spybot Tech Team: Re-read all the boards on this problem. You have a major trust issue with your product now that may not be surmountable - especially since you have just released another version of your spyware that is already having installation issues. Terminator says, "hopefully" this (current) problem will be sorted out by the new release. Not holding my breath. PepiMK, in many posts you've accused us public users of "deciding to ignore both this message and the two updates available," and "(ending updates to 1.3) ...will lead to these people having no protection at all. I'm not sure if this indeed is better than having to take extra care with the scan results." Well, right now, having no protection at all sounds a whole lot better than installing a program designed to help us but that actually helps to bring us down. Not a good way to regain broken trust...

Computer techs across the world: PLEASE find some way to speak in easy to understand, regular everyday people language! And please do not offer solutions until you are absolutely sure they will work for us mere mortals. Your updates obviously weren't obvious, or most of us would have updated! My husband ran spybot daily, and repeatedly has gone to the internet to access updates. Why didn't the system update automatically, not just the definitions? When Adaware updated their operating version, it was boldly announced on startup and directions for finding and downloading the most up-to-date version were clearly given. You can't hide something, and expect everyone to find it. And all this stuff about having to decide if each scan result was valid or not. Ummmm... isn't spybot designed to find bad stuff for us to remove from our computers before it causes damage? Why should I - like most, a non-technology oriented user - have to decide if Spybot is telling the truth or not?? Oh, see there... back to that trust issue again.

I will not be reinstalling any version of Spybot on my computer. It is obviously too difficult for stupid little me to use. You might have retained me as a user if the tech team had been able to show a little more organization in their response to this crisis, and compassion toward their wounded users. But turning this issue back on us and telling us it was our fault is too much. Faith gone.

One last question that I hope I can get a straightforward, understandable answer to: Since I used Method #2 to get back into my system, is hellzlittlespy still there, waiting for me to use my Norton or Adaware program to find, remove, and start me back into that logon loop, or am I good to go? Please, give me one last simple answer I can trust.
 
Mopeyone:

In the following analogy:

Mopeyone said:
...

With most technology, you don't have to understand it to use it. I drive a car. I put gas in it, keep it tuned and serviced, I learn the rules of the road and I drive. Technology and models change, but overall a car is a car. Relatively simple. Almost everyone on the planet can drive one.

...
Click to expand...
Do you personally perform the maintenance to "… keep it tuned and serviced, …". There was a day when a shade tree mechanic could pull out a timing light and tachometer, change the points and plugs and tune a car. Those days are gone too.

Using a computer is one thing. Unfortunately, in many cases maintaining it takes a different skill set.
 
Gee, thank you for choosing to rebut back but not answer my question. Suffice it to say that it seems that computer technologists will never understand the root of the frustration of their consumer base. I don't know why I tried.

Please, just let me know if I need to do anything more to get hellzlittlespy off my computer. I am sorry I am stupid and I don't really understand what I was able to fix - only that I was able to get past it. And I don't understand what a "false positive" is. And I don't know if I am truly free of this mess. Please, just tell me how to get past this so I can leave this forum and never ever come back.
 
I can safely say that Spybot 1.6.0.30 has cured this unfortunate problem and many others therefore I strongly advise all users to upgrade to it ASAP :eek:.

This whole mess was the result of conflicts between old and new technology (pay attention Microsoft). Those of you who insist on using obsolete versions of Spybot must shoulder a portion of the blame for this as it has been said, on more then one occassion, that the newer definitions are NOT fully compatible with versions 1.4 and below.

I accept that Windows 95/98/ME/2000 users may have problems running the latest versions of Spybot because of resource problems but that is your problem, not Spybots.

I know it sounds like I'm getting at the users of older operating systems but i'm not I'm just trying to draw a line under this mess and kick start the healing process.

As my last word on the subject, if you must use an older version of Windows be careful and if in doubt don't!!!
 
Mopeyone said:
Gee, thank you for choosing to rebut back but not answer my question. Suffice it to say that it seems that computer technologists will never understand the root of the frustration of their consumer base. I don't know why I tried.

Please, just let me know if I need to do anything more to get hellzlittlespy off my computer. I am sorry I am stupid and I don't really understand what I was able to fix - only that I was able to get past it. And I don't understand what a "false positive" is. And I don't know if I am truly free of this mess. Please, just tell me how to get past this so I can leave this forum and never ever come back.
Click to expand...

A "False Positive" is just a techie term for for thinking a file/entry is one thing when in fact it's something completely differant.

Your not stupid, I remember 8 years ago when I took my 1st IT course, I went into it thinking I knew everything about computers but I was totally and utterly WRONG, I went in at an intermediate level and after a fortnight I was ready to jack it in but I stuck with it and it made me a better person.

What I knew 8 years ago about computers compared to now could be written on the back of a postage stamp with space to spare. Computers are a constant learning curve, every day My computer teaches me something new and I learn from it.

To keep a computer tuned and ready to use, just follow these simple points:

1: Defrag your computer at least once a month.

2: Keep your Security Programs and Windows up to date by checking for updates every day or 2.

3: Run Anti-Virus and Anti Spyware Scans once fortnight.

4: If you don't understand something ask a knowledgable friend or a computer repair shop to clarifiy it for you.

5: Once a year format (wipe) your hard drive and re-install Windows and any other Essential programs.

6: Get a good drive cleaner and clear out the temp files and your Internet history once a week

If you have trouble doing these then ask your friendly local Repair shop to do it for you :).
 
Last edited:
I do not want to install version 1.6 of Spybot. Am I safe? Is hellslittlespy still on my computer? For this situation only: What will 1.6 do for me that leaving it off my computer won't? I continue not to understand the ramifications of this overall issue. Honestly, my mind (like many) is incapable of understanding computer technology. Trust me, I'm not an overall stupid person, but I know my limits - I am willing to admit them, but I refuse to be guilted by them. Please understand this. Am I safe, that is all I want to know. If I am not, what is the simplest way for me to get past the hellslittlespy invasion?

FYI - I use Windows XP Pro, on a computer-geek built system from various manufactured components (not all dell, HP, etc.)
 
Please clarify...

Terminator, our posts crossed. You seem to be trying to help, so thank you. But... I still need reassurance regarding the HLS issue:

All of those items you list to keep a computer running efficiently we are already doing, as frequently or more often as you recommend. We will continue to practice these, and I appreciate the reminder. However, I need to know: Is HLS off my computer? If still there, how do I get rid of it safely? I don't mean to sound paranoid, but... well... I'm paranoid.
 
Mopeyone said:
I do not want to install version 1.6 of Spybot. Am I safe? Is hellslittlespy still on my computer? For this situation only: What will 1.6 do for me that leaving it off my computer won't? I continue not to understand the ramifications of this overall issue. Honestly, my mind (like many) is incapable of understanding computer technology. Trust me, I'm not an overall stupid person, but I know my limits - I am willing to admit them, but I refuse to be guilted by them. Please understand this. Am I safe, that is all I want to know. If I am not, what is the simplest way for me to get past the hellslittlespy invasion?

FYI - I use Windows XP Pro, on a computer-geek built system from various manufactured components (not all dell, HP, etc.)
Click to expand...

1.6 isn't affected by the false positive and since your running XP you'll have more than enough Computer resources to run it with out incident.

"Am I safe? Is hellslittlespy still on my computer?"

The only way you'll find that out is to install spybot and run another scan and if it shows up then you'll know.

When it comes to computing and the Internet we all need to be a little bit careful but there is no shame in asking for help, If you don't understand something ask.
 
Okay, so I install 1.6 and run a scan and HLS shows up again. What do I do then?????????????? I know you are trying to be patient with me, but this now paranoid non-technology oriented human does not understand the ramifications of finding something like this. I really hate making assumptions with computer stuff is involved (see where that got me already in prior posts). But can I assume if it doesn't find it I'm safe? or is this a dangerous assumption? And if it does find it, what do I do about it?? Really, intense handholding necessary at this point (and I bet I'm not the only one out there needing it).

Thanks again, really.

And, and just before I hit "send" I thought of another question. If I choose to keep the newest Spybot version on my computer, what is to prevent this ever happening again? I sincerely don't understand how we let this happen in this instance, I'm quite sure we'll probably miss letting it happen again. In the past we've done spybot updates - run a scan - deleted whatever it told us to delete - shut down, no problems. If I have to look at each entry spybot flags to try determine if it is a real threat or not, I guarantee I'm gonna get in trouble again.

Answering the top of this post more important at this point than the bottom question. I want the immediate threat off my computer, then I'll deal with moving forward.

Again, thanks.
 
Mopeyone:

Can I assume "HLS" is the HellzLittleSpy detection?

What version of Spybot were you originally running Spybot 1.3 or Spybot 1.4? The reason I am asking is because the boot loop problem with HellzLittleSpy in Spybot 1.3 was a false positive on systems without HellzLittleSpy. In Spybot 1.4 it was a real detection that got fixed incorrectly.

It may help if you posted the log of the actual detections you are getting. There are several ways to do that:
  • Run another scan.
    • When the scan completes, right click on the results list, select "Copy results to clipboard".
    • Then paste (Ctrl+V) those results to a new post in this thread.
    --- or ---
  • Post the second Checks.yymmdd-hhmm.log produced during the original scan.

    By default here are two Checks.yymmdd-hhmm.log files produced during a scan. The second Checks.yymmdd-hhmm.log has the details of what the scan found. A Fixes.yymmdd-hhmm.log file is produced if you fix or attempt to fix something.

    There are two methods to copy and post the information from previous scans:
    • Method 1:
      • Go into Spybot > Mode > Advanced mode > Tools > View Reports > View Previous reports. Look for the Checks.yymmdd-hhmm.log or Fixes.yymmdd-hhmm.log file that contains the detections that you like help with. Open it. To copy it to the Clipboard, right click on the listing and select Select All > Right click again and select Copy. Paste (Ctrl+V) the contents of the Clipboard into a new post in this thread.
    • Method 2
      • The Checks.yymmdd-hhmm.log and Fixes.yymmdd-hhmm.log files are stored in the following folders:
        • Windows 95 or 98:
          C:\Windows\Application Data\Spybot - Search & Destroy\Logs
        • Windows ME:
          C:\Windows\All Users\Application Data\Spybot - Search & Destroy\Logs
        • Windows NT, 2000 or XP:
          C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs
        • Windows Vista:
          C:\ProgramData\Spybot - Search & Destroy\Logs
      • Using Windows Explorer, navigate to the correct Checks.yymmdd-hhmm.log or Fixes.yymmdd-hhmm.log file. Double click on it and it should open with Notepad. To copy it to the Clipboard, right click on the listing and select Select All > Right click again and select Copy. Paste (Ctrl+V) the contents of the Clipboard into a new post in this thread.
 
We were running version 1.3 - which I've uninstalled from my computer, so don't think I can attempt to gather that other information for you.

And yes, "HLS" does stand for Hellzlittlespy - just got tired of typing it all out.
 
Last edited:
I'll try it, but it'll take a couple of weeks. I'm supposed to be going on a vacation this week, and I'm way behind in preparing for it from having concentrated on nothing but this for 6 days. I'll install and try to capture a log when I get back. I really really need a vacation now.

Are there variations on what HLS did/how it appeared or something? By this request, it seems that every user of version 1.3 might have been "infected" "affected" differently... Or am I wrong, and a 1.3 system crash was a 1.3 system crash was a 1.3 system crash....

Just trying to get this resolved quicker if I can.

Thanks for continuing to try to help me understand...

I just spied a quote a friend recently sent me, that I copied and posted to my computer screen here at work: "Life is too short to be aggravated by non-human things!" A-men.
 
1.3 HellzLittleSpy

Hi there!

I guess I had excately the same problem as Mopeyone, and still do....
I've managed to repair XP and updated IE, but got infected while doing so. Now I've run the S&D 1.3 again, but getting a little wiser...

I guess I shouldn't fix the problems before I've upgaded to 1.6?

Right?

Here's a clip from 2 of the almost fatal reports.

Please, give me some advice what to do!

/M
-- Report generated: 2008-06-28 17:30 ---

CoolWWWSearch.hjg: User settings (Registerändring, fixed)
HKEY_USERS\S-1-5-21-436374069-1417001333-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PrivDiscUiShown!=W=0

HellzLittleSpy: Settings (Registerändring, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit!=<$SYSDIR>\userinit.exe,


--- Spybot - Search && Destroy version: 1.3 ---
2008-06-17 Includes\Adware.sbi
2008-06-18 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-06-24 Includes\DialerC.sbi
2008-06-03 Includes\HeavyDuty.sbi
2008-06-16 Includes\Hijackers.sbi
2008-06-17 Includes\HijackersC.sbi
2008-06-25 Includes\Keyloggers.sbi
2008-06-24 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-06-24 Includes\Malware.sbi
2008-06-24 Includes\MalwareC.sbi
2008-06-17 Includes\PUPS.sbi
2008-06-24 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-10 Includes\Security.sbi
2008-06-18 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-06-17 Includes\Spyware.sbi
2008-06-17 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-06-24 Includes\Trojans.sbi
2008-06-25 Includes\TrojansC.sbi
2007-06-06 Plugins\TCPIPAddress.dll


--- Report generated: 2008-07-07 19:31 ---

Comet Cursors: Interface (_IBhoEvents) (Registernyckel, fixed)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4937D5D1-2039-409A-BD83-FEC9B39B2356}

CoolWWWSearch.hjg: User settings (Registerändring, fixed)
HKEY_USERS\S-1-5-21-436374069-1417001333-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PrivDiscUiShown!=W=0

HellzLittleSpy: Settings (Registerändring, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit!=<$SYSDIR>\userinit.exe,

Zlob.Downloader.vdt: Settings (Registernyckel, fixed)
HKEY_CLASSES_ROOT\multimediaControls.chl\


--- Spybot - Search && Destroy version: 1.3 ---
2008-06-17 Includes\Adware.sbi
2008-06-18 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-06-24 Includes\DialerC.sbi
2008-06-03 Includes\HeavyDuty.sbi
2008-06-16 Includes\Hijackers.sbi
2008-06-17 Includes\HijackersC.sbi
2008-06-25 Includes\Keyloggers.sbi
2008-06-24 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-06-24 Includes\Malware.sbi
2008-06-24 Includes\MalwareC.sbi
2008-06-17 Includes\PUPS.sbi
2008-06-24 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-10 Includes\Security.sbi
2008-06-18 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-06-17 Includes\Spyware.sbi
2008-06-17 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-06-24 Includes\Trojans.sbi
2008-06-25 Includes\TrojansC.sbi
2007-06-06 Plugins\TCPIPAddress.dll
 
Mateo1:

Mateo1 said:
... I guess I shouldn't fix the problems before I've upgaded to 1.6?

Right?

...
Click to expand...
If you fix the the following problem:

Code: 
HellzLittleSpy: Settings (Registerändring, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit!=<$SYSDIR>\userinit.exe,
You will most likely disable your ability to logon to your system if you reboot without first restoring the original registry value altered during the fix.

So you are correct.
 
1.3 HellzLittleSpy

Oh, here's the current report.


--- Search result list ---
Right Media: Tracking cookie (Internet Explorer: Mats Olofsson) (Cookie, nothing done)


BurstMedia: Tracking cookie (Internet Explorer: Mats Olofsson) (Cookie, nothing done)


Comet Cursors: Interface (_IBhoEvents) (Registernyckel, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4937D5D1-2039-409A-BD83-FEC9B39B2356}

CoolWWWSearch.hjg: User settings (Registerändring, nothing done)
HKEY_USERS\S-1-5-21-436374069-1417001333-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PrivDiscUiShown!=W=0

HellzLittleSpy: Settings (Registerändring, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit!=<$SYSDIR>\userinit.exe,

Zlob.Downloader.vdt: Settings (Registernyckel, nothing done)
HKEY_CLASSES_ROOT\multimediaControls.chl\


--- Spybot - Search && Destroy version: 1.3 ---
2008-06-17 Includes\Adware.sbi
2008-06-18 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-06-24 Includes\DialerC.sbi
2008-06-03 Includes\HeavyDuty.sbi
2008-06-16 Includes\Hijackers.sbi
2008-06-17 Includes\HijackersC.sbi
2008-06-25 Includes\Keyloggers.sbi
2008-06-24 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-06-24 Includes\Malware.sbi
2008-06-24 Includes\MalwareC.sbi
2008-06-17 Includes\PUPS.sbi
2008-06-24 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-10 Includes\Security.sbi
2008-06-18 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-06-17 Includes\Spyware.sbi
2008-06-17 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-06-24 Includes\Trojans.sbi
2008-06-25 Includes\TrojansC.sbi
2007-06-06 Plugins\TCPIPAddress.dll


--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB889293
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918439
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918899
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB925486
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Outlook Express 6 / SP1: Windows XP Hotfix - KB911567
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Säkerhetsuppdatering för Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Säkerhetsuppdatering för Windows Media Player 10 (KB917734)
/ Windows Media Player 10: Säkerhetsuppdatering för Windows Media Player 10 (KB936782)
/ Windows Media Player 11: Säkerhetsuppdatering för Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Snabbkorrigering för Windows Media Player 11 (KB939683)
/ Windows Media Player 6.4: Säkerhetsuppdatering för Windows Media Player 6.4 (KB925398)
/ Windows XP: Säkerhetsuppdatering för Windows XP (KB923689)
/ Windows XP: Säkerhetsuppdatering för Windows XP (KB941569)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB933566)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB937143)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB939653)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Snabbkorrigering för Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Uppdatering för Windows XP (KB894391)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896358)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896422)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896423)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896424)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896428)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB896688)
/ Windows XP / SP3: Uppdatering för Windows XP (KB896727)
/ Windows XP / SP3: Uppdatering för Windows XP (KB898461)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB899587)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB899588)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB899591)
/ Windows XP / SP3: Uppdatering för Windows XP (KB900485)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB900725)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB901017)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB901190)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB901214)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB902400)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB903235)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB904706)
/ Windows XP / SP3: Uppdatering för Windows XP (KB904942)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905414)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905749)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB905915)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB908519)
/ Windows XP / SP3: Uppdatering för Windows XP (KB908531)
/ Windows XP / SP3: Uppdatering för Windows XP (KB910437)
/ Windows XP / SP3: Uppdatering för Windows XP (KB911280)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB911562)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB911567)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB911927)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB912812)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB912919)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB913446)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB913580)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB914388)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB914389)
/ Windows XP / SP3: Snabbkorrigering för Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB916281)
/ Windows XP / SP3: Uppdatering för Windows XP (KB916595)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB917159)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB917344)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB917422)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB917953)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB918118)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB918439)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB918899)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB919007)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB920213)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB920214)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB920670)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB920683)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB920685)
/ Windows XP / SP3: Uppdatering för Windows XP (KB920872)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB921398)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB921503)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB921883)
/ Windows XP / SP3: Uppdatering för Windows XP (KB922582)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB922616)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB922760)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB922819)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB923191)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB923414)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB923694)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB923980)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB924191)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB924270)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB924496)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB924667)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB925454)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB925486)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB926255)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB926436)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB927779)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB927802)
/ Windows XP / SP3: Uppdatering för Windows XP (KB927891)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB928255)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB928843)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB929123)
/ Windows XP / SP3: Uppdatering för Windows XP (KB929338)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB929969)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB930178)
/ Windows XP / SP3: Uppdatering för Windows XP (KB930916)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB931261)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB931784)
/ Windows XP / SP3: Uppdatering för Windows XP (KB931836)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB932168)
/ Windows XP / SP3: Uppdatering för Windows XP (KB932823-v3)
/ Windows XP / SP3: Uppdatering för Windows XP (KB933360)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB933729)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB935839)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB935840)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB936021)
/ Windows XP / SP3: Uppdatering för Windows XP (KB936357)
/ Windows XP / SP3: Uppdatering för Windows XP (KB938828)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB938829)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB941202)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB941568)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB941644)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB941693)
/ Windows XP / SP3: Uppdatering för Windows XP (KB942763)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB943055)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB943460)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB943485)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB944653)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB945553)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB946026)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB948590)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB948881)
/ Windows XP / SP3: Säkerhetsuppdatering för Windows XP (KB950749)
/ Windows XP / SP4: Uppdatering för Windows XP (KB942763)
/ Windows XP / SP4: Säkerhetsuppdatering för Windows XP (KB950760)
/ Windows XP / SP4: Säkerhetsuppdatering för Windows XP (KB950762)
/ Windows XP / SP4: Säkerhetsuppdatering för Windows XP (KB951376)
/ Windows XP / SP4: Säkerhetsuppdatering för Windows XP (KB951376-v2)
/ Windows XP / SP4: Säkerhetsuppdatering för Windows XP (KB951698)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8b9145d229d4e89d15acb820d4a3a90f

Located: HK_LM:Run, iTunesHelper
command: "C:\Program\iTunes\iTunesHelper.exe"
file: C:\Program\iTunes\iTunesHelper.exe
size: 267048
MD5: 04a9f0c58b170f30445bcc0683ef9ffc

Located: HK_LM:Run, Norman ZANDA
command: "C:\Program\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
file: C:\Program\Norman\Npm\Bin\ZLH.EXE
size: 277616
MD5: f9da295ba43d6428c55116610c8a2988

Located: HK_LM:Run, NPCTray
command: C:\Program\Norman\npc\bin\npc_tray.exe /LOAD
file: C:\Program\Norman\npc\bin\npc_tray.exe
size: 126008
MD5: d54116ff57dffb196913cccb440cb2fb

Located: HK_LM:Run, PC Pitstop Optimize Scheduler
command: C:\Program\PCPitstop\Optimize\PCPOptimize.exe -boot
file: C:\Program\PCPitstop\Optimize\PCPOptimize.exe
size: 2577120
MD5: 62f139b48c9b85c44480c334e2de26db

Located: HK_LM:Run, QuickTime Task
command: "C:\Program\QuickTime\qttask.exe" -atboottime
file: C:\Program\QuickTime\qttask.exe
size: 413696
MD5: 6df76965a0fb8237e9c3b3cab9815ec2

Located: HK_LM:Run, TkBellExe
command: "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
file: C:\Program\Delade filer\Real\Update_OB\realsched.exe
size: 180269
MD5: d09a5f5c4dbd5d4dff09ab1a69812062

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: febe82a289a6645e26b27f3a0a4d2b84

Located: HK_CU:Run, MSMSGS
command: "C:\Program\Messenger\msmsgs.exe" /background
file: C:\Program\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

Located: Startup (common), HOTSYNCSHORTCUTNAME.lnk
command: C:\Program\Palm\Hotsync.exe

Located: Startup (common), InterVideo WinCinema Manager.lnk
command: C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe
file: C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 98304
MD5: f1d8d98012efc27680983b25c8cf4f12

Located: Startup (common), Microsoft Office.lnk
command: C:\Program\Microsoft Office\Office10\OSA.EXE
file: C:\Program\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a

Located: Startup (common), Personal.lnk
command: C:\Program\Personal\bin\Personal.exe
file: C:\Program\Personal\bin\Personal.exe
size: 722728
MD5: 5f5e0176e1b30ebc8266658894c72cb3

Located: Startup (common), Windows Skrivbordssökning.lnk
command: C:\Program\Windows Desktop Search\WindowsSearch.exe
file: C:\Program\Windows Desktop Search\WindowsSearch.exe
size: 257752
MD5: cfbd142459389efd5c5f27cd913c2564



--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
BHO name:
CLSID name: Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 2006-10-23 00:08:42
Date (last access): 2008-07-01 09:55:14
Date (last write): 2006-10-23 00:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 0.8.0.0

{1C1B8A44-61FE-411E-8F33-813A4E2E2984} (AVG Safe Search)
BHO name:
CLSID name: AVG Safe Search

{2F85D76C-0569-466F-A488-493E6BD0E955} (dsWebAllowBHO Class)
BHO name:
CLSID name: dsWebAllowBHO Class
Path: C:\Program\Windows Desktop Search\
Long name: dsWebAllow.dll
Short name: DSWEBA~1.DLL
Date (created): 2006-03-26 23:44:10
Date (last access): 2008-07-01 09:59:46
Date (last write): 2006-03-26 23:44:10
Filesize: 265432
Attributes: archive
MD5: 3EEEAFCE6B19C9AB3F6AE71A6FC99B11
CRC32: BA5EA549
Version: 0.2.0.6

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\Program\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 2004-05-12 02:03:00
Date (last access): 2008-07-01 09:59:34
Date (last write): 2004-05-12 02:03:00
Filesize: 744960
Attributes: archive
MD5: ABF5BA518C6A5ED104496FF42D19AD88
CRC32: 5587736E
Version: 0.1.0.3

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 2005-11-10 14:03:56
Date (last access): 2008-07-01 09:57:04
Date (last write): 2005-11-10 14:22:10
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 0.5.0.0

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
BHO name:
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program\Delade filer\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 2006-08-31 21:33:06
Date (last access): 2008-07-01 09:55:54
Date (last write): 2006-08-31 21:33:06
Filesize: 322368
Attributes: archive
MD5: E43F7CFDEE2B00A22C96C168147B20D3
CRC32: 2AEACC43
Version: 0.4.0.100

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
BHO name:
CLSID name: Windows Live Toolbar Helper
Path: C:\Program\Windows Live Toolbar\
Long name: msntb.dll
Short name:
Date (created): 2007-10-19 12:20:48
Date (last access): 2008-07-01 09:59:50
Date (last write): 2007-10-19 12:20:48
Filesize: 546320
Attributes: archive
MD5: CEE1BE1DA21300208D07FBEAE9EA2B51
CRC32: 12446524
Version: 0.3.0.1



--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

ppctlcab (ppctlcab)
DPF name: ppctlcab
CLSID name:

{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool)
DPF name:
CLSID name: Office Genuine Advantage Validation Tool
Path: C:\WINDOWS\system32\
Long name: OGACheckControl.DLL
Short name: OGACHE~1.DLL
Date (created): 2006-10-13 12:30:10
Date (last access): 2008-07-01 10:18:16
Date (last write): 2007-03-05 14:34:28
Filesize: 676224
Attributes: archive
MD5: B221B218126BC9409257F39837BAB90C
CRC32: 60F920AA
Version: 0.1.0.6

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 2008-04-18 13:36:02
Date (last access): 2008-07-01 10:18:44
Date (last write): 2008-03-19 19:36:22
Filesize: 202168
Attributes: archive
MD5: 284259B6EB9901B8978B78AFC5514627
CRC32: 6C37B749
Version: 0.11.0.0

{5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module)
DPF name:
CLSID name: Windows Live Safety Center Base Module
Path: C:\WINDOWS\Downloaded Program Files\
Long name: wlscBase.dll
Short name:
Date (created): 2008-06-24 08:05:12
Date (last access): 2008-06-24 08:05:12
Date (last write): 2008-06-24 08:05:12
Filesize: 455744
Attributes: archive
MD5: 17536C890DF63AB4644EB111C28128F5
CRC32: 0E5EC3BB
Version: 0.1.0.8

{5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control)
DPF name:
CLSID name: Facebook Photo Uploader Control
Path: C:\WINDOWS\Downloaded Program Files\
Long name: FacebookPhotoUploader.ocx
Short name: FACEBO~1.OCX
Date (created): 2005-11-03 20:17:36
Date (last access): 2008-07-01 10:08:06
Date (last write): 2005-11-03 20:17:36
Filesize: 1935120
Attributes: archive
MD5: 5A39F109CB87893FD683F49699BCE2B4
CRC32: 729D4EBC
Version: 0.3.0.5

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 2003-05-29 16:00:20
Date (last access): 2008-07-01 10:08:06
Date (last write): 2003-05-29 16:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 0.7.0.1

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 2008-03-25 04:32:42
Date (last access): 2008-07-01 10:20:00
Date (last write): 2008-03-25 04:32:42
Filesize: 2991488
Attributes: archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 0.9.0.0



--- Process list ---
Spybot - Search && Destroy process list report, 2008-07-08 21:23:51

PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 192 (1660) C:\Program\Windows Desktop Search\WindowsSearchFilter.exe
PID: 196 (1756) C:\WINDOWS\system32\ctfmon.exe
PID: 204 (1756) C:\Program\Messenger\msmsgs.exe
PID: 216 ( 916) C:\Program\Norman\npf\bin\npfuser.exe
PID: 228 (2320) C:\Program\Norman\Nvc\Bin\cclaw.exe
PID: 424 ( 640) C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PID: 440 ( 640) C:\Program\Bonjour\mDNSResponder.exe
PID: 504 ( 4) \SystemRoot\System32\smss.exe
PID: 572 ( 504) \??\C:\WINDOWS\system32\csrss.exe
PID: 596 ( 504) \??\C:\WINDOWS\system32\winlogon.exe
PID: 640 ( 596) C:\WINDOWS\system32\services.exe
PID: 652 ( 596) C:\WINDOWS\system32\lsass.exe
PID: 700 (1756) C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe
PID: 760 ( 640) C:\WINDOWS\system32\svchost.exe
PID: 800 ( 640) C:\Program\Norman\Npm\Bin\Elogsvc.exe
PID: 812 ( 640) C:\Program\Norman\Ngs\bin\NPROSEC.EXE
PID: 888 ( 640) C:\WINDOWS\system32\svchost.exe
PID: 956 ( 640) C:\WINDOWS\system32\svchost.exe
PID: 1032 ( 640) C:\WINDOWS\System32\svchost.exe
PID: 1064 (1756) C:\Program\Personal\bin\Personal.exe
PID: 1100 ( 640) C:\Program\Norman\Npm\Bin\Zanda.exe
PID: 1120 ( 640) C:\Program\Norman\npm\bin\nvoy.exe
PID: 1188 (1660) C:\Program\Windows Desktop Search\WindowsSearchFilter.exe
PID: 1192 ( 640) C:\WINDOWS\System32\svchost.exe
PID: 1256 ( 640) C:\WINDOWS\System32\svchost.exe
PID: 1268 ( 640) C:\Program\Norman\npf\bin\npfsvc32.exe
PID: 1304 (1756) C:\Program\Windows Desktop Search\WindowsSearch.exe
PID: 1484 ( 640) C:\WINDOWS\system32\spoolsv.exe
PID: 1564 ( 888) C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
PID: 1660 ( 888) C:\Program\Windows Desktop Search\WindowsSearchIndexer.exe
PID: 1756 (1688) C:\WINDOWS\Explorer.EXE
PID: 1916 ( 640) C:\Program\Norman\Npm\bin\NVCSCHED.EXE
PID: 1932 ( 640) C:\Program\Norman\Npm\bin\NJEEVES.EXE
PID: 1956 (1756) C:\Program\Delade filer\Real\Update_OB\realsched.exe
PID: 1992 (1756) C:\Program\iTunes\iTunesHelper.exe
PID: 2032 ( 640) C:\Program\Norman\npc\bin\npcsvc32.exe
PID: 2036 (1756) C:\Program\Norman\Npm\Bin\ZLH.EXE
PID: 2104 ( 640) C:\Program\iPod\bin\iPodService.exe
PID: 2492 ( 640) C:\WINDOWS\System32\alg.exe
PID: 2524 (1756) C:\Program\Microsoft Office\Office10\EXCEL.EXE
PID: 2560 ( 640) C:\Program\Norman\npc\bin\nuaa.exe
PID: 2700 ( 640) C:\Program\Norman\nse\bin\NSESVC.EXE
PID: 3056 ( 640) C:\Program\Norman\Nvc\bin\nvcoas.exe
PID: 3252 (2036) C:\Program\Norman\Nvc\Bin\Nip.exe
PID: 3680 (1756) C:\Program\Spybot - Search & Destroy\SpybotSD.exe
PID: 4060 (1756) C:\Program\Internet Explorer\iexplore.exe


--- Browser start & search pages list ---
Spybot - Search && Destroy browser pages report, 2008-07-08 21:23:51

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: NLF over [MSAFD Tcpip [TCP/IP]]
GUID: {B8EDD80C-C7BA-405D-ACD5-189E648724C8}
Filename: C:\Program\Norman\npc\bin\nlf.dll

Protocol 1: NLF over [MSAFD Tcpip [UDP/IP]]
GUID: {98DFB492-BA95-4E76-A9C5-60186EF3CD91}
Filename: C:\Program\Norman\npc\bin\nlf.dll

Protocol 2: NLF over [MSAFD Tcpip [RAW/IP]]
GUID: {4B6EF903-1AB0-4A47-84BA-3E1034BED286}
Filename: C:\Program\Norman\npc\bin\nlf.dll

Protocol 3: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 4: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 5: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 6: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 7: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B71C9178-D011-40D8-968D-8CA1ED89F9BE}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B71C9178-D011-40D8-968D-8CA1ED89F9BE}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{449D0066-13AA-42DF-BDC0-4CB27FCA7399}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{449D0066-13AA-42DF-BDC0-4CB27FCA7399}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D326444B-BF9D-4F51-AFBB-4BDE73E1003D}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D326444B-BF9D-4F51-AFBB-4BDE73E1003D}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9AFD314D-D332-460A-9D29-92F8A966C44C}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9AFD314D-D332-460A-9D29-92F8A966C44C}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4E8A109D-561E-4EA7-947A-5C6317CD2F31}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4E8A109D-561E-4EA7-947A-5C6317CD2F31}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: NLF
GUID: {0AA8A6F0-4E44-4C09-8BEC-C981447D5549}
Filename: C:\Program\Norman\npc\bin\nlf.dll

Namespace Provider 0: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program\Bonjour\mdnsNSP.dll

Namespace Provider 1: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 2: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 3: Namnområde för NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
 
bevdye1962 said:
..loop is now actually preceded by a Logon Message, "The system could not log you on. Make sure your User name and domain are correct, then type password again. Letters in passwords must be typed using the correct case." After this, I go to the logon/logoff loop.

---------
This is an update on my secondary Logon Message issue. It was resolved after doing chdsk and fixboot from c:\ prompt through recovery console with a Dell OEM reinstallation disk, then following the procedure at http://www.2pure.net/index.php?session=0&action=read&click=open&article=1150238652. I followed the steps at that link three times, and the third time I am back to the original logon/logoff loop that this thread is intended to address.


I'm still stuck in the logon/logoff loop, even when restoring to a date 2 weeks prior to the Spybot v1.5.2 update, so I am still researching with everyone else. Just wanted to update for someone else's sake who may run into the second Logon Message issue.

bevdye1962
Click to expand...
 
Mopeyone said:
I'm back up and running - got in using Spybot's "Method #2" solution when Fix-It Utilities didn't work for me. It is only by a miracle that I think I succeeded. I am not technically minded at all, and just entered commands on faith then hit reboot with fingers crossed. I wish everyone else still dealing with this issue much much luck. I totally wasted my entire 4-day holiday weekend dealing with this fiasco, and am still working on my system to be sure I have no permanent problems.

This whole mess is a prime example of the abysmal failure of the computer technology sector's ability to communicate with the masses with clear cut instructions and user-friendly "safe" technology. Computers are here to stay that is a given. But when you have college-educated users who are unable to understand even the most "basic" of commands, there is a problem with communication. A HUGE problem.

With most technology, you don't have to understand it to use it. I drive a car. I put gas in it, keep it tuned and serviced, I learn the rules of the road and I drive. Technology and models change, but overall a car is a car. Relatively simple. Almost everyone on the planet can drive one.

I own a computer. I have to have several operating systems to run it safely and efficiently, based on my individual or corporate needs. Each operating system has its own methodology. Change one system, must change some of the other system, but maybe not all. Average user guesses wrong on one step of an update, something major goes wrong, and out comes the techno-language that baffles almost everyone on the planet.

Computer technology is changing so quickly most of us cannot keep up - even if we understood what we're trying to keep up with. But most of us have other jobs that keep the planet running - important jobs like police officer, fireman, college professor... We don't have time to learn to function in a whole second industry. Sometimes we don't even know what questions to ask in order to get help. And therein lies the rub, my fellow discontented ones - those fellow humans who do learn this stuff for a living cannot communicate with those of us who don't!

I've learned more about computer operting systems in the last 6 days than I ever thought I'd learn - and feel I know absolutely nothing still!!! I've read multiple discussion threads on multiple websites, from post one to pages ad nauseum, and what I see are two distinct sides: Those who profess to know what they are doing - and those of us just struggling to keep up. The problem is, a lot of the time those who should know don't - but won't admit to it - and those of us struggling along feel grabbed by the short hairs (to put it as mildly as I can).

Face it: Computer technology is not like other technology because of three major issues: It involves technology evolving so quickly most can't keep up; it involves a major amount of trust in strangers who profess that they will keep us safe; and it involves connection to the internet where anyone in the world can maliciously invade our technology any time they want. It's the end of the world....

Spybot Tech Team: Re-read all the boards on this problem. You have a major trust issue with your product now that may not be surmountable - especially since you have just released another version of your spyware that is already having installation issues. Terminator says, "hopefully" this (current) problem will be sorted out by the new release. Not holding my breath. PepiMK, in many posts you've accused us public users of "deciding to ignore both this message and the two updates available," and "(ending updates to 1.3) ...will lead to these people having no protection at all. I'm not sure if this indeed is better than having to take extra care with the scan results." Well, right now, having no protection at all sounds a whole lot better than installing a program designed to help us but that actually helps to bring us down. Not a good way to regain broken trust...

Computer techs across the world: PLEASE find some way to speak in easy to understand, regular everyday people language! And please do not offer solutions until you are absolutely sure they will work for us mere mortals. Your updates obviously weren't obvious, or most of us would have updated! My husband ran spybot daily, and repeatedly has gone to the internet to access updates. Why didn't the system update automatically, not just the definitions? When Adaware updated their operating version, it was boldly announced on startup and directions for finding and downloading the most up-to-date version were clearly given. You can't hide something, and expect everyone to find it. And all this stuff about having to decide if each scan result was valid or not. Ummmm... isn't spybot designed to find bad stuff for us to remove from our computers before it causes damage? Why should I - like most, a non-technology oriented user - have to decide if Spybot is telling the truth or not?? Oh, see there... back to that trust issue again.

I will not be reinstalling any version of Spybot on my computer. It is obviously too difficult for stupid little me to use. You might have retained me as a user if the tech team had been able to show a little more organization in their response to this crisis, and compassion toward their wounded users. But turning this issue back on us and telling us it was our fault is too much. Faith gone.

One last question that I hope I can get a straightforward, understandable answer to: Since I used Method #2 to get back into my system, is hellzlittlespy still there, waiting for me to use my Norton or Adaware program to find, remove, and start me back into that logon loop, or am I good to go? Please, give me one last simple answer I can trust.
Click to expand...

My feelings exactly...posted by someone with a greater command of the language...thank you!!:bigthumb:
 
Comments
Old
userinit
I have used method 2 numerous times with success, I don't know what walkere problem is, but maybe a basic computer course would be a good place to start.
Thank you
Posted Yesterday at 17:46 by turbobooster turbobooster is offline




To check out the "Walkere" problem just look at;

http://forums.spybot.info/showpost.p...&postcount=102
http://forums.spybot.info/search.php?searchid=1243611

Turboboostere.......pourquoi descendez cette route?....I hope you are smiling and have a nice beret on....but you are................très, très drôle Monsieur Turboboostere!!



I think I have been disrespected by Inspector Turboostere on the blog...maybe he should read all the threads in this site? He says he doesn't know what "Walkere problem is".........:funny:
 
Last edited:
You must log in or register to reply here.
Back
Top