Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Another Google takeover


  • Please log in to reply

#1
nitooz007

nitooz007

    New Member

  • Member
  • Pip
  • 2 posts
Hi,

I seem to have fallen foul of the 'bediddle' hijack of Google. I've run Trend Micro HijackThis, and my log follows. I should also tell you that I'm not the most technically literate person in the world, so any plain advice would be appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:39:43, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Imation\ImationFlashDetect.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\3 Mobile\3 MobileBroadband\3 MobileBroadband.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ancestry....au/Default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
R3 - URLSearchHook: (no name) - {41731c8f-e1ea-4e8c-b74e-82c0ec784e12} - (no file)
O2 - BHO: IGMONObj Class - {02464DDC-3187-11D8-8004-0020ED227566} - C:\Program Files\iGetter\Integration\IGMON.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {41731c8f-e1ea-4e8c-b74e-82c0ec784e12} - (no file)
O2 - BHO: NSRank Class - {5C1A5300-270E-4106-B406-D8521A8709E0} - C:\WINDOWS\system32\NSTraf.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: (no name) - {41731c8f-e1ea-4e8c-b74e-82c0ec784e12} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HuaWeiEVDO.exe] "C:\Program Files\3 Mobile\3 MobileBroadband\3 MobileBroadband.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: ImationFlashDetect.lnk = C:\Program Files\Imation\ImationFlashDetect.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download all with iGetter - C:\Program Files\iGetter\Integration\igetall.html
O8 - Extra context menu item: Download with iGetter - C:\Program Files\iGetter\Integration\iget.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcaf...22/ComCtl32.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritag...EngineQuery.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1154866339843
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,26/mcgdmgr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B845405-B3EB-4388-A35F-4E0046D595A4}: NameServer = 202.124.68.170 202.124.68.130
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 14323 bytes


Edited to add:

OK, I hope I haven't jumped the gun somewhat, but after reading a similar thread I've just run ATF Cleaner and OTScanIt. My OTScanIt log is attached. If I need to take further steps, I'd appreciate your help.

[code=auto:0]OTScanIt2 logfile created on: 12/12/2008 01:11:16 - Run 1
OTScanIt2 by OldTimer - Version 1.0.3.0 Folder = C:\Documents and Settings\name\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.37 Mb Total Physical Memory | 486.06 Mb Available Physical Memory | 47.54% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.56% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.60 Gb Total Space | 1.26 Gb Free Space | 1.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DELL
Current User Name: name
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/09/05 23:26:28 | 00,116,040 | ---- | M] (Apple Inc.)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2006/02/16 02:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2006/02/16 02:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2005/08/12 17:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.)
cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2005/08/12 17:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.)
dap.exe -> %ProgramFiles%\DAP\DAP.exe -> [2008/07/14 23:43:30 | 02,864,128 | ---- | M] (Speedbit Ltd.)
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 05:06:00 | 00,024,576 | ---- | M] (BVRP Software)
dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [2005/01/27 04:02:00 | 00,086,016 | ---- | M] ()
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> [2005/12/28 14:52:32 | 00,397,381 | ---- | M] (Intel Corporation)
dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> [2005/12/09 23:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2005/12/28 14:45:02 | 00,114,753 | ---- | M] (Intel Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/08/23 16:56:15 | 00,635,848 | ---- | M] (Microsoft Corporation)
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> [2005/12/28 14:56:16 | 00,602,182 | ---- | M] (Intel Corporation)
imationflashdetect.exe -> %ProgramFiles%\Imation\ImationFlashDetect.exe -> [2008/06/12 21:32:06 | 00,806,912 | ---- | M] ()
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/09/09 00:02:00 | 00,536,872 | ---- | M] (Apple Inc.)
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> [2004/07/27 19:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2008/09/09 00:02:08 | 00,289,576 | ---- | M] (Apple Inc.)
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> [2008/06/10 05:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
logitechdesktopmessenger.exe -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/11/23 21:10:44 | 00,067,128 | ---- | M] (Logitech Inc.)
mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 02:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
mpapi3s.exe -> %CommonProgramFiles%\Nokia\MPAPI\MPAPI3s.exe -> [2008/05/22 16:05:06 | 00,474,624 | ---- | M] (Nokia Corporation)
msnmsgr.exe -> %ProgramFiles%\MSN Messenger\msnmsgr.exe -> [2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
nclrssrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclRSSrv.exe -> [2008/08/05 15:10:58 | 00,120,320 | ---- | M] ()
nclusbsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclUSBSrv.exe -> [2008/08/05 15:11:04 | 00,130,560 | ---- | M] ()
nicconfigsvc.exe -> %ProgramFiles%\Dell\QuickSet\NicConfigSvc.exe -> [2006/04/06 17:57:54 | 00,380,928 | ---- | M] (Dell Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/12/09 22:12:16 | 00,477,184 | ---- | M] (OldTimer Tools)
pcsuite.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 7\PCSuite.exe -> [2008/08/11 09:31:54 | 01,124,352 | ---- | M] (Nokia)
pcsync2.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 7\PcSync2.exe -> [2008/06/17 17:00:34 | 01,249,280 | ---- | M] (Time Information Services Ltd.)
qttask.exe -> %ProgramFiles%\QuickTime\QTTask.exe -> [2008/09/06 16:09:14 | 00,413,696 | ---- | M] (Apple Inc.)
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [2006/04/06 17:58:52 | 01,032,192 | ---- | M] (Dell Inc)
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> [2008/05/29 20:35:10 | 00,185,896 | ---- | M] (RealNetworks, Inc.)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2005/12/28 14:44:24 | 00,217,164 | ---- | M] (Intel Corporation)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2005/12/28 14:47:10 | 00,540,745 | ---- | M] (Intel Corporation )
searchindexer.exe -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 23:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation)
servicelayer.exe -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> [2008/08/07 12:17:30 | 00,575,488 | ---- | M] (Nokia.)
spuvolumewatcher.exe -> %ProgramFiles%\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe -> [2006/06/27 18:31:50 | 00,229,376 | ---- | M] (Sony Corporation)
sqlmangr.exe -> %ProgramFiles%\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe -> [2005/05/04 01:07:32 | 00,081,920 | ---- | M] (Microsoft Corporation)
sqlservr.exe -> %ProgramFiles%\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -> [2008/05/25 18:44:16 | 09,154,560 | ---- | M] (Microsoft Corporation)
stsystra.exe -> %SystemRoot%\stsystra.exe -> [2006/03/24 19:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2006/03/08 14:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.)
tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> [2004/12/06 04:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
videoaccelerator.exe -> %ProgramFiles%\SpeedBit Video Accelerator\VideoAccelerator.exe -> [2008/07/15 00:36:00 | 02,729,584 | ---- | M] (Speedbit Ltd.)
videoacceleratorengine.exe -> %ProgramFiles%\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe -> [2008/07/15 00:36:00 | 00,153,208 | ---- | M] (Speedbit Ltd.)
videoacceleratorservice.exe -> %ProgramFiles%\SpeedBit Video Accelerator\VideoAcceleratorService.exe -> [2008/07/15 00:36:00 | 00,280,184 | ---- | M] (Speedbit Ltd.)
windowssearch.exe -> %ProgramFiles%\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 23:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation)
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> [2005/12/28 15:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation)
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/04/14 11:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation)
wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
wmpnscfg.exe -> %ProgramFiles%\Windows Media Player\wmpnscfg.exe -> [2006/10/18 21:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation)
wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> [2005/12/28 14:55:40 | 00,667,718 | ---- | M] (Intel Corporation)

[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/09/05 23:26:28 | 00,116,040 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 02:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2006/02/16 02:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 02:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2005/12/28 14:45:02 | 00,114,753 | ---- | M] (Intel Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2007/10/09 13:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2007/01/26 20:28:23 | 00,138,168 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/14 11:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2007/10/11 10:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/09/09 00:02:00 | 00,536,872 | ---- | M] (Apple Inc.)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 02:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(MSSQL$MICROSOFTSMLBIZ) MSSQL$MICROSOFTSMLBIZ [Win32_Own | Auto | Running] -> %ProgramFiles%\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -> [2008/05/25 18:44:16 | 09,154,560 | ---- | M] (Microsoft Corporation)
(MSSQLServerADHelper) MSSQLServerADHelper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -> [2005/05/04 01:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2007/10/11 10:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation)
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\QuickSet\NicConfigSvc.exe -> [2006/04/06 17:57:54 | 00,380,928 | ---- | M] (Dell Inc.)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 15:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2005/12/28 14:44:24 | 00,217,164 | ---- | M] (Intel Corporation)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2005/12/28 14:47:10 | 00,540,745 | ---- | M] (Intel Corporation )
(ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Running] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> [2008/08/07 12:17:30 | 00,575,488 | ---- | M] (Nokia.)
(SQLAgent$MICROSOFTSMLBIZ) SQLAgent$MICROSOFTSMLBIZ [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -> [2005/05/04 00:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
(VideoAcceleratorService) VideoAcceleratorService [Win32_Own | Auto | Running] -> %ProgramFiles%\SpeedBit Video Accelerator\VideoAcceleratorService.exe -> [2008/07/15 00:36:00 | 00,280,184 | ---- | M] (Speedbit Ltd.)
(WLANKEEPER) Intel(R) PROSet/Wireless SSO Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> [2005/12/28 15:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(WSearch) Windows Search [Win32_Own | Auto | Running] -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 23:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation)
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\WudfSvc.dll -> [2006/09/16 00:30:16 | 00,055,296 | ---- | M] (Microsoft Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" -> www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> ->
HKEY_LOCAL_MACHINE\: Search\\"Start Page" -> www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.ancestry.com.au/Default.aspx ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s ->
HKEY_CURRENT_USER\: URLSearchHooks\\"{41731c8f-e1ea-4e8c-b74e-82c0ec784e12}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\name\Application Data\Mozilla\FireFox\Profiles\m6g7sc5p.default\prefs.js ->
< HOSTS File > (728 bytes and 20 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02464DDC-3187-11D8-8004-0020ED227566} [HKLM] -> %ProgramFiles%\iGetter\Integration\IGMON.dll [IGMONObj Class] -> [2007/10/18 22:17:02 | 00,159,744 | ---- | M] (Presenta Ltd.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> File not found
{41731c8f-e1ea-4e8c-b74e-82c0ec784e12} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{5C1A5300-270E-4106-B406-D8521A8709E0} [HKLM] -> %SystemRoot%\system32\NSTraf.dll [NSRank Class] -> [2007/09/28 20:12:33 | 00,135,168 | ---- | M] (NextSecurity.NET)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2004/12/06 04:05:00 | 00,118,842 | ---- | M] (Sonic Solutions)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 05:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2006/08/31 20:33:06 | 00,322,368 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [Google Toolbar Helper] -> [2007/01/19 23:55:32 | 02,403,392 | R--- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> [2007/07/19 14:13:40 | 00,325,048 | ---- | M] (Google Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> %ProgramFiles%\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/06/16 07:34:02 | 00,094,208 | ---- | M] (Dell Inc.)
{E3578B37-6346-4EC1-A82B-38273A100DCF} [HKLM] -> %ProgramFiles%\Trend Micro\TrendProtect\MSIE\WRS.dll [BhoMisc Class] -> [2007/09/07 16:29:24 | 00,566,536 | ---- | M] (Trend Micro Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> [2007/01/19 23:55:32 | 02,403,392 | R--- | M] (Google Inc.)
"{41731c8f-e1ea-4e8c-b74e-82c0ec784e12}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
"{F83BE649-1CC3-48EE-B2E2-0826CEF3822A}" [HKLM] -> %ProgramFiles%\Trend Micro\TrendProtect\MSIE\WRS.dll [TrendProtect] -> [2007/09/07 16:29:24 | 00,566,536 | ---- | M] (Trend Micro Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> [2007/01/19 23:55:32 | 02,403,392 | R--- | M] (Google Inc.)
WebBrowser\\"{6AE02E1C-8859-4F57-9097-5A55A56A4CAF}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ATICCC" -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe ["C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay] -> [2005/08/12 17:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.)
"Dell QuickSet" -> %ProgramFiles%\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2006/04/06 17:58:52 | 01,032,192 | ---- | M] (Dell Inc)
"dla" -> %SystemRoot%\system32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> [2004/12/06 04:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
"DMXLauncher" -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe [C:\Program Files\Dell\Media Experience\DMXLauncher.exe] -> [2005/01/27 04:02:00 | 00,086,016 | ---- | M] ()
"DownloadAccelerator" -> ["C:\Program Files\DAP\DAP.EXE" /STARTUP] -> File not found
"DVDLauncher" -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe ["C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"] -> [2005/12/09 23:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.)
"IMJPMIG8.1" -> %SystemRoot%\ime\imjp8_1\imjpmig.exe ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2004/08/04 08:00:00 | 00,208,952 | ---- | M] (Microsoft Corporation)
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2005/12/28 14:56:16 | 00,602,182 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2005/12/28 14:55:40 | 00,667,718 | ---- | M] (Intel Corporation)
"ISUSPM Startup" -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2004/07/27 19:50:42 | 00,221,184 | ---- | M] (InstallShield Software Corporation)
"ISUSScheduler" -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2004/07/27 19:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/09/09 00:02:08 | 00,289,576 | ---- | M] (Apple Inc.)
"Media Codec Update Service" -> %ProgramFiles%\Essentials Codec Pack\update.exe [C:\Program Files\Essentials Codec Pack\update.exe -silent] -> [2007/04/09 03:44:40 | 00,303,104 | ---- | M] (MediaCodec.Org)
"MSPY2002" -> [C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC] -> File not found
"PHIME2002A" -> %SystemRoot%\system32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] -> [2004/08/04 08:00:00 | 00,455,168 | ---- | M] (Microsoft Corporation)
"PHIME2002ASync" -> [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] -> File not found
"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2008/09/06 16:09:14 | 00,413,696 | ---- | M] (Apple Inc.)
"SigmatelSysTrayApp" -> %SystemRoot%\stsystra.exe [stsystra.exe] -> [2006/03/24 19:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"SpeedBitVideoAccelerator" -> %ProgramFiles%\SpeedBit Video Accelerator\VideoAccelerator.exe ["C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"] -> [2008/07/15 00:36:00 | 02,729,584 | ---- | M] (Speedbit Ltd.)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> [2008/06/10 05:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2006/03/08 14:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.)
"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2008/05/29 20:35:10 | 00,185,896 | ---- | M] (RealNetworks, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"HuaWeiEVDO.exe" -> %ProgramFiles%\3 Mobile\3 MobileBroadband\3 MobileBroadband.exe ["C:\Program Files\3 Mobile\3 MobileBroadband\3 MobileBroadband.exe"] -> [2007/06/07 16:40:48 | 00,962,560 | ---- | M] (Huawei Technologies Co., Ltd.)
"MsnMsgr" -> %ProgramFiles%\MSN Messenger\msnmsgr.exe ["C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background] -> [2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
"Nokia.PCSync" -> %ProgramFiles%\Nokia\Nokia PC Suite 7\PcSync2.exe ["C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog] -> [2008/06/17 17:00:34 | 01,249,280 | ---- | M] (Time Information Services Ltd.)
"PC Suite Tray" -> %ProgramFiles%\Nokia\Nokia PC Suite 7\PCSuite.exe ["C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray] -> [2008/08/11 09:31:54 | 01,124,352 | ---- | M] (Nokia)
"WMPNSCFG" -> %ProgramFiles%\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2006/10/18 21:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2008/04/23 04:38:16 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
%AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 05:06:00 | 00,024,576 | ---- | M] (BVRP Software)
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/11/23 21:10:44 | 00,067,128 | ---- | M] (Logitech Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\Service Manager.lnk -> %ProgramFiles%\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe -> [2005/05/04 01:07:32 | 00,081,920 | ---- | M] (Microsoft Corporation)
%AllUsersProfile%\Start Menu\Programs\Startup\Windows Search.lnk -> %ProgramFiles%\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 23:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation)
< name Startup Folder > -> C:\Documents and Settings\name\Start Menu\Programs\Startup ->
%UserProfile%\Start Menu\Programs\Startup\ImationFlashDetect.lnk -> %ProgramFiles%\Imation\ImationFlashDetect.exe -> [2008/06/12 21:32:06 | 00,806,912 | ---- | M] ()
%UserProfile%\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk -> %ProgramFiles%\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe -> [2006/06/27 18:31:50 | 00,229,376 | ---- | M] (Sony Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"NoActiveDesktop" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Clean Traces -> %ProgramFiles%\DAP\Privacy Package\dapcleanerie.htm [C:\Program Files\DAP\Privacy Package\dapcleanerie.htm] -> [2008/07/14 23:43:32 | 00,001,748 | ---- | M] ()
&Download with &DAP -> %ProgramFiles%\DAP\dapextie.htm [C:\Program Files\DAP\dapextie.htm] -> [2008/07/14 23:43:32 | 00,002,020 | ---- | M] ()
Download &all with DAP -> %ProgramFiles%\DAP\dapextie2.htm [C:\Program Files\DAP\dapextie2.htm] -> [2008/07/14 23:43:32 | 00,001,041 | ---- | M] ()
Download all with iGetter -> %ProgramFiles%\iGetter\Integration\igetall.html [C:\Program Files\iGetter\Integration\igetall.html] -> [2007/10/12 22:16:24 | 00,001,503 | ---- | M] ()
Download with iGetter -> %ProgramFiles%\iGetter\Integration\iget.html [C:\Program Files\iGetter\Integration\iget.html] -> [2007/10/12 22:16:32 | 00,002,198 | ---- | M] ()
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2008/08/04 16:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 05:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/14 05:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 11:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 11:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 05:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 15:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 11:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trust

Edited by nitooz007, 11 December 2008 - 08:32 AM.

  • 0

Advertisements


#2
nitooz007

nitooz007

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
--sorry, I didn't realise I couldn't delete this post. Please delete if necessary, thanks.

Edited by nitooz007, 11 December 2008 - 08:25 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP